data exposure Archives

Winsage

May 2, 2025

Windows Recall Is Back (but Should You Use It?)

Windows Recall, an AI-driven feature by Microsoft, was initially launched in July but withdrawn due to security and privacy concerns. It has since returned with modifications aimed at improving user experience, although concerns about its functionality persist. Recall captures and analyzes screenshots of user activities to aid in retrieving past documents or messages. Users must have a Copilot+ PC to access Recall, which is not activated by default. Security enhancements include encrypted data storage and mandatory Windows Hello authentication for access. However, issues remain, such as potential access via a computer PIN, inconsistent filtering of sensitive data, and the risk of data being captured from shared devices. Users can exempt specific sites and apps from being captured, but the process is cumbersome.

Tech Optimizer

April 2, 2025

Shield up to 5 devices from the evil internet with McAfee Total Protection

McAfee Total Protection offers a two-year subscription for less than , covering up to five Apple devices, significantly reduced from the regular price of 9. The subscription includes AI-powered antivirus protection, a virtual private network, web protection, identity theft protection, and personalized safety education. It also features a password manager, personal data exposure protection, and credit monitoring. This limited-time offer allows stacking of codes for up to ten years of coverage, but the software can only be added to a maximum of five devices at once.

Tech Optimizer

March 31, 2025

Add an extra layer of protection to your devices with this all-in-one security solution

McAfee is offering a two-year subscription to its Total Protection service for a reduced price of .99, down from 9.98. This service secures up to five devices, including Windows, Mac, Android, and iOS. Key features include AI-powered antivirus protection, a VPN for private browsing, web protection against harmful sites, identity theft protection, personalized security education, a password manager, personal data exposure protection, and credit monitoring services.

Winsage

November 28, 2024

Microsoft Releases Recall in Windows Insider Preview

Microsoft has released a first-look preview of its revamped Windows Recall feature for Windows Insiders via the Dev Channel, specifically for users with Qualcomm Snapdragon X Elite and Plus Copilot+ PCs, through Windows 11 Insider Preview Build 26120.2415 (KB5046723). Recall allows users to take "snapshots" of their PC activities, retrieving application actions, websites visited, or documents accessed. It uses optical character recognition (OCR) to extract text from screenshots, storing images and text in a searchable database. Recall includes a built-in neural processing unit for local AI and machine learning tasks, ensuring user data is not stored in the cloud. To enhance privacy and security, users must opt in to save snapshots, and the system requires BitLocker disk encryption, Secure Boot, and Windows Hello for reauthentication. Users can delete snapshots and opt out of using Recall for specific applications. IT administrators will manage Recall for enterprise and educational users. The preview allows users to provide feedback on Recall and its security framework through the Feedback Hub and Windows Insider Preview Bug Bounty Program. Microsoft has not announced a timeline for the general release of Recall.

Tech Optimizer

November 12, 2024

Norton vs McAfee: Compare Antivirus Software 2025

eSecurity Planet maintains editorial independence and may earn revenue through affiliate links. Norton 360 and McAfee Total Protection are security solutions focused on antivirus capabilities, with Norton offering robust customer support and McAfee excelling in privacy and data monitoring. Norton 360 pricing starts at .99 for a single device, while McAfee Total Protection also starts at .99 for a single device. Norton offers various plans: - Norton Antivirus Plus: .99 (1 device) - Norton 360 Standard: .99 (1 device) - Norton 360 Deluxe: .99 (5 devices) - Norton 360 with LifeLock: .99 (10 devices) McAfee offers: - McAfee Basic: .99 (1 device) - McAfee Essential: .99 (5 devices) - McAfee Premium: .99 (unlimited) - McAfee Advanced: .99 (unlimited) - McAfee Ultimate: .99 (unlimited) Both support Windows, Mac, Android, and iOS. Norton provides ransomware protection, while McAfee does not. Both include VPN features and identity theft monitoring. Norton has an overall rating of 4.2/5, with a customer support rating of 5/5. Key features include dark web monitoring, parental controls, and a password manager. McAfee has an overall rating of 3.8/5, with a customer support rating of 4.4/5. Key features include a protection score, social privacy manager, and bank transaction monitoring. Norton offers a 7-day free trial, while McAfee offers a 30-day free trial. Norton provides extensive user support resources, while McAfee lacks training videos for new users. Norton is better for ease of use and customer support, while McAfee is better for privacy and data cleanup features. Alternatives to consider include Bitdefender, PC Matic, and Malwarebytes.

Winsage

November 6, 2024

5 tips for setting up BitLocker on Windows to secure your files

BitLocker drive encryption is a feature in Windows 11 that protects files from unauthorized access by encrypting the drive. It is enabled by default in Windows 11 Pro and higher editions, while a limited version is available in Windows 11 Home. Windows 11 automatically encrypts all fixed drives upon connection, and users should verify that all permanently attached drives are encrypted. Users can set drives to automatically unlock on the current PC or protect them with a password. BitLocker is a Windows-specific feature, making encrypted external drives inaccessible on other operating systems like macOS or Linux. Recovery keys for BitLocker-encrypted drives are automatically backed up for users with a Microsoft account, and it is recommended to create a Microsoft account for easier access to recovery keys. Users should also keep a second backup of the recovery key in case of internet outages, which can be printed or saved as a digital file.

Tech Optimizer

November 5, 2024

Neon Authorize: Granular access controls at the database layer

Neon has launched Neon Authorize, a feature that enhances permission and access control management for developers using its serverless Postgres database. This feature incorporates Postgres Row-Level Security (RLS) to protect data from unauthorized access, allowing for the establishment of authorization policies at the database level. Recent findings from OWASP indicate that broken access control is a significant risk in web application security, with 94% of applications tested showing vulnerabilities. RLS enables database administrators to control user access at a granular level, making it particularly useful for multi-tenant applications. Neon Authorize simplifies the integration of authentication providers, allowing developers to authenticate database calls using JSON Web Tokens (JWT). Andy Young from Lockdown Ventures noted that adopting Neon Authorize improved security, simplified application code, and enhanced performance, with the migration process taking less than a day.

Winsage

October 24, 2024

The State of Windows Security: What’s Coming, What’s Obsolete and How To Deal — Redmondmag.com

Windows administrators are adapting to changes in security practices due to the rise of sophisticated cyber threats, increased remote work, cloud adoption, regulatory compliance, and supply chain attacks. Key strategies discussed include the integration of advanced threat protection tools, prioritizing endpoint security and zero-trust principles, extending security strategies to cloud environments, implementing strong data protection measures, and enhancing third-party security. The Crowdstrike incident highlighted the importance of change management, continuous monitoring, a layered security approach, proactive communication, disaster recovery planning, vendor accountability, regular security audits, and incident response readiness. AI's role in Windows security is evolving, with potential benefits in threat detection and response, but it also introduces new vulnerabilities and requires adherence to data privacy standards. Organizations must implement governance practices to mitigate risks associated with AI manipulation, ensure human oversight, navigate regulatory considerations, and build user trust for successful adoption.

Winsage

October 11, 2024

Microsoft Recall: A game changer with high risks

Microsoft postponed the launch of its Recall feature due to significant security concerns. Recall is an AI-driven tool designed to track user activity over the past six months, capturing screen snapshots every five seconds and cataloging content for easy retrieval. The tool poses risks of exposing sensitive data to threat actors, which could be exploited for extortion. In response to these concerns, Microsoft announced two new security features: just-in-time encryption for the database and mandatory re-authentication through Microsoft Hello before accessing Recall. Despite these measures, unauthorized access remains a concern. Microsoft reassured users that the Azure AI tool processes data locally, keeping sensitive information off the cloud. Recommendations for future use include configuring settings to exclude certain applications from tracking, recognizing privacy setting limitations, employing anti-malware tools, and potentially allowing users to shorten the retention period of data collected.