• ArchRecord@lemm.ee
    link
    fedilink
    English
    arrow-up
    8
    ·
    5 days ago

    Perfection is impossible. Demanding it is silly.

    1. This isn’t even a matter of perfection, this is Recall barely managing to censor the most blatantly sensitive information (see: the article saying “I also created my own HTML page with a web form that said, explicitly, “enter your credit card number below.” The form had fields for Credit card type, number, CVC and expiration date.”)
    2. Demanding a system protect user data is not silly, it is necessary. And if a given system can’t do that, then it should never be used. Especially considering the fact this is likely going to make its way onto PCs handling extra sensitive data with strict privacy requirements, such as medical data protected by HIPAA.

    Context can be trained.

    1. Maybe Microsoft shouldn’t have released a tool until it had that context then?

    If a company releases a half-baked tool that doesn’t do what it advertises, easily fails in simple attempts at identifying sensitive data, and is almost impossible to guarantee data security with, then it should never be used or advertised for any context in which any sensitive data could ever be present.