Graham Sutherland / Polynomial on Nostr: Microsoft Recall is going to make post-breach impact analysis impossible. Right now ...
Microsoft Recall is going to make post-breach impact analysis impossible. Right now IR processes can establish a timeline of data stewardship to identify what information may have been available to an attacker based on the level of access they obtained. It's not trivial work, but IR folks can do it. Once a system with Recall is compromised, all data that has touched that system is potentially compromised too, and the ML indirection makes it near impossible to confidently identify a blast radius.
Published at
2024-05-22 00:42:00Event JSON
{
"id": "f78cde33f38ebf2cefefdccd9f793870a45ea7d8573363a30be6242fc7c1d669",
"pubkey": "72025f2d3f9600cb4f992f4d20f3efc3f0bf6a650e5272ad7a920d716a648c81",
"created_at": 1716338520,
"kind": 1,
"tags": [
[
"proxy",
"https://chaos.social/users/gsuberland/statuses/112481961278439801",
"activitypub"
]
],
"content": "Microsoft Recall is going to make post-breach impact analysis impossible. Right now IR processes can establish a timeline of data stewardship to identify what information may have been available to an attacker based on the level of access they obtained. It's not trivial work, but IR folks can do it. Once a system with Recall is compromised, all data that has touched that system is potentially compromised too, and the ML indirection makes it near impossible to confidently identify a blast radius.",
"sig": "4b113bf8ac65d6c5e3d50bfce94235952cc35e192a984e74c0638936274ead60c21dbc8d7ce0bbceddf41d8984be81345528abf4c6c35ad783ad482f7024486a"
}
