It really does shock me, even though it should not at this point, that nearly all governments, even more progressive ones in terms of privacy, are absolutely just watching from the sidelines as the fabric of their own society is deteriorating. Bravo leaders. Bravo. /s
It’s a wonder how Outlook and Exchange Server are used by most companies, many of which have sensitive confidential and proprietary data. Choosing Microsoft is all about having someone to blame for your security problems, not achieving secure communications and storage.
In a corporate world you don’t get to decline. It just comes preinstalled and preconfigured on your work PC. IT department either cares about shit and configured it properly for all, or they don’t.
Also, it’s the language scam of the decade to have a [privacy] agreement or terms with a “third party” which is basically anonymous/anyone/indeterminate/changing/.
With dark patterns you can “guide” the user to click a particular button, for example by having “accept” in a large, bright stand out colored button, and the “reject” button in a low contrast, small or disabled looking button.
This will not prevent people from clicking reject, but it shifts the percentage of people clicking accept vs reject in the websites favor.
Me. I legitimately don’t care and I haven’t yet had anyone explain to me over the last few decades what the big bad is that should make me care. Oh noes, some companies are going to analyze my data to scam each other for marketing dollars with generally worthless statistical data.
Did you even bother reading that, or were you just jumping on the chance to use the word “metadata” like you were actually making a point? The “metadata” in question was phone location info, which every carrier has and they don’t need access to your phone or your Outlook emails to do it. I’m also going to go out on a really sturdy limb and say that the CIA/NSA/whoever doesn’t care whether you clicked “Accept All” or “Reject All” when they’re hoovering up “metadata”.
It’s understandable that the consequences of digital privacy is so nebulous and conceptual that many people don’t give much thought about it. But to put things into perspective, your data goes to data brokers. Anyone could buy your and others’ data from them. There is a case of a female domestic abuse victim who escaped her partner. The partner tracked her down by buying her data from a broker. Insurance companies could also buy your data and discriminate you knowing what your pre-existing health condition is.
Let that sink in because you never know when your data might be used for malicious purposes. Even if you don’t think your personal information isn’t going to be processed maliciously, you’re inadvertently being part of the collective consent to erode the right to privacy (because in my experience, most people don’t care about privacy). We know that if not enough people complain, the powers-that-be sees this as providing consent. You and others may not see privacy as a big deal, but what about those who will be affected by the lack of it?
I think at some point, people will only complain more if their personal details are breached. And it might be too late at that stage. As we speak, there is potential of AI being trained and developed to use other people’s likeness and data without their consent. Your childhood picture might be used for something else…
Thats gross. Just no. Use thunderbird or some other FOSS email client, at least outlook is somewhat limited with its spyware BS when you get mail through IMAP
Im tired of telling windows people something they already know. Its your choice to use a completely corporate cucked operating system for your personal computing, you don’t get to clutch pearls and act suprised over it being complete spyware, or whenever microsoft decides it wants to erode your user experience just a little bit more because they can.
I tried using thunderbird for work MS email, but TB seem to be in the blacklist of my company (a professional school btw).
It popped me to ask for one time permission from the administrators and I did. They answered me ‘TB is not YET trustable by them’. The incident is still ‘in progress’ after 10 months.
I mainly use FairMail on my phone. It’s got features that attempt to remove tracking from received emails, including blocking suspected tracking images from loading.
But half of them have a web link to go to another website’s main page, in order to manually find the overall 3rd party opt out, which it may or may not remember on the next site you visit that uses it, but you can’t tell so you better do it again anyway next time.
Even I get partway through and I wonder if I’m not getting too old for this internet shit. I guarantee most people are not bothering.
Fun fact! If you have outlook on your phone with a work account added, chances are IT has admin access to your phone and can remotely wipe it at any time. Also means that your phone can be collected as evidence if you or the company is involved in a court case possibly related to emails
Ok I’ve tested this with some users that definitely do have their work emails on their private phones and I can’t see what this setting is. Are you sure about this, it seems super dodgy?
If you set up intune correctly (and its a requirement) you can prevent access to the entire of m365 including outlook unless they register their device and you can use allow lists for users who are approved to use their own devices, or just block them full stop while allowing company phones access.
If yours isn’t requiring registration, then its not setup to do so, you can very much enforce it, this is usually done via conditional access requiring that the device is registered before it can get access.
Often admins also forget to block web access from mobile devices, but that’s also blockable via the conditional access settings (and other ways, but conditional is how I would do it). Its not perfect as its using the user agent, which can be spoofed. Personally if the client needs that level of protection then web access should just be blocked for non company devices.
You can enforce that the company is added as a device manager, that’s usually how the device wipe is enforced. Access to personal data isn’t really what you are granting here, it is the ability to remote wipe the entire device.
Its a proper device management system with a ton of options. You can for example force users to only use an approved list of applications on their own device for company data.
There are ways around this. I run Outlook inside of a sandbox, so you can remote wipe the sandbox, but the rest of the phone isn’t accessible to anything in the sandbox even with “device admin” permissions.
There are ways around most things, but you’ll have to define this sandbox on your mobile as a lot of these can be prevented with the right additional product, obviously Microsoft being Microsoft isn’t going to give this away.
Yeah I’m pretty sure that’s how our system sets it up, but it’s supposed to be set up like that not as a workaround, I feel super duper sketchy about wiping it uses personal device. When they leave the company that’s the only section of the device we wipe.
There’s only like a couple of dozen uses on the account that actually use their personal devices. Mostly just the have IT staff and a few managers who need to be emergency contactable.
That’s exactly why Android has this function, so they can only remotely access/wipe that profile. Everything in that profile is kept segregated from the rest of the system.
To reset a password for work. Apparently eHub doesnt work on Firefox, it has to be edge or chrome. Called the Help Center and they asked if I was using chrome and I said no Firefox. “You don’t uh…have anything like chrome on your phone?” “no, I might be able to access a work computer with chrome but I’m not putting a chromium browser on my device” (it’s there because android, but all its permissions are cut off)
She just had to sit on hold while I logged on on a work computer to reset everything where if they just fucking made a webpage to work on Firefox we could have not had the conversation in the first place.