The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here.
Last week, Microsoft announced a new feature in Windows 11: Recall. This enables users to always find a way back to information they’d previously reviewed by taking screenshots of everything happening on the computer every few seconds. Microsoft’s AI then makes all the information within those screenshots searchable and accessible for three months.
Privacy activists were alarmed by the announcement. The immediate fear was that Microsoft would have access to users’ activity, but CEO Satya Nadella comforted worried customers by claiming data is both encrypted and only stored on the device, without being transmitted anywhere else.
Those assurances didn’t halt criticisms of the feature. Another major concern is that if a hacker gained access to a Windows 11 device, they would be able to go straight to Recall to get a precise history of what a user has been doing. As one critic put it, the feature is akin to a keylogger “baked into Windows.”
The U.K.’s privacy regulator, the Information Commissioner’s Office, is already asking Microsoft about Recall and its promises to ensure user data is safe. “We expect organizations to be transparent with users about how their data is being used and only process personal data to the extent that it is necessary to achieve a specific purpose,” a spokesperson said in a statement.
Other Celebrities Could Face Problems With AI Voice Cloning—Not Just Scarlett Johansson
OpenAI could face a potential lawsuit from actress Scarlett Johansson after she claimed the ChatGPT maker’s Sky chatbot voice sounded eerily similar to her own. OpenAI later pulled the voice. But experts told Forbes this issue could easily affect anyone now technology has made voice cloning easier.
Stories You Have To Read Today
Meanwhile, OpenAI, after dismantling its safety team, has announced an Oversight Board, one that includes a number of directors and executives, including cofounder and CEO Sam Altman. It will make recommendations to the OpenAI board on critical safety and security decisions. Immediate questions are being asked about whether the executives on the oversight team will be effective at improving safety on OpenAI’s tools.
Alongside having their designs pilfered, activewear label Popflex and other fashion retailers are having to deal with a new kind of scammer: deepfakes stealing their marketing videos with models’ faces swapped out. Forbes reports here.
The Internet Archive, which keeps historical website records and screenshots, is under a distributed denial of services (DDos) attack, which is making it difficult for users to access the site.
Most image-based disinformation is now AI-generated, according to a new research report from Google and a number of fact checking organizations. As 404 Media notes, the actual scale of this problem is likely being underplayed.
Winner of the Week
A cryptocurrency owner lost access to his password for a wallet containing $3 million, but hacker Joe Grand came to the rescue, according to Wired. An old flaw in the user’s RoboForm password manager was the key to unlocking the wallet and the funds within.
Loser of the Week
At least three Wyndham hotels across the U.S. have been infected with a malware called pcTattletale, which can take screenshots of booking details, according to TechCrunch. A security flaw in the spyware means that anyone can now also see what pcTattletale is accessing.