encrypted database Archives

AppWizard

May 22, 2025

Signal resorts to “weird trick” to block Windows Recall in Desktop app

Microsoft's Recall feature indexes a wide range of personal data, including Zoom meetings, emails, photos, medical conditions, and conversations on Signal, affecting both users and their contacts without consent. Researcher Kevin Beaumont found that the feature captures sensitive information like payment card details and can decrypt its database using a fingerprint scan or PIN. Developers, such as those at Signal, lack tools to prevent their content from being indexed by Recall, leading Signal to utilize a Digital Rights Management API to protect privacy. This workaround may help, but it depends on all chat participants using the Windows Desktop version with default settings. Microsoft has not addressed concerns regarding developer control over Recall.

Winsage

April 29, 2025

Microsoft’s AI Secretly Copying All Your Private Messages

Microsoft is relaunching its AI-driven feature, Recall, which continuously captures background screenshots on Copilot+ PCs optimized for AI functionalities. Initially introduced in May, Recall was retracted due to privacy concerns over unencrypted storage of screenshots containing sensitive user data. After testing through Microsoft's Insider program, Recall has been updated to encrypt the screenshot database and requires users to opt in to save screenshots. However, it still poses risks by potentially capturing sensitive information from communications without the knowledge of other parties involved. Security researcher Kevin Beaumont has noted that the sensitive information filter is unreliable, and the encrypted database is only secured by a basic four-digit PIN. Beaumont's testing revealed that Recall indexed everything it stored, including ephemeral messages and images. He cautioned users to check if Recall is enabled when discussing sensitive topics with others on Windows PCs.

Tech Optimizer

October 2, 2024

How BCM One migrated data from an unencrypted Amazon RDS for PostgreSQL database instance to a new encrypted instance using AWS DMS | Amazon Web Services

BCM One is a global provider of NextGen Communications and Managed Services, with Flowroute as a brand specializing in SIP trunking and business messaging. Flowroute encrypted its Amazon RDS for PostgreSQL database instances using AWS DMS. Storage encryption is essential for protecting disk data and involves a key from AWS KMS. Existing RDS instances cannot be directly encrypted, so a new encrypted instance must be created using RDS snapshots and AWS DMS. The migration strategy includes creating an empty RDS instance, initiating a CDC-only AWS DMS task, creating a snapshot of the unencrypted instance, generating an encrypted snapshot, and restoring a new encrypted RDS instance. RDS Proxy is used to manage connections and minimize downtime during the transition. The process involves creating a DMS login role, configuring RDS parameters, creating DMS endpoints, and verifying replication success. After the migration, the proxy authentication must be updated to connect to the encrypted database. The migration process also highlights the importance of primary keys and unique constraints to prevent duplicate entries during replication.

Winsage

June 14, 2024

Recall Recalled: Is AI On Windows 11 Already Doomed?

Recall was a major selling point of the new Copilot+ PCs unveiled by Microsoft, but the pre-release version had a major security flaw where the database storing sensitive information was left unencrypted. Microsoft later announced security measures to improve Recall's security, including turning it off by default and encrypting the database. The launch of Recall was postponed to ensure proper testing with Windows Insiders.