Privacy

30856 readers

433 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

[email protected]

M365 PPT and Word contents leak to US servers (www.linkedin.com)

submitted 5 months ago by [email protected] to c/[email protected]

3 comments fedilink hide all child comments

This link is in French but as a summary: technical report shows that M365 Word and PPT contents leak to US servers (augloop.office.com) as soon as you open a document on a local installation of Powerpoint or Word, unbeknownst to users.

This is potentially huge!

top 3 comments

sorted by: hot top controversial new old

[–] [email protected] 6 points 4 months ago (1 children)

I think this is working as expected.

M365 disaster recovery is the US. I anticipate anything opened locally syncs to OneDrive or other M365/services.

However, I don't speak French so please let me know if I'm missing something.

[–] [email protected] 5 points 4 months ago* (last edited 4 months ago)

This is different : no sync to other Cloud services enabled. This is not disaster recovery or backup, file contents are sent thru json. You use your Word / PPT application locally, and without your knowledge file contents are sent to US servers at the augloop.office.com endpoint. This is a clear privacy and confidentiality risk. It is bundled with the "connected experience" services, and the only way to deactivate it today is thru a registry key in Windows. And it's the default behaviour, the user is not informed. This breaches several GDPR principles, not to speak about MS spying on your confidential contents when using a local install of their software on your PC.

[–] Scolding0513 2 points 4 months ago* (last edited 4 months ago)

i remember predicting this in "privacy" communities a long time ago and all i got was seething mouths and gnashing teeth from "privacy" advocates for some reason defending Microsoft?