well of course it does. There is no way for it to know what it is capturing. Best it can do is capture it, and maybe discard it if it manages to detect any sensitive info. Which won’t work every time
Technically, it could be coded to recognize the various formats of strings and blur everything indiscriminately.
that would require knowing the formats of strings. And it requires the text to be text.
What if you had a photo of a handwritten piece of sensitive information?
I don’t understand your meaning. Screenshots of a photo are still screenshots and manipulating text on a photo is already a thing (you can use phone camera to translate text directly from a fixed surface).
I doubt that OCR (optical character recognition) is done on device so it likely being sent to some server for processing.
As a software engineer, in any of our corporate applications when a user hits delete we toggle an archived flag, but the data is still there. So I wouldn’t trust any application to do what it actually says.
There are so many technical barriers for recall to ever be able to not snipe your private data that I wouldn’t go anywhere near the thing.
Edit: Furthermore, what happens when MS inevitably gets hacked again and someone steals all the data it has and then starts using that to commit fraud.
- OCR is never perfect.
- A partial credit card number or partial SSN wouldn’t match the format, but is still sensitive.
- Perfection is impossible. Demanding it is silly. Loopholes are unavoidable in everything.
- Context can be trained.