Tons of websites record your mouse, keyboard, and scroll activity, and can play back exactly what you saw on your browser window from its backend dashboard as a video. This is called session replay. There are pre-made libraries for this you can import so it’s super common, I believe Mouseflow is one of the biggest providers.
When a mobile app, Windows app, or even website crashes nowadays, it automatically sends the crash dump to the app developer/OS vendor (the OS often does this whether the app requests it or not because the OS developer themselves are interested in what apps crash and in what ways). We’re talking full memory dump, so whatever private data was in the app’s memory when it crashed gets uploaded to a server somewhere without your consent, and almost certainly kept forever. God help you if the OS itself crashes because your entire computer’s state is getting reported to the devs.
Your phone’s gyroscope can record what you say by sensing vibrations in the air. It may or may not be something humans will recognize as speech if played back because the frequency range is too limited, but it’s been shown that there’s enough information for a speech recognition AI to decode. Good chance the accelerometer and other sensors can be used in the same way, and using them together will increase the fidelity making it easier to decode. Oh did I mention no device has ever implemented permission controls for sensors so any app or even website can access them without your consent or knowledge?
nah only the minidump is reported back which only contains the memory the crashing stack is using. Sending the full dump would requires uploading gigabytes of data which would cripple any home internet as they mostly have very limited upstream bandwidth.
Though iirc a system crash report can include a kernel dump, which can contain things like private keys.
Though realistically, Microsoft controls your OS. They could easily add code to allow them to grab whatever they want from your system without any logging (by your system anyways).
That actually makes me wonder if there are any apps that run on both a system and the router that system is connected to to determine if the internet traffic as reported by the system (to the user) is the same as what the router sees as a way to detect anything using network resources but bypassing the normal network stack.
you certainly can just run wireshark on your PC and your router, then compare them in the end of the day (with your router’s file filtered your PC’s source address)
Tons of websites record your mouse, keyboard, and scroll activity, and can play back exactly what you saw on your browser window from its backend dashboard as a video. This is called session replay. There are pre-made libraries for this you can import so it’s super common, I believe Mouseflow is one of the biggest providers.
When a mobile app, Windows app, or even website crashes nowadays, it automatically sends the crash dump to the app developer/OS vendor (the OS often does this whether the app requests it or not because the OS developer themselves are interested in what apps crash and in what ways). We’re talking full memory dump, so whatever private data was in the app’s memory when it crashed gets uploaded to a server somewhere without your consent, and almost certainly kept forever. God help you if the OS itself crashes because your entire computer’s state is getting reported to the devs.
Your phone’s gyroscope can record what you say by sensing vibrations in the air. It may or may not be something humans will recognize as speech if played back because the frequency range is too limited, but it’s been shown that there’s enough information for a speech recognition AI to decode. Good chance the accelerometer and other sensors can be used in the same way, and using them together will increase the fidelity making it easier to decode. Oh did I mention no device has ever implemented permission controls for sensors so any app or even website can access them without your consent or knowledge?
Correction: GrapheneOS has implemented permission controls for sensors. It also has sandboxing and permission scopes to prevent many of those leaks.
However, Graphene is not available to everyone, and it’s still problematic due to bystanders/passerby.
nah only the minidump is reported back which only contains the memory the crashing stack is using. Sending the full dump would requires uploading gigabytes of data which would cripple any home internet as they mostly have very limited upstream bandwidth.
Though iirc a system crash report can include a kernel dump, which can contain things like private keys.
Though realistically, Microsoft controls your OS. They could easily add code to allow them to grab whatever they want from your system without any logging (by your system anyways).
That actually makes me wonder if there are any apps that run on both a system and the router that system is connected to to determine if the internet traffic as reported by the system (to the user) is the same as what the router sees as a way to detect anything using network resources but bypassing the normal network stack.
you certainly can just run wireshark on your PC and your router, then compare them in the end of the day (with your router’s file filtered your PC’s source address)
They most certainly do not.
Yeah, sorry, I meant for anyone worried about windows crash reports.
Microsoft controls your windows OS.