Danie van der Merwe

Microsoft's Copilot spills the beans, summarising emails it's not supposed to read

2026-02-19 15:19:11

gadgeteer@hub.netzgemeinde.eu

Microsoft's Copilot spills the beans, summarising emails it's not supposed to read

“The bot couldn't keep its prying eyes away. Microsoft 365 Copilot Chat has been summarising emails labelled “confidential” even when data loss prevention policies were configured to prevent it.”

Given that this is Microsoft, it is difficult to distinguish between this being devious or plain sloppiness. One would have thought with a company the size of Microsoft, neither should be the case. But it was only a year ago that we had that Windows screen recording debacle that had to be withdrawn and re-published.

It is probably just never a good idea to let any AI have raw access to your documents or e-mails. It is better to create a separate area with documents you have vetted, or to manually upload what you want to have processed.

AI is proving to be an incredible way of worming into private document and information repositories where it can just vacuum everything up. As an end user, you have zero control once you've opened that door.

I can see government's funding AI one day, as it is a tremendous way to spy on citizens, or opponents. As much as the USA warns us about China and their AI, I'm just wondering how much of the same behaviour is being perpetrated by the USA itself. Users basically invite AI into their private areas, and then let it scoop everything up. If the country owning the AI company, has warrantless search to data, just think of the possibilities.

We've also heard about AI reorganising user data, and then apologising for deleting it. AI is not infallible, and with zero contextual knowledge, it is also not actually intelligent.

You want to keep AI at an arm's length, and use it with cation, just like any other tool.

See Copilot Chat bug bypasses DLP on 'Confidential' email

: Data Loss Prevention? Yeah, about that...

#technology #AI #Microsoft #privacy

technology AI Microsoft privacy

Microsoft handed encryption keys for customer data to the government

2026-01-30 14:13:21

Danie van der Merwe

gadgeteer@hub.netzgemeinde.eu

Microsoft handed encryption keys for customer data to the government

“The FBI went to Microsoft last year with a warrant, asking them to hand over keys to unlock encrypted data stored on three laptops as part of an investigation into potential fraud involving the COVID unemployment assistance program in Guam — and Microsoft complied.”

Two issues are of concern here:

1. Microsoft does indeed have their own encryption keys to your data. Unlike some companies that do not have encryptions keys at all e.g. Proton, and they will only hand over available metadata (such as IP address, connection times, etc) that they have access to when receiving a valid warrant. Microsoft can be legally compelled as it is now known they have keys to decrypt customer data in their cloud.

2. The legal warrant is only going to be a requirement for accessing US citizen or US corporate data. It is not needed for accessing global citizen data or data stored outside the USA, thanks to the CLOUD and PATRIOT Acts. The same will apply for governments with questionable human rights records (or privacy protection) who may also issue legal warrants to access private data from Microsoft.

I can only imagine both the issues above are part of what is driving the EU to have their own cloud services based in the EU where only they control the encryption keys.

See Microsoft handed the government encryption keys for customer data

Microsoft complied with a warrant to hand over BitLocker recovery keys to the FBI, and privacy advocates are worried.

#technology #privacy #cloud

technology Microsoft privacy cloud

Microsoft patch to Linux kernel is disabled — Maybe this explains the numerous Windows vulnerabilities

2025-01-14 21:08:49

Danie van der Merwe

gadgeteer@hub.netzgemeinde.eu

Microsoft patch to Linux kernel is disabled — Maybe this explains the numerous Windows vulnerabilities

Intel and AMD engineers have stepped in at the eleventh to deal with a code contribution from a Microsoft developer that could have broken Linux 6.13 on some systems. So this patch never went live.

Microsoft is notable for dubious quality control standards regarding releases of its flagship operating system, Windows. That one of its engineers should drop some dodgy code into the Linux kernel is not hugely surprising, and the unfortunate individual is not the first and will not be the last to do so, regardless of their employer.

Yes, it is not just Microsoft which has caused these problems for the Linux kernel, but one has to wonder about the ongoing vulnerabilities that Windows OS has had over its many decades of existence. One could say Windows is a horrifically complex collection of code, but I think the same can be said for Linux too (with patches being submitted by many devs all around the world, and the Linux kernel driving so many different types of hardware, more than Windows itself).

I suppose the difference in expectations comes from the remuneration of the devs. I'd expect that Microsoft pays their devs in hard cash to do their jobs, whilst Linux devs do it mostly for love.

See Microsoft change pulled from Linux over Intel CPU issues

'Let's not do this again please'... days before release date

#technology #Microsoft

technology Microsoft

Microsoft claims its new Windows 11 Xbox popups aren't ads, merely "options you can purchase"

2024-12-31 19:40:52

Danie van der Merwe

gadgeteer@hub.netzgemeinde.eu

Microsoft claims its new Windows 11 Xbox popups aren't ads, merely "options you can purchase"

With Windows 11 slowly receiving more and more ads across its system, people are getting a little tired of seeing new ones pop up. Over the past few days, some users have spotted ad pop-ups advertising the new Call of Duty: Black Ops 6 and the paid Microsoft Defender security app. Fortunately, Microsoft has cleared up this little mess by stating that these aren't ads at all but instead "giving the people the option to purchase" a product. Phew. Well, that clears that up, doesn't it?

This is the very best of PR technobabble. You just know if a company dresses something up like this, that they actually do feel a bit guilty about it. But it's like a lie is to a mistruth. A lot of the problems we have today are because of propaganda being applied by corporates and governments.

So there you go, all those pop-ups on websites, and the things that YouTube interrupts your videos with, are actually just options you can purchase. I feel the Oxford Dictionary word of 2025 may be something along these lines. We just need to invent the word now.

See Microsoft claims its new Windows 11 Xbox popups aren't ads, merely "options you can purchase"

Kinda like ads, but not. Somehow.

#technology #Microsoft #adverts

technology microsoft adverts

Want to keep getting Windows 10 updates next year? No prices yet for consumers

2024-09-10 14:38:16

Danie van der Merwe

gadgeteer@hub.netzgemeinde.eu

Want to keep getting Windows 10 updates next year? No prices yet for consumers

I bought my "new" laptop just before Windows 11 came out, so it only has TPSv1.2 and does not qualify for Windows 11. I'm certainly not going to throw away a perfectly good laptop, but luckily it will run Linux perfectly well still.

That artificially created requirement for Windows 11 is going to catch an awful lot of people, who will be forced to either buy new hardware, or to stick it out without any updates, or transition to a different OS.

But right now, due to power that consumers give to Microsoft, Microsoft gets to call the shots, and whilst these shots score them lost of profits, it's not going to change.

Apart from one laptop, I've migrated all my computers in the house years ago to Linux. They just keep on updating forever, and my gaming, media streaming, documents, etc are all working just fine.

But it is every user's choice where they want to be. Microsoft cannot dictate to us whilst we have options we can choose from. But it is up to us to act on those choices or not. The first and last thing I do every single day, is to check for software updates, so in my own case I suppose change is more excitement than a chore.

See Want to keep getting Windows 10 updates next year? Here's what it will cost

For businesses, a subscription for Windows 10 Extended Security Updates will be shockingly expensive. For educators, the cost is just a few bucks. But what about consumers?

#technology #Microsoft

technology Microsoft

Now Microsoft is bringing Start menu ads to Windows 10, too

2024-08-24 21:53:40

Danie van der Merwe

gadgeteer@hub.netzgemeinde.eu

Now Microsoft is bringing Start menu ads to Windows 10, too

As Windows 11 slowly becomes inundated with ads, people on Windows 10 have been watching on in horror. Unfortunately, it seems that they, too, will begin seeing ads. Someone has spotted Start menu ads making their way onto Windows 10, and they look very similar to the kind that's currently rolling out onto Windows 11.

As spotted by Neowin, This new "feature" was spotted by PhantomOfEarth on X. If that name sounds familiar, it's because PhantomOfEarth has had a long track record of sniffing out features hidden within Beta, Dev, and Canary builds.

So, the good news is Windows 10 users will be enjoying back ported Win 11 Start Menu in the future, and also the ads are still disabled by default, but the bad news is the capability is all built-in. Microsoft probably has no interest at all in home users, but hopefully users will find hacks to keep this disabled (it can be disabled in Win 11, or not?).

See Now Microsoft is bringing Start menu ads to Windows 10, too

Microsoft said it'd add new features to Windows 10, but we hoped they didn't mean this.

#technology #Microsoft #Windows

technology Microsoft Windows

These Microsoft Office security signatures are 'practically worthless': Turns out it's easy to forge documents relying on OOXML

2023-06-13 17:18:11

Danie van der Merwe

gadgeteer@hub.netzgemeinde.eu

Five computer researchers from Ruhr University Bochum in Germany – Simon Rohlmann, Vladislav Mladenov, Christian Mainka, Daniel Hirschberger, and Jörg Schwenk – describe this sorry state of affairs in a paper titled: "Every Signature is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures." They were able to identify five ways to attack vulnerable documents to alter their contents and forge signatures.

The paper is scheduled to be presented at the USENIX Security Symposium in August.

And with Microsoft Office for macOS, document signatures simply weren't validated at all. The researchers found they could add an empty file named sig1.xml to an OOXML package – which consists of multiple zipped files – and the Office for Mac would show a security banner proclaiming that the document was protected by a signature.

"The attacks' impact is alarming: attackers can arbitrarily manipulate the displayed content of a signed document, and victims are unable to detect the tampering," the authors explain in their paper.

Microsoft, they claim, acknowledged the findings and awarded a bug bounty, but "has decided that the vulnerabilities do not require immediate attention." And the researchers say they've not heard from OnlyOffice since October 2022.

See Office Open XML signatures are 'practically worthless'

#technology #Microsoft #security #OOXML

Turns out it's easy to forge documents relying on OOXML

technology Microsoft OOXML security

Windows Subsystem for Linux (WSL) with GUI apps, launches for Windows 10 and 11 users

2022-11-23 20:37:45

Danie van der Merwe

gadgeteer@hub.netzgemeinde.eu

The Windows Subsystem for Linux (WSL), one of the best reasons to run Windows 11, is now available to Windows 10 users, in the latest version and with all its features. WSL dropped its "preview" label with this 1.0 release, and aims to simplify its installation from here on out.

Loewen noted that the "WSL community's requests" drove Microsoft to make the latest, GUI-ready framework version available to Windows 10 users. Now a Store installation is the default, even if you use the command line (PowerShell) to install and update WSL. Now anyone whose system is capable of running WSL has access to graphical apps and (optional) systemd support, and can hopefully spend less time wondering which WSL version they have, what they need, and what the differences are.

See Windows Subsystem for Linux with GUI apps launches for Windows 10

#technology #Windows #Microsoft #Linux #WSL

Only the Store version of WSL will get new features from now on.

technology windows microsoft wsl Linux

Microsoft’s discontinuing SwiftKey keyboard on iOS next week, but it will continue to work unless you uninstall it or get a new device

2022-09-28 22:37:33

Danie van der Merwe

gadgeteer@hub.netzgemeinde.eu

Microsoft confirmed that it’s removing SwiftKey from the Apple App Store and ending support for the iOS version of the keyboard app on October 5th. It will still be available if you’ve already downloaded SwiftKey on your iPhone, so long as you don’t uninstall it yourself.

SwiftKey has been available on iOS since 2014, two years before Microsoft acquired the app. SwiftKey will still remain available and fully supported on Android, and Microsoft continues to roll out regular updates.

SwiftKey is actually a very good keyboard, and probably the reason why Microsoft bought it. I do suspect though also that Apple's very restrictive policies make it very difficult for devs to provide some of the really useful features that are found on Android (just think of the crippled robo caller apps). Although I'm still chiefly iPhone user (was iPhone, bought Android, back to iPhone), I did just buy a budget Android phone this week (just to play a bit with) and no doubt Apple's quality, stability, privacy, and camera are better, but Android has more of the apps I'm missing, and the flexibility, so maybe I'll end up being a two-phone person...

See Microsoft’s discontinuing SwiftKey on iOS next week

#technology #swiftkey #microsoft #iOS

SwiftKey for iOS is officially going away on October 5th.

technology ios swiftkey microsoft

Report says Microsoft will require SSDs for new PCs soon - This should drive more hardware sales

2022-06-09 16:10:51

Danie van der Merwe

gadgeteer@hub.netzgemeinde.eu

Yes I know most new PCs and laptops come with SSD drives, but if you're building a computer at home, or want 3TB or bigger drives for RAID and other storage uses, then SSD is not quite there in terms of price.

This just reminds me a bit of that trusted platform module debacle where Windows 11 won't install on many two year old computers, although it has been shown that it can technically install just fine.

You can sort of see why hardware manufacturers just love Microsoft, because it helps them move hardware sales where end users still have perfectly good hardware to work with. It's no wonder why so many users just hold off getting new version of Windows, because Windows 7 can still work pretty well for most purposes. In the early days you either bought your computer with an OEM version of Windows preinstalled (paid for as part of the purchase) or otherwise you paid very dearly to buy a copy of Windows OS separately.

So you have choices at least: Stay on Windows 10 or move to another OS where you may have a lot more freedom, or you can take the Blue Pill and live in peace...

See Report says Microsoft will require SSDs for new PCs soon, but is it a big deal?

#technology #hardrives #SSD #Microsoft