Chatty Cortana Lets Strangers Use Your PC:
SOURCE: laptopmag.com (ARTICLE DATE: 12th Aug 2016)
Microsoft's Cortana digital assistant for Windows 10 can help you set a reminder, email your boss or check the weather, but could she also help a malefactor gain access to your data?
With the Windows 10 Anniversary Update, Cortana now appears on a PC's lock screen by default, letting you query the internet or set reminders without logging in. A user-enabled option also allows Cortana to send emails or texts, query your contacts or access your calendar without requiring you to enter your user password. That's definitely convenient, but it could also be extremely risky should your computer fall into the wrong hands.
Stu Sjouwerman, CEO of the security firm KnowBe4, said he felt that any type of function from the lock screen opened the door to hackers.
"The idea is to minimize your attack surface, not to expand it with an AI-like function that may have unknown 0-days," Sjouwerman said, adding that unlock-free access is "an invitation to hackers to see if this has any vulnerability they can exploit."
If you do allow Cortana to control your messages, calendar and contacts from the lock screen, there's no doubt you are taking a risk. A bad actor who walks by your computer in the office, or steals your laptop out of your bag, could view your business contacts, email a damaging message to a client or co-worker, or add a fictitious meeting to your schedule. For those reasons, corporate IT departments will probably disable the feature...
To read the full article please visit the link at the top of the page
SOURCE: laptopmag.com (ARTICLE DATE: 12th Aug 2016)
Microsoft's Cortana digital assistant for Windows 10 can help you set a reminder, email your boss or check the weather, but could she also help a malefactor gain access to your data?
With the Windows 10 Anniversary Update, Cortana now appears on a PC's lock screen by default, letting you query the internet or set reminders without logging in. A user-enabled option also allows Cortana to send emails or texts, query your contacts or access your calendar without requiring you to enter your user password. That's definitely convenient, but it could also be extremely risky should your computer fall into the wrong hands.
Stu Sjouwerman, CEO of the security firm KnowBe4, said he felt that any type of function from the lock screen opened the door to hackers.
"The idea is to minimize your attack surface, not to expand it with an AI-like function that may have unknown 0-days," Sjouwerman said, adding that unlock-free access is "an invitation to hackers to see if this has any vulnerability they can exploit."
If you do allow Cortana to control your messages, calendar and contacts from the lock screen, there's no doubt you are taking a risk. A bad actor who walks by your computer in the office, or steals your laptop out of your bag, could view your business contacts, email a damaging message to a client or co-worker, or add a fictitious meeting to your schedule. For those reasons, corporate IT departments will probably disable the feature...
To read the full article please visit the link at the top of the page
