Microsoft Recall got Recalled - ThreatWire
Рет қаралды 17,428
Күн бұрын⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️
@endingwithali →
Twitch: / endingwithali
Twitter: / endingwithali
KZfaq: / @endingwithali
Everywhere else: links.ali.dev
Want to work with Ali? endingwithalicollabs@gmail.com
[❗] Join the Patreon→ / threatwire
0:00 0 - Intro
00:12 1 - PHP is Vulnerable - Again!
01:21 2 - What is Happening with Snowflake?
05:24 3 - Jakoby
06:19 4 - Recall Update
08:04 5 - Outro
LINKS
🔗 Story 1: PHP is Vulnerable - Again!
devco.re/blog/2024/06/06/secu...
www.securityweek.com/php-patc...
🔗 Story 2: What is Happening with Snowflake?
community.snowflake.com/s/que...
techcrunch.com/2024/06/07/sno...
techcrunch.com/2024/05/31/liv...
cloud.google.com/blog/topics/...
www.bleepingcomputer.com/news...
www.theverge.com/2024/6/3/241...
www.securityweek.com/snowflak...
🔗 Story 3: Jakoby
x.com/I_Am_Jakoby/status/1798...
🔗 Story 4: Recall Update
www.windowscentral.com/softwa...
github.com/xaitax/TotalRecall
blogs.windows.com/windowsexpe...
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → www.hak5.org
Shop → hakshop.myshopify.com/
Community → www.hak5.org/community
Subscribe → kzfaq.info...
Support → / threatwire
Contact Us → / hak5
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong.
@monad_tcp 16 күн бұрын
No, Recall should not be a feature of the system, it should be an app you install if you want.
@DamjanDimitrioski 15 күн бұрын
You don't need it, it was advertised as password manager substitute, but the password managers are already good enough. Also takings screenshots of what have you been doing, let's be real, the only thing average users are doing is being in the browser and once per week or month use an USB thumb drive to copy some files, or play some games; the browser already has activities auditing via the history, also we have plugins to record html form submissions and we can list forms sessions or even autocomplete forms from the history of sessions. Other activities a user can do is using office suits software, but there is nothing interesting to record Excel all day :D, and also Excel maybe has history manager to restore points as well ( I am not sure on this one). Overall the recall system is good for employers to spy on employees illegally and bad actors to steal and sell data, and m$ to sell data.
@brandondyck20 16 күн бұрын
You wonder why people stop letting corporations know about these exploits and to just sell them instead. What a discrace Microsoft.
@masudsaleh5155 15 күн бұрын
😅😅
@thebunsenburner 16 күн бұрын
Every new story coming out about Microsoft makes me want to leave Windows more and more.
@rdsii64 16 күн бұрын
I have started looking hard myself too.
@fubu7942 16 күн бұрын
Use Linux 😂. I wouldn’t use Windows if you paid me. It’s great for gaming but that’s about it.
@infinitivez 16 күн бұрын
I already jumped to linux (arch). There's really no excuse for geeks and nerds to stick around on a OS that literally collects data from, and slows down your system.
@hwy9nightkid 16 күн бұрын
if you're still using Windows, I'd seriously wonder why.. I really pity people who cannot leave it because of some dependencies in their workflows.. but anyone working on Windows who can switch SHOULD
@KernalPanics 16 күн бұрын
And you should I use Arch btw.
@thefatmoop 16 күн бұрын
Microsoft recall sure sounds like a tool organizations are going to love and employees cant opt out of
@billynomates7714 16 күн бұрын
Still not good enough from Microsoft - Recall should be an optional INSTALL, not some dormant code baked into the OS waiting to be activated. Or better still, not existing at all.
@Sentrme 16 күн бұрын
This is my fear. MS leaving it actively analyzing data, but not storing. Or is the "opt in" defaulted to Enabled? So it targets non-tech people?! Like everyone currently getting scammed!
@billynomates7714 15 күн бұрын
@@Sentrme The problem is more broad than that even. Even if you have this turned off (and massively assuming that it can't be switched on somehow maliciously), if you're interacting with someone else that is running this, that data is still be harvested by proxy. This whole this is a privacy and security nightmare and it simply shouldn't exist as a thing at all.
@dazztee 16 күн бұрын
Jakoby is a literal GoD, he's soo kool and nice, No One deserves that kind of treatment, i believe an MS employee took credit for Jakobys hard work, he been ripped
@userou-ig1ze 16 күн бұрын
What really happened?
@IamJakoby 16 күн бұрын
I appreciate you brother!
@iblackfeathers 16 күн бұрын
i’m not sure about the recent events but awhile ago, microsoft was mentioned to have tried to ineptly patch a vulnerability which jakoby pointed out to them without giving him credit before. their poor patch did not entirely fix the vulnerability that the exploit was still working with some minor changes. jakoby mentioned this when he was a guest on david bombal’s channel awhile ago. so with the recent events, this back and forth with microsoft has been brewing for some time.
@YTInnovativeSolution 15 күн бұрын
@@IamJakobylong time lurker and fan of your work. You have support from people and places unannounced to your situation. Thanks for all the invaluable education my friend on the other end.
@LeonEdwinsHeart 16 күн бұрын
Thank you! That story about Jakoby is crazy.
@infinitivez 16 күн бұрын
So now it's going to REQUIRE facial recognition. Something a good number of us would never engage with on a Microsoft platform. That sounds keen!
@NoshLambeaux 16 күн бұрын
What... I don't even have a visual input for my desktop. If they want me to use it, they better provide it. Realistically though I'll probably wind up making Linux my daily driver. All this nonsense that Windows comes out with is infuriating. A robust and tenured company should know better.
@NinjaRunningWild 16 күн бұрын
Satya Nadella’s “leadership” has been a complete joke.
@monad_tcp 16 күн бұрын
bring back "sin of sky"
@donamills 16 күн бұрын
I thought my earphones were messing up but then I realized its your hair rubbing up against the mic.
@muhammedikramullah4406 16 күн бұрын
They want to steal, not files, but cognitive maps
@DirtyPlumbus 16 күн бұрын
*F* Microsoft.
@MrCopperhead4711 16 күн бұрын
Friendly, constructive note: it is extremely difficult to read italics when the background is moving behind them.
@Nunya58294 14 күн бұрын
Sounds like a you problem.
@mytechnotalent 15 күн бұрын
Total recall! Cheers Ali!
@Cygerette 16 күн бұрын
Keep up the hard work!! Thank you for continuing ThreatWire News!!!
@kamalnoor5611 16 күн бұрын
Thank you so much for covering the issue with Jakoby, MSFT fucked him and it's really heart breaking to see someone that talented being treated like dirt
@QR5-cyber-exp 16 күн бұрын
Great show. Thanks for
@mattcurcic5585 16 күн бұрын
Awesome show thanks
@mindywashere 16 күн бұрын
just blasted this video all over the internet like I do every week lol
@user-td4pf6rr2t 12 күн бұрын
1:08 The kangi char set? 8:10 Macs are for work(!)
@ca3891 13 күн бұрын
Microsoft is going to hide recall within windows OS. Then tell you it's been turned off when it hasn't.
@Rovsau 14 күн бұрын
That release of Recall should have been an internal Alpha build. Facial recognition isn't foolproof. Encryption offers some protection, but not a lifelong guarantee. Better, yes, but I don't see a fix. That type of data is just too sensitive.
@muddkipp_1 16 күн бұрын
❤ Jakoby
@wild9439 16 күн бұрын
Recall seems like MS's way of harvesting data to train AI. Not surprising, but also NOT wanted or asked for by anyone.
@timballam3675 16 күн бұрын
I'm moving away from MS products and have been for the last few years..... V
@qkb3128 16 күн бұрын
Yes pay him.
@p0indexter624 6 күн бұрын
Hakjive ! gas light alert ! re: thumbnail , "they" would love recall ! who you foolin !
@D15RUP7 16 күн бұрын
Nice vid!, thoughts go out to Jakoby! 😎👍
@S.C.D. 15 күн бұрын
I just saw Steve Ballmer talk on CNBC can't even remember what he was talking about it just seemed like hypocrisy.
@chrism9017 6 күн бұрын
Time to switch my dev platform to Linux. Big learning curve but look! M$ provides WSL to ease my escape. That was nice of them.
@KernalPanics 16 күн бұрын
But but recall is encrypted lol ya and it decrypts when your on your computer.
@samramdebest 16 күн бұрын
I'm a bit confused by the Jakoby story. I got that they didn't get a bug bounty (which is already pretty bad) But I don't fully follow the other thing Microsoft did
@endingwithali 16 күн бұрын
i didnt cover all the details of the story because i wanted to get more eyes on his post, but basically from what i understand, microsoft patched his bugs, as well as other features he used for his work. According to the original post, he was supposed to do a workshop that he had to cancel and refund attendees (8k) as well as other speaking opportunities based on work that relied on these features
@ikelos5137 16 күн бұрын
Apple’s ai features seem to be powered by data collection systems already present such as the spotlight search semantic index. Apple api’s are so much more robust than Microsoft’s for this sort of data collection and lookup, hence recall needing screenshots for similar functionality. Apple shouldn’t have as many issues with sensitive data collection but might still have similar safety/privacy issues to MS if all of the available data (including very sensitive things like apple health) are given to their AI systems without consent or authentication.
@373323 16 күн бұрын
honestly very few people run php on windows, bar as development platform, but yeah, do patch
@carpentb17 15 күн бұрын
Stopped using Microsoft products a looong time ago
@kurt120032002 13 күн бұрын
Let’s be clear here. When I decided to change my upgrade path and move to linux and vm with windows was because of AI spyware, on top of them gatekeeping acces to MY computer, on top of MANDATORY telemetry, and MS thinks that making AI spyware inactive AT THE RELEASE and ready to be activated at any future update, will make me go: "Thanks God everything is fine now and I can safely keep using windows"? 😂😂😂😂
@PhatTony 15 күн бұрын
There is NO WAY I am trusting Microsoft's "opt-in". Not gonna partake. For years I've said I am going over to Linux and I think its actually time that happens. Been a good run, Microsoft, since about 1982 actually. I am going to officially divorce you soon and I know that I am not alone.
@repairstudio4940 16 күн бұрын
Ali those earrings rock 🤘🏻
@DNETREAPER 16 күн бұрын
🎉
@praveen_.t 15 күн бұрын
whatsup with the dimple, so unique :)
@carsonjamesiv2512 16 күн бұрын
👍
@H2VPROEternal 13 күн бұрын
Now time to stop AI from taking over the planet
@rursus8354 16 күн бұрын
Too late Microsoft! I got my little revenge on you by buying an expensive game computer. Windows got the hell out of it, and now it runs some mainstream Linux. I'm not planning on running games on it. Perhaps an AI experiment with image recognition, but no games!
@ScottPlude 16 күн бұрын
What do I think of Apple Intelligence? I own a Graphene phone. You should be able to figure out the rest.
@HorribleEdgar 16 күн бұрын
A.k.a less then a week ago
@4362mont 16 күн бұрын
Microsoft is our own worst enemy...
@docfire007 16 күн бұрын
Apple AI, as long as we have the option to opt out.
@knewdist 16 күн бұрын
Ohh ANSI has 255 characters
@C.J... 16 күн бұрын
❤ DIMPLES! ❤😊😊😊
@cryptoinvestoragency 16 күн бұрын
Are your dimples real or artificially enhanced?
@conceptrat 15 күн бұрын
So the Ticketmaster and other Snowflake customers attacked, it's bad or non-existent security practices/implementation by the people implementing these systems. Unskilled, underpaid and or uninterested developers. More common now with all the higher level firings because hey management things AI will do that job.
@0xC47P1C3 15 күн бұрын
Sucks about Jakoby…
@MeisterJager90 13 күн бұрын
Muck Ficrosoft.
@phantomtec 15 күн бұрын
8:10 🍏: A bit late, but because Apple will rename AI into ‘Apple Intelligence,’ they will revolutionize the total landscape of Artificial Intelligence. And for those fruitful fanboys, it will suffice in line with the revised price tag of their products and in turn, any elitist mentalities that also exist. Peace
@wilgarcia1 16 күн бұрын
💙💙💙💙💙💙💙💙
@chrisorg170 16 күн бұрын
Jesus Bill still blows so hard......so hard in fact I've convinced my leadership to migrate to Linux desktop. Garbage
@NickDoddTV 16 күн бұрын
Wow, intellegent, a great presenter AND beautiful. Triple-threat-wire
@jamess1787 14 күн бұрын
Wen bikini threatwire news 🤔
@BlankHardshell 16 күн бұрын
companies should start ditching Microsoft since 20 years ago. lol I really dont know why ppl are still so stubborn to keep MS as an OS instead of what it is WintendOS
@Scrapyjape 15 күн бұрын
Facial Recognition will be required to review recall?... Lovely so now they will have my Face to put with all the data its scraped from my PC..... If people need AI to use a windows PC they shouldnt have a PC
@MoreBollocks-ui2zs 15 күн бұрын
Wow, mostly professionally presented, only slightly wooden and cringy. Good job on the improvement Ali. 4 or 5 more years of this and it might not be difficult to watch.
@sargismartirosyan9946 16 күн бұрын
Linux > Microsoft windows
@NinjaRunningWild 16 күн бұрын
Not for games or game development sadly.
@sargismartirosyan9946 16 күн бұрын
@@NinjaRunningWild they are just problematic. But possible. 👍
@endingwithali 16 күн бұрын
ITS THE YEAR OF THE LINUX DESKTOP
@sargismartirosyan9946 16 күн бұрын
@@endingwithali HYPERLAND 😁👍
@aracnadei13 16 күн бұрын
@@sargismartirosyan9946 I agree with you, and as a person who used to roll their own flavors of Linux I just can't anymore. Between work and family obligations, my time is so limited already. When I have a moment to decompress and just want to play a game, I don't have it in me to spend hours trying to figure out why this one won't work. It would be great if there were more options, but when it comes to gaming MS has a near monopoly.
@JoeJoeTater 16 күн бұрын
7:25 Can you please explain how an "ethical" security issue differs from an "actual" security issue? It sounds like you're dismissing ethical concerns.
@armandoromero5661 16 күн бұрын
serves you right those who use PHP and other open source on windows facing the internet. For shame
@Adrian-jj4xk 15 күн бұрын
in other words... a sapi that no one should be using anyway, on an OS that hardly anyone uses, with a bug fix that said OS intentionally defeats. slow news day.
@Sentrme 16 күн бұрын
I'm DISGUSTED by Apple! Ego so big ..they ACTUALLY are trying to change the AI acronym, "Apple Intelligence". This is last straw. Selling apple devices.
@johnnyhellfire6 16 күн бұрын
So yall dont believe in chapters on your videos!? So Microsoft are gonna add in data collection of your face with there brand new keylogger, yay
@Jashn20002000 16 күн бұрын
Hackings for children with time and energy, nothing against the white hats but still.
@nessd665 16 күн бұрын
@j00500hall 15 күн бұрын
WTAF i have not heard this news about Jakoby, nothing but love for this guy 🩷
Blueberry Lutein
Рет қаралды 285 М.
Ujjawal4u. 120k Views . 4 hours ago
Рет қаралды 11 МЛН