- OCR is never perfect.
- A partial credit card number or partial SSN wouldn’t match the format, but is still sensitive.
- Perfection is impossible. Demanding it is silly. Loopholes are unavoidable in everything.
- Context can be trained.
Perfection is impossible. Demanding it is silly.
In this case perfection is very easy. It could avoid capturing 100% of credit card info by not taking screenshots of everything.
Demanding perfection for a system as dangerous as recall is not silly.
It’s like keeping an armed nuclear bomb in the center of a city at all times and being like “hey, it’s ok that it’s activation sequence isn’t perfect, it probably won’t go off”.
The solution to make it perfect is to not install the nuke/recall at all.
Even nuclear technology isn’t perfect, yet people are pushing for it in spite of the dangers.
Is the solution to give it up completely?
Please.
If you agree that it will never be perfect at filtering out sensitive information, why support it?
Because malware is already using such methods to steal credentials, so by having something “legitimate” work towards preventing such situations, a countermeasure will eventually be born.
Right now, all kind of applications take screenshots and send data without user’s knowledge. If something like blurring can trigger automatically and modify what is being sent, then the user will have some protection available instead of none.
Perfection is impossible. Demanding it is silly.
- This isn’t even a matter of perfection, this is Recall barely managing to censor the most blatantly sensitive information (see: the article saying “I also created my own HTML page with a web form that said, explicitly, “enter your credit card number below.” The form had fields for Credit card type, number, CVC and expiration date.”)
- Demanding a system protect user data is not silly, it is necessary. And if a given system can’t do that, then it should never be used. Especially considering the fact this is likely going to make its way onto PCs handling extra sensitive data with strict privacy requirements, such as medical data protected by HIPAA.
Context can be trained.
- Maybe Microsoft shouldn’t have released a tool until it had that context then?
If a company releases a half-baked tool that doesn’t do what it advertises, easily fails in simple attempts at identifying sensitive data, and is almost impossible to guarantee data security with, then it should never be used or advertised for any context in which any sensitive data could ever be present.