• In December, an investigation by Tom’s Hardware found that Recall frequently captured sensitive information in its screenshots, including credit card numbers and Social Security numbers — even though its “filter sensitive information” setting was supposed to prevent that from happening.
  • Septimaeus@infosec.pub
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 days ago

    Forgive me for not explaining better. Here are the terms potentially needing explanation.

    • Provisioning is just initial system setup, but usually implies a more regimented or repeatable process.
    • Virtual Machine (VM) snapshots are like a save state in a game, and are often used to reset a virtual machine to a particular known-working condition.
    • Preboot Execution Environment (PXE, aka ‘network boot’) is a network adapter feature that lets you boot a physical machine from a hosted network image rather than the usual installation on locally attached storage. It’s probably tucked away in your BIOS settings, but many computers have the feature since it’s a common requirement in commercial deployments. As with the VM snapshot described above, a PXE image is typically a known-working state that resets on each boot.
    • Non-virtualized means not using hardware virtualization, and I meant specifically not running inside a virtual machine.
    • Local-only means without a network or just not booting from a network-hosted image.
    • Telemetry refers to the data harvesting apparatus. Most software has it. Windows has a lot. Telemetry isn’t necessarily bad but it is easily abused by data-hungry corporations like MS, so disabling it is a precaution.
    • MS = Microsoft
    • OSS = Open Source Software
    • Group policies are administrative settings in Windows that control standards (for stuff like security, power management, licensing, software and file system access, etc.) for user groups on a machine or network. Most users stick with the defaults but you can edit these yourself for a greater degree of control.

    Many of these concepts are IT-related, as are the use-cases I had in mind, but the software is simple to use if you pick one of the premade playbooks. (The AtlasOS playbook is popular among gamers, for example.)