LOL
Another stupid feature (enforced by regulations/law/policies) that has no real world use, besides making us users angry :-(
Like Google collecting all of our location history for their own usage, but not allowing us to see it via web anymore (only on mobiles), or having the android dialer not allowing us to record our own phone conversation (easily circumvented), or movie/music/game publishers not allowing us to backup our own media… you get the point.
All these are due to laws and regulations that are there to protect the big companies and don’t take into consideration users and the common sense ;-)
Aurornis · 32d ago
> All these are due to laws and regulations that are there to protect the big companies and don’t take into consideration users
This feature is not due to laws and regulations.
The user in this case is the presenter who clicks the button to enable screenshot protection on their meeting. This is Microsoft trying to deliver a feature their users want, not laws and regulations making them do something their users don’t want.
tw04 · 32d ago
But it’s literally the dumbest feature ever. There’s absolutely nothing preventing a user from pulling out their phone and taking a picture of any slide they want. Or having a camera recording the whole session out of view of their webcam.
It is security theater at its peak.
lolinder · 32d ago
It's not pure security theater, there are a few clear gains for those who care about such things:
* Naive screencaps are much less traceable to the leaker than a naive photo is. Yes, someone can strip out EXIF data, but we've seen over and over again that they generally don't. And even without EXIF a naive framing on the photo is more likely to expose information about the location or identity of the person who took it.
* A photo of a webinar is going to (barring serious postprocessing) look much less official and be less legible than a screenshot, so the use cases for illicit captures are going to be fewer. Few people are going to try to take a phone photo of the top-secret meeting and use the slide in their next team all-hands, but many might forget the rules and than snap a screenshot really quickly for later use.
* Just having the ability to block the easy method of screen captures helps avoid cases where the person doing the capturing isn't actively malicious, just ill-informed. If a normal employee attempts a screenshot and is reminded they're not supposed to do that, they're not going to pull out their phone to take a photo, they're going to say "oops" and move on.
Yeah, there are threat models that won't be stopped here, but most of corporate InfoSec is wrapped up in protecting against pretty lame threat models that would benefit from this—mostly uninformed/ignorant employees screwing up without intending to be a threat.
rsync · 31d ago
"Yes, someone can strip out EXIF data, but we've seen over and over again that they generally don't. And even without EXIF a naive framing on the photo is more likely to expose information about the location or identity of the person who took it."
for f in `ls -1 /pics/IMG_*.jpg|/usr/bin/xargs basename` ; do /usr/local/bin/magick convert $f -strip -quality 8$rand -shave 1$randx1$rand2 -resize 9$rand2% -attenuate 1.0 +noise Uniform out_$f && /usr/local/bin/exiftool -overwrite_original -all= out_$f && rm -rf $f ; done
So ... not just stripping the exif/meta data but also dropping the quality to 8[0-9]%, shaving a random number of pixels from the border, resizing by 9[0-9]% and adding some noise to the image.
Perhaps someone will find this useful ...
cyanydeez · 31d ago
not the people being referenced. You are the 1%.
MattPalmer1086 · 32d ago
Good summary. It's best to think of controls like this as guardrails. They are mostly "safety" features rather than hard-core security features. They help honest people to avoid potentially dangerous mistakes.
cwillu · 32d ago
Guardrails that break support for devices that aren't owned by the equipment manufacturer, yeah, about that…
MattPalmer1086 · 32d ago
It doesn't do anything of the sort. It will work on PCs, Web, Android and iOS - everything with a supported client.
Not sure what "support" you expect for unsupported clients.
i-zu · 32d ago
Will it though?
If I join from Linux using Ferdium or any other browser what will prevent me from using any screenshooter? Or will web be considered an unsupported platform?
MattPalmer1086 · 32d ago
The article says web is supported. Whether that means all browsers or just some, no idea.
cwillu · 32d ago
Perhaps a little less snark would be appropriate if you don't know what other people are talking about.
MattPalmer1086 · 32d ago
Apologies if I came across snarky, not my intention.
It's definitely not true that this feature breaks support for devices not owned by the manufacturer. The follow on question about whether all possible web clients / operating systems would be supported, I don't know. The article just says that web is supported.
cwillu · 31d ago
This isn't “we haven't tested your browser, if it breaks, that's on you”, this is “we don't specifically Trust™ the environment you're running your browser in, therefore fuck you.”
“Web is supported” in this instance just means “the web, but only when mediated by google, microsoft or apple”, which is not the web as far as I'm concerned.
MattPalmer1086 · 31d ago
Hmmmm, I use Firefox on Linux to access Teams currently. Guess we'll see if that breaks.
olyjohn · 30d ago
Of course it's going to break. Remember when they built an actual Teams client for Linux? Remember how much Microsoft <3 Linux? Yeah, you're fucked buddy.
MattPalmer1086 · 30d ago
Oh well, I'll use something else then. Not worth getting upset about really.
cwillu · 30d ago
Nothing that doesn't require a chain of Trust™ to the operating system will work, which is the point at which I start to get upset.
Seb-C · 31d ago
> They help honest people to avoid potentially dangerous mistakes.
They also can prevent honest people from gathering proofs to cover or defend themselves: abusive boss, illegal requests, harassment...
MattPalmer1086 · 31d ago
You can always use your phone to record it if there's some overriding reason to break the confidentiality protection. Or have a witness be present during a call (maybe out of sight).
jay_kyburz · 32d ago
>A photo of a webinar is going to (barring serious postprocessing) look much less official
I don't mean to pile on but, you wouldn't use post processing, you would just take the information out of your screenshots and make a new slide deck if you wanted pass it off as official.
cma · 32d ago
> Yeah, there are threat models that won't be stopped here
Like running windows in a VM or using an HDMI capture card. And are they going to break running teams meetings when using moonlight etc. with this? If you are OBS capturing during the meeting does it get blacked out or just breaks your recording?
lolinder · 32d ago
You don't need to elaborate on mechanisms for bypassing because you're already imagining a threat actor that is out of scope.
This is primarily about blocking accidental leaks by regular employees who were asked to not record but ignored it. This kind of reuse of content happens all the time in companies of any significant size and isn't entirely stopped by simple requests or watermarks. This tool gives companies one more option to protect against this very lame and boring but also very real threat.
chii · 32d ago
> regular employees who were asked to not record
i think this should not be possible to be asked.
For example, an employee might want to record to cover their own ass (e.g., if being asked to do some morally questional things, which the employee could record then use as protection against the company going back on their word).
Having the ability to _control_ whether an employee can keep records independently of the company only serves to move more control away from the employee.
int_19h · 30d ago
Trade secrets are a thing. Legal requirements are a thing as well. In some cases (think HIPAA) an employee recording something that they're shown can translate to significant legal liability for both themselves and the company.
crote · 32d ago
> This is primarily about blocking accidental leaks by regular employees who were asked to not record but ignored it.
I think you're seriously overestimating regular employees. A significant number of people will send you smartphone pictures when you ask for a screenshot - why would they suddenly start looking into on-device screen capture when taking a picture or video of some random presentation?
andrekandre · 32d ago
> A significant number of people will send you smartphone pictures when you ask for a screenshot
n=1 but this is also my experience at $JOB for a majority of times for me as well
lolinder · 32d ago
I already addressed this possibility in my first comment. Points 1+2.
preciousoo · 32d ago
And also gives legal teams more foundation to stand on, bypassing this isn't trivial so it shows real intent
userbinator · 32d ago
"isn't trivial"? When the sibling comment mentions how a lot of employees will by default use a camera when asked for a screenshot?
preciousoo · 31d ago
By "isn't trivial", I mean that takes real effort on the user end to bypass (as they can't simply take screenshots in traditional methods). Bad choice of word on my end
guappa · 31d ago
They have absolutely no way to enforce anything of sorts on linux, technically.
int_19h · 30d ago
A typical corporate workspace won't have any employees running Linux on their work machines.
prmoustache · 27d ago
That is not my experience in the last 10 years.
Aurornis · 32d ago
The easiest one is already mentioned in the article: Someone pulling out their phone and snapping a photo.
People know it’s not perfect. However, raising the bar discourages the spontaneous captures that people might try out of habit.
bmicraft · 32d ago
What's the endgame here? Mandatory HDCP monitors for meetings? HDCP for absolutely every application?
miki123211 · 32d ago
There are two kinds of people in the world, those who completely misunderstand the value of friction, and those who depend on friction too heavily; GP clearly falls into the former group.
This feature provides value because it increases friction. It won't stop really determined and motivated users from leaking, but it'll make leaks, especially accidental leaks / those due to hacks, a lot less common.
The same applies to DRM, "security by obscurity", social media post editing / deletion, dark patterns, loss leaders, promotions and coupons, the list is endless.
If your user is a perfectly rational being with infinite time and infinite tech savviness, the proverbial "spherical cow", those features make 0 sense. Just like spherical cows, though, those users don't actually exist, and so friction matters.
That doesn't mean friction is infinite, though. It's too easy to overestimate it and fall into the trap of thinking that "users won't bother doing this, it doesn't matter if this combination of actions loses us money, it's too bothersome", and then get very surprised very quickly.
tw04 · 32d ago
I work in security. I have had customers request this feature. I have asked them to do an anonymous survey of users to ask what action they would take if they were blocked from taking screenshots and users universally say they’d take a picture of their screen with their phone.
I don’t underestimate friction, I just know even my grandma would reach for her camera for a picture of her screen and she doesn’t even know what a screen capture is. It’s a stupid feature that doesn’t create friction, it just encourages users to take an untraceable action.
I would FAR prefer recording who took a screenshot than blocking it as a presenter.
zmgsabst · 32d ago
Also, the screenshot stays within your corporate network, whereas the photo is immediately backed up to iCloud, sent over messenger, etc.
The friction pushes the flow into something even worse — while not actually changing the behavior.
inkyoto · 32d ago
> I would FAR prefer recording who took a screenshot than blocking it as a presenter.
It would be surprising if Teams does not already capture that kind of event in its user activity event trail[0].
The amount of privacy-invasive capturing and reporting that Teams does is so staggering that it can probably rival surveillance that of North Korea on its own citizens.
How exactly did you phrase the question? It's one thing to ask about a purely technical limitation. A different (and more relevant) question would be: if law or company rules prohibit you from recording or taking screenshots in some specific circumstances, and software is helping enforce that, what would you do?
Aurornis · 32d ago
> I have asked them to do an anonymous survey of users to ask what action they would take if they were blocked from taking screenshots and users universally say they’d take a picture of their screen with their phone.
Everyone knows this. You don’t need this survey (which surely was a real thing that actually occurred and not something you just conveniently imagined for this argument, right?) to tell you that.
It’s literally written in the linked article.
We know. There are ways around it. But it’s friction, and friction has value. People know it’s not perfect, but it’s another reminder that people aren’t supposed to be doing it.
tw04 · 32d ago
It’s literally not friction. The average user has no clue how to take a screenshot. They all know how to take a picture with their phone.
It’s a solution searching for a problem it can’t solve.
Friction implies you’re stopping a user from taking an action they consider the easiest way to solve the problem. Since you think I “invented” the survey, I invite you to ask all of you non technical friends and family how they would go about capturing an image of their computer screen if they needed to quickly show you a copy of what they’re looking at.
I absolutely guarantee you that taking a picture with their phone will be the winner by an order of magnitude.
No comments yet
nine_k · 32d ago
Taking out a camera to make a picture is pretty noticeable in a meeting with few participants. The standard way to use a phone camera involves lifting it pretty close to your eye level. Other participants could literally shout to please stop photographing the screen. It will be also very visible who was trying to do so.
Yes, somebody who's clever enough would keep the camera away from view, and maybe would try several times first to hold it in a way that gives a good view of the screen, etc. But this is out of scope, it's a clear malicious intent, when we could expect much more sophisticated means.
teo_zero · 32d ago
I'm not sure what scenario you're imagining, but Teams is mainly for remote meetings.
zvr · 32d ago
I think he meant that in a meeting of few people, all with cameras on, a participant can't simply raise his phone and take a picture.
lazide · 32d ago
People turn their cameras off for a few minutes all the time. And it’s not like people can’t fiddle with their phones out of frame.
jay_kyburz · 32d ago
I think using the word friction is good. If you want your business to run smoothly you should not apply friction. In-fact, you should be looking for places where there is fiction and apply lube.
Either the information your are sharing is sensitive, or it is not. Applying friction to your colleges is just making their jobs more difficult.
p_l · 32d ago
Using your analogy one should lube the brake pads, after all friction is bad, isn't it?
The friction here is on the "unwanted" path, and in a way provides "lube" (less thinking and care) for the correct security posture.
No comments yet
duxup · 32d ago
A smartphone is amazingly low friction.
Aurornis · 32d ago
I think it’s funny that so many of these comments assume the person clicking the “enable screenshot protection” checkbox will be unaware that participants might have camera phones. It’s equally funny to read the comments imagining participants with elaborate pre-built workarounds like hidden pinhole cameras or pre-configured HDMI splitters going into full-screen video capture on another system.
The people using this feature aren’t going to imagine it as 100% protective against any and all possible methods of exfiltrating data. It’s a feature for discouraging casual data capture and dissemination. It serves to remind people doing spontaneous captures that they aren’t supposed to, but everyone knows a dedicated person could find a way to get that photo if they really, really want.
That doesn’t make it useless. Every time you raise the level of difficulty for accomplishing something, a percentage of attempts are thwarted or discouraged. As it turns out in the real world, raising the bar even a little tiny bit is effective in thwarting or discouraging the majority of attempts across the average user base. You’re not defeating the dedicated attackers, but you’re reducing the overall number of successful attacks and even attempts.
The same is true for things like the office firewall blocking websites: Yes, we all know a dedicated engineer can create a way around it, but it’s going to stop most employees from getting to those sites and serve as a reminder to others that they’re not supposed to access them.
csomar · 32d ago
True. But if you start putting these speed bumps everywhere, suddenly the platform become a hell to use when you need to do/use/operate something. It is one of the reason why I moved from macOS or Linux despite really wanting to operate a macbook. macOS has become unbearable unless all you did for a living was videos, audio and normal web browsing.
bolognafairy · 32d ago
I don’t do “video, audio, and normal web browsing” for a living, and I don’t find macOS unbearable.
For the love of God, please show an iota of acknowledgment that this could just be a matter of personal taste, instead of immediately resorting to such absolutist statement. It’s very telling that your portrayal of “I don’t like this” is “this is surely unbearable for anyone that does the sort of work that I do. Anyone that makes this work for them is doing this OTHER class of things”. And I’ve got absolutely zero doubt that you consider the things that you listed as being ‘lesser’ than your ‘real computer work’.
hulitu · 31d ago
> It’s a feature for discouraging casual data capture and dissemination
Casual is much easier with a phone. In Windblows to capture the screen you need to press print screen, then go to paint -> paste then save it. Paint cannot have 2 images open at the same time.
AuryGlenz · 31d ago
Psst.
Win-Shift-S
avs733 · 32d ago
The funniest part to me is these comments exclude something even more basic: joining a teams meeting on your phone. Notice the platforms mentioned ITA?
I regularly, as do many of the people here, join meetings from my phone. I often do so so I can squeeze a run in. I especially do so in the types of all hands or large meetings where I’m in listen only mode and things are shared that would be hard to trace back to any individual in the room.
I’m not carrying a second phone to take a picture of a slide - but I regularly take screenshots in those meetings to remind myself of something or to show someone when bitching.
The relevant xkcd here is decryption by wrench (538) - the problem being solved is not battling 1337 hackers, it’s herding normally distributed loan officers at a mid regional bank.
hulitu · 31d ago
> joining a teams meeting on your phone
I am not so masochistic.
stevage · 32d ago
Nah, this would stop a lot of threats.
I'm an example of that threat. I'm a freelancer who often has video calls with new clients. Sometimes I surreptitiously screen cap demos or presentations. It would be very difficult to use a phone that way without breaking the conversational flow.
Other supposed workarounds would require much more preplanning. Like I'd need to know that there was something worth capturing.
realitysballs · 32d ago
RDP into computer that has meeting running and then screenshot from the external computer running RDP .
stevage · 32d ago
Yep, I already covered workarounds that would be possible with preplanning.
Dylan16807 · 32d ago
If you already do it regularly, then the preplanning is not a big barrier. You already know that you keep getting into situations where something is worth capturing.
HDMI capture with passthrough is $20.
bolognafairy · 32d ago
Are you genuinely not reading the comments that you’re replying to?
OP did mot solicit or show that there would be any value in people listing ways that one could circumvent this with preparation.
We all know. You aren’t adding anything to the discussion. Nerds love ignoring the cost of human effort if it gives them an opportunity to show that they know something.
Dylan16807 · 31d ago
I'm definitely reading the comments. I'm replying to a very specific comment that made a very specific argument.
There are lots of arguments I find convincing for this being effective. But not OP's. OP is saying they already do these recordings regularly, but "preplanning" would stop them? No way. They already did all the necessary preplanning by the time they finished typing their comment.
Preplanning could be meaningful for other people, but not for them and people like them.
I only mentioned price to make it clear that the level of effort to make the purchase falls within the level of effort they have already established.
prmoustache · 27d ago
I record all my calls with OBS because I know sometimes my mind drift off especially when people are going off topic for a while or part of the call is not relevant to me and I want to be able to get back to it if I missed something important.
I have a systemd timer that clean files older than 24h at startup because the point is not to archive content without consent.
If I ever can't do that I would just use an usb3 screen capture card and record from a second device.
PeterStuer · 32d ago
Preplannig? As in putting your phone in front of your keyboard and hitting record?
smelendez · 32d ago
I’ve been on calls where a presenter explicitly asks that people not screenshot slides shown in the meeting because they’re drafts that will be refined and published or circulated later on. Some companies probably have that as a blanket policy. I’m sure this isn’t universally followed.
This feature would help make that less likely to happen accidentally or “accidentally.” It wouldn’t stop deliberate leaks but that’s a different problem.
Aurornis · 32d ago
We once had an intern who took screenshots of an internal presentation and posted them on the internet to brag about how cool his internship was.
When we did his exit interview he admitted he just wasn’t thinking. He did it all in a couple minutes while in the meeting. Something like this would have stopped him in the process and made him remember that the content was sensitive.
Don’t underestimate the diversity of the people watching zoom meetings. It’s not all engineers with elaborate screen capture setups prepared for the express purpose of recording meetings.
SirMaster · 32d ago
Seems like you will now have 1 less way to weed out an employee you don't want...
If someone was going to do something dumb like that I wouldn't want them to keep their job now instead simply because the software prevented them from doing something so dumb or dangerous.
bolognafairy · 32d ago
Thank you Hacker News commenter for lecturing someone on Human Resources policy. The ultimate scope creep from someone explaining why this feature might have an iota of value.
The SECOND a tool that you use add a feature that you want because “um, we don’t think that your business should work like that, actually”, there’d be an angry rant on the front page of this very site.
MattPalmer1086 · 32d ago
Yes, this is a great example of why a control like this is useful.
People do dumb things. The fact that it won't prevent a determined attacker isn't the point.
prmoustache · 27d ago
recording a call is not attacking duh.
userbinator · 32d ago
because they’re drafts that will be refined and published or circulated later on
A big DRAFT watermark tends to clarify that far more easily and obviously.
jay_kyburz · 32d ago
But its not really a draft, they just want to reserve the right to change their mind some time later if there is any blowback :)
tmpz22 · 32d ago
In a 1:1 format this would be effective in preventing some forms of misuse because it would be obvious if an individual took out their phone and pointed it towards the screen.
mastazi · 32d ago
but it is so easy to circumvent, even my teenage daughter, who doesn't have an interest in tech, knows what a capture card is and knows what an hdmi splitter is: she hasn't even entered the workforce yet and she already has all the ingredients needed to circumvent a software block on screenshots
:-D
antihipocrat · 32d ago
You turn your camera off for 10 seconds, take the photo and turn the camera back on. No-one would notice a thing
If you wanted video just have the device positioned outside the field of view. Laptop cameras fov is very narrow.
relwin · 32d ago
Easily circumvented:
Use two monitors, one positioned out of view.
Use a teleprompter mirror with a camera behind the mirror.
Use a video capture device, record on a separate computer.
I'm sure there's sneakier ways to perform this...
ThrowawayR2 · 32d ago
These comments are akin to pointing out that the privacy door on a public bathroom stall can easily be bypassed by looking over the top of the stall walls or underneath the gap between the ground and the bottom of the wall. In their rush to be clever, they instead demonstrate that the poster completely missed the point.
josephg · 32d ago
Your “easy” circumvention requires a second monitor, a teleprompter mirror, a camera, a separate computer and a video capture device. Remember, most people who use Teams don't work in tech. And for them, that’s not “easy”. Barely any normal people have that kind of equipment just lying around, along with the expertise and desire to set all that up, ready for a teams meeting.
For every 100 people who might decide to take a screenshot during a teams meeting, I doubt there’s 1 person who has all that equipment set up and ready to go. You don’t need to make something 100% effective to get a benefit from doing so.
kaonwarb · 32d ago
Sibling comment's definition of "easily" varies materially from my own!
jasonfarnon · 32d ago
just because it isn't perfect doesnt mean it's "dumbest". snapchat, 4chan, etc. will foil 99% of users, who don't think to take/are incapable of taking that next step.
luke727 · 32d ago
> But it’s literally the dumbest feature ever.
My company recently configured Slack for mobile to disallow copying text.
djmips · 32d ago
That's frustrating. Can you can still, if you have Android, use the text capture feature built in that reads text from bitmaps? I use that everyday for sites and apps that don't allow copy paste.
luke727 · 32d ago
This was part of a larger security policy change that also dropped support for my phone manufacturer so I couldn't say.
guappa · 31d ago
I use localslackirc. It logs deletions as well.
trav4225 · 31d ago
But just wait until all consumer image display and capture devices start using invisible-to-the-naked-eye watermarking and content protection, only allowing you to photograph sources which have explicitly granted permission to be photographed. :-)
9cb14c1ec0 · 32d ago
Or use an hdmi capture card.
lern_too_spel · 31d ago
It prevents some accidental recording, which has value.
Aeolun · 32d ago
That’s because what the users want isn’t actually being secure. They want to be able to say they did everything in their power to stop people from capturing sensitive info.
It’s all about diffusing that responsibility.
stevage · 32d ago
It reduces the risk, it doesn't completely eliminate it, and that's fine. Not everything was to be 100%.
Aeolun · 32d ago
I think I’m just fundamentally against any corporate functionality that reduces the employees to grade schoolers.
lokar · 32d ago
Nothing, /yet/
bolognafairy · 32d ago
Please stop moving the goalposts. It makes it even more blatant that you’re engaging in a kneejerk emotional argument that doesn’t belong on this website.
voidspark · 32d ago
It helps to prevent accidental sharing of confidential information.
hedora · 32d ago
Some people might want it, but it doesn’t actually work. It’s probably also required by some compliance theater in some places.
lolinder · 32d ago
It doesn't work against which threat model?
Yeah, if you've got corporate espionage going on this isn't going to stop someone from lifting your slides and taking them elsewhere. But the most common culprit of corporate information security violations isn't a spy, it's a well-meaning employee who didn't hear, remember, or correctly interpret the request to not record the meeting.
Blocking the most common way in which this kind of well-meaning but ill-informed employee would break the expected security rules does work. It's just getting flak here because people are imagining a much more exciting threat model.
hedora · 31d ago
It doesn’t work against employees with camera phones.
Aurornis · 32d ago
> Some people might want it, but it doesn’t actually work
It probably works as well as the company firewall blocking sites or the data exfiltration detection blocking companies from being stolen.
Everyone knows they’re not perfect and can be defeated by a sufficiently motivated attacker, but in practice they stop most casual attempts and discourage others.
adolph · 32d ago
Yeah, some enterprise admin will click it and make it clickable for others. It’s a classic ratchet of enshittification until things reach a magic intolerability point and folks evacuate to other systems leading those to get rolled into one of the borgs: lather, rinse, repeat.
jasonlotito · 32d ago
> Some people might want it, but it doesn’t actually work
Why do you think they can't prevent on-device screenshots/screen recording can't be prevented when you control the entire stack?
shawnz · 32d ago
They can't control the entire stack because of the analogue hole
jasonlotito · 32d ago
Which doesn’t matter at all.
shawnz · 32d ago
I'm just answering your question.
c-hendricks · 32d ago
It's kind of like locks isn't it? It'll deter honest folks, but will it prevent screen capture when Teams is running in a VM? What about over VNC?
jasonlotito · 32d ago
What about a camera?
These aren't the use cases that really matters. What matters is the common case, and it's not about deterring honest folks. Honest folks aren't recording.
This is really a lesson in security blind spots. The number of people that are trying to "get around this" assuming that's the issue.
Edit: I'll make it simple. It will work because honest people aren't trying to get around it. But, they could still expose data they shouldn't. This helps prevent that. Again, a camera is enough to prove it doesn't need to be 100% perfect (and probably more honest considering screenshots can be faked).
So, instead of trying to think of how you can exploit, think of all the ways this private information can get out when it shouldn't and the people on the call aren't trying to release it. Work through that, and see where you get.
shawnz · 32d ago
> It will work because honest people aren't trying to get around it.
I think this makes the counterargument even stronger.
Let's take for granted that this isn't intended to stop a determined leaker and is just meant to prevent honest, unintentional mistreatment of sensitive data.
The question is whether the false positives outweigh the true positives. This feature will impede people from getting things done in subtle but annoying ways (making it more difficult to take notes, hurting accessibility, etc). It's likely that when this is widely deployed, many big orgs are going to overuse it and enable it as a matter of course to prevent liability. Those scenarios where honest people are blocked from doing honest things for which there's no harm are the false positives in this scenario -- there was no need to prevent those scenarios, but they were prevented anyway.
Now consider the true positives: we've agreed that intentional malice is not covered by this feature, and so the true positives are limited just to the smaller subset of scenarios in which honest people unintentionally mistreat sensitive data, and don't include any scenarios where data is being intentionally leaked.
I suspect the number of scenarios that fall into the false positive category will be much greater than the number of scenarios that fall into the true positive category, especially so after intentional malice is excluded. So is this really a net win for anyone?
egypturnash · 32d ago
> Honest folks aren't recording.
Honest folks who want to be able to cover their ass later on are.
Honest folks who are working for dishonest people and are planning to be a whistleblower are.
Honest folks who have Recall on are. Possibly against their will if they haven't found out how to turn it off, or it's a work machine where they're not allowed to do so. Maybe they're not if Microsoft actually has enough interdepartmental communication for the "no screenies please" signal to make it all the way to Recall. It'll be hilarious if they don't.
josephg · 32d ago
One of the best rules I ever heard of was told to me by a cop here in Australia. She told me every time they unholster their firearm, they have to fill out about 3 pages of paperwork. I think that’s so genius.
Think about it - if you’re in a life or death situation, you won’t hesitate. Your gun is right there, and it’s there so you can use it. But if the situation doesn’t feel dangerous, the image of having to fill out 3 pages of paperwork justifying your actions is enough to make you hesitate. It’s weaponised bureaucracy. It’s like - there’s an ideal amount of friction for some actions to have. Pulling your gun out should have some friction to it. The choice should have weight.
I see this in just the same way. If the presenter doesn’t want their presentation recorded, there should be some friction to recording it anyway. It shouldn’t be impossible to record. But it shouldn’t be as easy as just taking a screenshot in windows.
Just like that cop with a gun, there should be the right amount of friction for recording a meeting against the wishes of the presenter. How many pages did the cop have to fill out? 3 pages. Not zero. Not 100 pages. How hard is it to record a meeting despite this protection? It’s doable - you need an hdmi capture card, or a camera out of shot, or something else. You probably need to set it all up before the meeting. And so on. It’s not impossible. But it’s not trivial either. That sounds just right to me.
guappa · 31d ago
3 pages of paperwork are like 5 minutes of work tops.
jasonlotito · 32d ago
And in all those cases they still have a solution, a better solution. Seriously, think.
charcircuit · 32d ago
>VM
Yes, it will not be capturable. If the VM is not secure it will not display it.
>VNC
The VNC server will not be able to capture it.
hedora · 31d ago
I haven’t had that experience when the same mechanisms were used to prevent screen sharing streaming video.
I just fired up a linux vm, and hit play.
If this thing actually breaks machines that don’t have a properly configured hdcp chain, it’ll create insane “this meeting is broken” debugging scenarios.
Also, hdcp is trivially bypassed these days (if, for some reason a camera phone recording of the damning meeting isn’t enough, and a perfect digital copy is needed…)
charcircuit · 30d ago
>hdcp is trivially bypassed these days
Old versions of it.
brookst · 32d ago
Would it work on Mac?
jasonlotito · 32d ago
Yes.
Edit: But yeah, nothing to say why it can't work. So, yeah.
brookst · 32d ago
But MS doesn’t control the whole stack there.
jasonlotito · 32d ago
Doesn’t matter. I don’t know why you think stating random things matters.
brookst · 32d ago
Maybe read the comment I replied to for context?
saagarjha · 32d ago
Apple provides APIs to do it.
NKosmatos · 32d ago
There isn’t a single user (presenter) that would ask something like this. Only a presenter that has to follow some strict “high security” procedures would enable something like this. A politician, for example, will have an excuse in case something leaks. The fact that with a simple mobile having a camera you can copy whatever is being presented (or with slightly more technical ways) is irrelevant for laws and procedures ;-)
Aurornis · 32d ago
> There isn’t a single user (presenter) that would ask something like this.
Asking participants not to screen record or take screenshot was standard practice at every company I’ve worked at where we discussed anything like financials or sensitive business plans.
RevEng · 32d ago
Every meeting I'm in where we talk numbers or strategy starts with someone saying, Please don't record or share this. The documents all say CONFIDENTIAL all over them. That's not true of all our presentations, just ones that we really wouldn't want our competition to see.
Many people still take screenshots of things they think are useful. Things still get shared though emails and occasionally posted on social media.
I have worked with various secure chamber VPN and VNC systems that make it quite difficult to record or screenshot. These are companies where their IP is worth billions of dollars and everyone wants a piece of it. It's difficult enough that it's not worth the effort to try and work around it. The rare time I really need something for debugging, I'll take a photo with my cameraphone, but it rarely comes to that.
Because it's that much harder, I record a lot less of it. Likewise for all the other engineers I work with. Friction won't stop it entirely, but it will make it far less frequent.
FireBeyond · 32d ago
Pretty common where I have worked. Most commonly when reviewing internal product roadmaps to our sales teams because we've burned too many times when customers complain that we haven't implemented something we never announced but a sales person mentioned/showed.
guappa · 31d ago
You think forbidding screenshots is going to stop salespeople from promising random stuff? Have you met salespeople?
cheschire · 32d ago
You don’t get invited to the right meetings, I see.
guappa · 31d ago
You mean with people who have more paranoia than sense?
anigbrowl · 32d ago
If you have a camera on a stand or are holding up a phone, other participants will able to see it and object. Of course it's still possible to get around it. It's possible to get around anything. The idea of privacy controls is to make bad-faith jerks have to work significantly harder.
SoftTalker · 32d ago
Cameras are in eyeglass frames now. Or lapel pins. The idea that someone would be noticed taking pictures is pretty obsolete.
anigbrowl · 32d ago
You can certainly get cameras like that, they're not the norm. You can object to any privacy feature by pointing out that it doesn't provide guaranteed security. Personally I am tired of having my privacy eroded by people holding themselves out as security realists who are always coming up with new ways to break things and/or normalizing existing ones.
jasonlotito · 32d ago
> The fact that with a simple mobile having a camera you can copy whatever is being presented (or with slightly more technical ways) is irrelevant for laws and procedures ;-)
That you think the only attack vector here is a 3rd party device means you haven't really considered everything. Consider screenshots that might happen for many reasons, including malicious software, or even normal software someone might be using, and accidental exposure.
WWLink · 32d ago
What's really going to happen is IT people will enforce this by default because good users aren't supposed to take screenshots, apparently.
7bit · 32d ago
I am a sysadmin and we will enable this. This is because many meetings discuss confidential or strictly confidential information that must not be leave the meeting. In-house, you would simply hand out papers that you collect before concluding the meeting. In Teams meeting it's not possible hence you block people from creating screenshots. This requirement comes from legal and compliance, and many other positions from CEO downwards.
guappa · 31d ago
If you don't frisk people to check if they have microphones and make everyone leave their phones at the entrance, you're just wasting everyone's time.
Information hasn't leaked because people didn't bother to leak it, not because of your security measures.
const_cast · 30d ago
The lede you're burying here is why a lot of this confidential info is so. Yes, protecting IP is important, but you're also primarily targeting whistle-blowers, abused employees, discriminated against employees, etc.
I mean, if HR says they won't make an accommodation because they think you're faking your disability than it's as if it never happened. Less transparency always benefits the immoral.
And this type of stuff does happen. A lot. We don't hear about it because:
1. Companies have gotten really good at just covering their tracks, like this.
2. It's a lot of effort to fight back and it's almost never worth it. You pretty much need baby killing material for someone to whistle blow. Lowly transgressions like discrimination aren't worth the effort.
I thought after Blizzard this would be a sort of wake up call.
buyucu · 32d ago
It's a pointless and stupid feature. It's trivial to take a picture of the screen with your phone.
7bit · 32d ago
It's about convenience. You would be surprised how much information is leaked simply because it was so convenient to.
buyucu · 32d ago
stupid security theater liket his makes everything less secure.
people who used to take screenshots will now resort to taking screen pictures with their phones. this means microsoft teams is incentivizing everyone to 'leak' content outside of corporate networks.
creating a unworkable 'secure' system causes ordinary people to to go around the security to get their job done. which makes everything less secure in the end.
csomar · 32d ago
Yeah, because blocking screenshots is security. How dumb could the world get? If you have sensitive information and a committed individual to leak those, then there is no way around if the picture is shared. What is next?
Startup idea: i-Secure. Your camera can only take/show photos of approved targets. All photos will be analyzed for safety. Unapproved/Unlocked camera devices from China are now illegal.
hulitu · 32d ago
> to enable screenshot protection on their meeting
Nobody forces them to make a presentation. They can always spend their time doing something else.
modzu · 32d ago
hahaha nobody asked for this
voidspark · 32d ago
You have no idea. Infosec in my company would ask for this.
guappa · 31d ago
I think he meant "nobody with sense"
voidspark · 30d ago
It's a mundane corporate feature request and quite reasonable and valid.
WillieCubed · 32d ago
AFAIK, Google stopped making Timeline accessible on the web in favor of local-first storage to avoid having to give location data when subpoenaed by law enforcement (since they can't give away data they literally don't have access to). And they didn't want to deal with the headache of user privacy-related lawsuits, so they defaulted Google accounts into auto-deleting location history (which was already opt-in for years).
Helmut10001 · 32d ago
I could not figure out how to record phone calls on Android! No app worked. I know it is forbidden in the EU, but I forget so many important details from calls that this would be very important.
AlgebraFox · 32d ago
GrapheneOS allows call recording. I believe LineageOS also allows.
Henchman21 · 32d ago
This is why I advocate for International DCO EPO day!
Because if we shut it all down, a huge chunk won’t start up, and humanity gains huge amounts of electricity generation back, but somewhat more importantly: maybe we could stop carrying smartphones!
(This is mostly in jest, here’s a “/s” for those who can’t tell)
Grazester · 32d ago
Don't know why Android doesn't allow you to record the call with the dialer.
Google voice on the other hand allows this. Just hit 4 and you call is recorded. It is announced to all parties however.
genewitch · 31d ago
The workaround for that was to press 4 as soon as the ringing started. Obviously this doesn't apply when receiving calls.
watwut · 32d ago
Lets blame laws and regulations for features private companies decide to implement, because I guess that will help us destroy the state.
Stop making up laws and regulations that dont exist.
qgdfhu · 32d ago
> phone conversation (easily circumvented)
Well, is there a reliable way to circumvent it without using a separate device? I cannot find anything that would just work on Android and not be paid.
djmips · 32d ago
Or image search not identifying people which was actually kind of useful. But I understand the downside.
6P58r3MXJSLi · 32d ago
> easily circumvented)
Or, you know, just take a picture of the screen with your phone.
Or record the session, or film it, etc etc etc
kwanbix · 32d ago
And what is the point? If I want to capture something, I can use my cellphone even if print-screen is not working.
fifticon · 32d ago
Interesting how this will stop me from taking a picture with my mobile phone. The amount of effort people will go to, to make people's work more cumbersome. I am not screenshotting for espionage, I am screenshotting to accomplish my job.
alabastervlog · 32d ago
And the phone’s what I’d be using to exfiltrate anyway. I’d only screenshot on the work device for work purposes.
grapesodaaaaa · 32d ago
100% this. If I have something juicy I want to show my wife about how they’re messing up our 401k’s, etc. I take a phone picture so that there’s no record of it happening on the official device.
Microsoft doing this is a huge waste of time other than catching the bottom 5% of people doing something like that.
I just want to add that my company has our stuff so locked down, that it’s easier for me to take a phone pic, transcribe the code with ChatGPT, fix the issue on my personal machine, then type it back into the work laptop for some issues. It’s absurd how businesses want to control everything to such a degree that 1) there are now these crazy, leaky workarounds, and 2) it’s to the detriment of people actually getting stuff done for the business.
Aurornis · 32d ago
It’s not literally every Teams meeting.
It’s an option the presenter can turn on when needed.
If you need the data from the presenter to do your job, presumably you’d contact them and ask.
Frost1x · 32d ago
I don’t know about you but sometimes it’s some small piece of information that isn’t worth contacting the presenter about. I need to call or craft an email, be polite and come up with some nonsense greeting maybe for a bullet point or two or a string I don’t want to rapidly shift focus to duplicate by hand. Then I have to sit around and wait for a response where they have to do the same, and I’m definitely not their priority.
Businesses want to control everything, so this will become a common default for people to use. It’ll be embedded in all sorts of company policies and I wouldn’t be surprised if Teams clients in some corporate domain can set it as a default option to help promote the policy (by default block screenshots on all our presentations to reduce liability risks).
If it’s like a paper, some data advertised, or some significant work that’s when you generally want and need to contact the author.
Aurornis · 32d ago
> I don’t know about you but sometimes it’s some small piece of information that isn’t worth contacting the presenter about. I need to call or craft an email, be polite and come up with some nonsense greeting maybe for a bullet point or two or a string I don’t want to rapidly shift focus to duplicate by hand. Then I have to sit around and wait for a response where they have to do the same, and I’m definitely not their priority.
So it’s something critically important for you to get your job done, but also something that’s not worth writing a couple sentence e-mail about, but also going to block your work while you sit around and wait all day for it?
Communication is the foundation of any office job. If you’re in a meeting with these people, just ask in the meeting? If you can’t, send an email during the meeting and you haven’t lost any time. It’s really not as hard as you’re trying to make it sound.
I generally discourage people from using ChatGPT for office communication, but to be honest if writing a simple e-mail request to get something you need for your job triggers this level of overthinking, you might benefit from letting it at least draft the email to get you started and past the analysis paralysis.
IshKebab · 32d ago
No he didn't say it's critically important. I don't know why you're being obtuse about this. He's 100% right.
lolinder · 32d ago
> I need to call or craft an email, be polite and come up with some nonsense greeting maybe for a bullet point or two or a string I don’t want to rapidly shift focus to duplicate by hand. Then I have to sit around and wait for a response where they have to do the same, and I’m definitely not their priority.
This is not a problem with this feature, this is a problem with your office's expectations surrounding communication.
At my workplace this exchange looks like a slack message along these lines:
> Hey, can I get a copy of the info from side 10? I'll use it for $X.
sureIy · 32d ago
> presumably you’d contact them and ask
Hey sorry to interrupt you but you blocked screenshots so please send me this frame. Also don't mind me I'll stop you again in 65 seconds.
lolinder · 32d ago
> I am not screenshotting for espionage, I am screenshotting to accomplish my job.
This is literally the threat model that this feature is protecting against: it gives presenters a way to say "no really, when I say don't record I mean don't record". If people end up overusing it at your company, that's a problem to address with them, but I can totally imagine use cases where you would want to turn this on just as an added precaution against accidental but well-intentioned misuse of the visual aids in a private presentation.
This isn't to protect against corporate espionage, it's to give presenters the option to be a little bit more clear about their expectations of confidentiality.
Aeolun · 32d ago
No, no, what they’re doing is making it harder for me to work around their (inevitably misplaced) expectations of confidentiality. This is one of those things that will be misused to hell and back so we’re better off not having the feature at all. It’s existence is a net negative to corporate employees everywhere.
kenjackson · 32d ago
The other commenter is right. Same reason I use DRM email. It’s not that I’m stopping espionage, but reminding folks that this message shouldn’t be distributed to others.
zvr · 32d ago
Some people also use formats like PDF or images instead of editable text or slides for exactly the same reason.
It's not that they can't be modified, but it's an indication that you're not supposed to.
mingus88 · 32d ago
That was my first thought also.
I suppose if the presenter wants no screenshots they’d also want cameras on and you’d have to be pretty sly about using your phone.
Either way, dumb. The analog hole can’t be closed.
0cf8612b2e1e · 32d ago
Duplicate screen to another monitor outside of view of the camera is the low tech solution. The better one would be to get a HDMI splitter that can plug the feed into something to make a digital copy.
dullcrisp · 32d ago
Sounds like they’ll want to disable the camera controls next.
Derbasti · 32d ago
Could you trivially circumvent this by running Teams in the browser?
avs733 · 32d ago
>to Android, desktop, iOS, and *web users* worldwide in July 2025.
miniBill · 31d ago
... how?
greycol · 31d ago
Basically by enabling drm (widevine). For the browsers/configurations that people knowledgable about browsers use for anything but streaming they'll force audio only mode and pretend that it's an acceptable solution.
constantcrying · 32d ago
Not relevant at all.
This is like a watermark on a PDF. Not some impossible to circumvent security protocol.
queuebert · 32d ago
What's to stop me embedding a pinhole camera in the lamp behind me, zooming it in on the screen, and recording every meeting?
These kinds of measures only stop the good guys from doing their jobs. The bad guys put way too much effort into espionage for this to work.
Aurornis · 32d ago
I love all the comments imagining complex technical workarounds while skipping right over the obvious workaround of using a smartphone camera to take a picture of the screen (which was mentioned near the top of the article that everyone read, of course). Modern camera phones are wide angle enough that it’s not hard to grab a shot of the monitor out of frame.
> These kinds of measures only stop the good guys from doing their jobs. The bad guys put way too much effort into espionage for this to work.
This is for preventing casual screenshots and reminding average office workers that meeting content is sensitive. It’s not an iron-clad tool for defeating dedicated espionage involving hidden pinhole cameras.
There have been similar arguments for ages about how if something isn’t iron-clad perfect protection then it’s pointless, but in the real world making something more difficult actually makes people think twice and stops most of the people who would casually do it.
See for example Snapchat’s screenshot notifications. It’s well known that there’s an elaborate way to circumvent it. However the fact that it takes a lot of work and there’s a risk of getting caught trying really hard to deceive the other party is enough to make most people not want to risk it.
RajT88 · 32d ago
Exactly right. The great firewall of China is another example - of it blocks 60% of people from outside content it is probably "good enough for government work".
7bit · 32d ago
Thank you for this. I'm honestly baffled about the quality of other hackers' comments on this topic. Many of them take the feature as a personal attack where it simply is an additional layer of protection against accidentally leaking confidential information. Then making statements that this prevents people from working, where they did not understand that taking screenshots from meetings where this is enabled is not working, but violating work guidelines. When the presenter enables this, they want people to not take screenshots.
This whole comment sections is honestly ridiculous.
SarahC_ · 32d ago
I bet it streams the video like a protected HDMI movie... so the video stream isn't part of the WDDM's Team's Window - but placed on top of it.
Interestingly that can be overcome by moving the video just a little between two screens, which reverts it back to a WDDM surface. =D
Or TWO monitors, with "Duplicate" selected, and a camera recording the second monitor under the desk.
to11mtm · 32d ago
> Modern camera phones are wide angle enough that it’s not hard to grab a shot of the monitor out of frame.
Pedantic correction:
'grab a shot of the monitor out of frame of the webcam of the person wanting to take screenshots of the meeting'.
First time I read it I was somehow imagining breaking of laws of physics lmao.
I suppose the biggest irony of this is, most of the shops that might want to enable this are already so sloppy that they half expect folks to screenshot teams presentations for notes later.
WorldPeas · 32d ago
Or… y’know having a HDMI capture box with a trigger pedal.
whatwhaaaaat · 32d ago
Doesn’t hdcp take care of that? 720p over component sure but hdmi has protection for this.
The vendors of the camera have the same interests of the vendor of the software. It is just a matter of time until the software watermarks the video and your camera automatically stops recording.
Users have to resort to (exclusively, if possible) open source tools.
matheusmoreira · 32d ago
The real solution is democratization of manufacturing. We need the ability to make our own hardware, our own computers. Then we won't need to suffer the silly policies of corporations.
rolph · 32d ago
the Analogue hole Will never Die
globular-toast · 32d ago
It's not technically currently dead, but running a film movie camera pointing at your laptop during a Teams call is a bit out of reach of most. Even movies costing millions of credits are not shot on analogue any more.
Can you manufacture film yourself? Know anyone who does?
It could start with quietly making the essential chemicals in film production and development "controlled". Then you might need a licence to do analogue photography. Eventually even the last few analogue photographers either die or switch to digital due to the increasing impracticality of analogue. Then the film companies stop making it, then you make it illegal for them to start making it again. You've now killed the analogue hole.
Maybe you're hoping it would be futile like the war on drugs, except there's actually demand for drugs. I can't imagine dealers suddenly stocking up on illegal film for all the people wanting to capture stuff from their Teams calls.
immibis · 32d ago
They tried to. They tried to make cameras illegal. Remember that?
Do you use netflix?
Maybe similar when taking a screenshot there you end up with black where the video is playing
I can totally imagine that they will do something similar,so I guess it's pretty simple to implement if done like that
dist-epoch · 32d ago
I'm pretty sure you can use some HDMI capture device to do that easier.
constantcrying · 32d ago
Totally irrelevant. This is there to protect an organization from itself. Think of it as a watermark on a PDF.
It exist to make the easiest way impossible and to tell participants that the content should not be shared by them.
rchaud · 32d ago
That's the equivalent of sitting in a movie theater with a camcorder. Not important enough to bother crafting a solution for.
CorrectHorseBat · 32d ago
I would say it's completely different. A camcorder movie has bad quality, most people would rather pay for a good quality movie than a free camcorder one.
For sensitive data on the other hand quality doesn't matter as long as it's readable.
SoftTalker · 32d ago
Plenty of people would pay to watch a camcorder copy of a new release film rather than pay the cost of taking the whole family to the theatre. That’s why it was commonly done. Now you just go online.
6stringmerc · 32d ago
But if it makes Microsoft’s claim untenable then it’s worth noting that security is only limited…a sweeping generalization that “screen capture is blocked” isn’t really valid anymore.
Making something more difficult is okay to claim in my view, but trying to over-state capabilities or security concerns is problematic.
kyriakos · 32d ago
This kills teams for Linux users since there is no desktop client so capturing can't be prevented. Linux users will be audio only in those calls.
The worst thing about this feature is that if someone takes a screenshot it will be saved on an IT controlled computer but if users are forced to snap screen caps with their phones the sensitive information ends up on personal devices and probably cloud synced to Google drive etc
codingdave · 32d ago
At some point, you need to trust your staff. If you do not trust them to keep confidential information private, then why are you giving them the information in the first place?
Aurornis · 32d ago
I have some friends who work in a medical facility. They get an extreme amount of training on patient privacy laws and constant reminders not to get sensitive patient information on to their personal devices.
Despite the intense training and constant warnings, it happens constantly. And that’s just the cases they know about and address.
You have to be able to trust your staff, but you also have to be realistic that any organization at scale will have people who either don’t care or don’t think and it happens frequently.
leovander · 32d ago
Extreme amount of training? More like once a year online HIPAA test that everyone blows through with the occasional CISO phishing campaigns that at least one person fails.
hedora · 32d ago
In the US, medical privacy laws serve exactly two purposes:
1) Prevent the patients from suing after a data breach or intentional sale of their medical records, regardless of negligence.
2) Transfer as much money as possible from health care to privately owned businesses in the compliance industry.
Very few computer security lessons from that industry generalize to other parts of the economy.
MattPalmer1086 · 32d ago
People make mistakes. Why not put a simple control in that doesn't get in the way of any legitimate use?
Aachen · 32d ago
The mistake being, what, accidentally sneezing onto the printscreen button so hard it depresses?
This isn't the same as leaving a tool in someone; making and misplacing a screencap take active doing. If your meeting participants actively want to put data where it doesn't belong, the solution isn't accident prevention
MattPalmer1086 · 32d ago
The mistake being to intentionally take a copy of something confidential, because you forgot it was supposed to be confidential. People do things like this all the time.
It's essentially a guardrail. It can be easily circumvented if someone was being actively malicious.
mingus88 · 32d ago
You can’t really sniff out disgruntled employees until they act on it.
rf15 · 32d ago
maybe if your employees are disgruntled and feel like they can't talk to you about it you are shit at your job
Traubenfuchs · 32d ago
I had aggressively disgruntled colleagues that couldn‘t deal with being fired, having 3 month notice period and 2 extra salaries and called the CEO names via anonymous all hands meeting.
Many people are babies.
7bit · 32d ago
This is a very weak argument.
jchw · 32d ago
This is of course, incredibly stupid, due to the analog hole (which to be fair, is mentioned in passing by the article, but doesn't seem to be addressed at all by MS*.) Having this feature just guarantees it will get used, and possibly made into a standard compliance theater feature, hurting legitimate users for very little practical gain.
The only real practical gain is that it might prevent malware from being able to capture visible data, but what's funny about that is one of the desktop systems that can prevent unwanted screen capture by design (Wayland) also intentionally doesn't have any support for DRM/HDCP features, so it will likely be stuck on audio-only mode. High five, Microsoft!
* I wanted to go to the source directly to check if maybe they just left it out, but the link that they currently have seems to be non-sense. It seems to point to something about "Co-pilot" audio transcription. In Romanian, for whatever reason.
Most folks know this is easily defeated typically by viewing the content on another device (eg via casting it, remote desktop, phone mirroring, etc) or viewing it from within a VM, and then using the native screen capture functionality on the viewing device to record/screenshot whatever you need.
That being said - guessing they are doing this for their enterprise customers mainly, where alot of those other options are locked down. But plenty of people already know to just record their screen from their phone anyway - impossible to block that and much safer way to exfiltrate whatever info/data you need.
johnnyo · 32d ago
> This feature will be available on Teams desktop applications (both Windows and Mac) and Teams mobile applications (both iOS and Android)."
Seems like it’s even easier, just join the meeting via browser.
I’m not familiar with a way to enforce this type of restriction in the browser.
to11mtm · 32d ago
From the Article, if only to be pedantic enough that I agree with 'yes a browser might work'
> The company plans to start rolling out this new Teams feature to Android, desktop, iOS, and web users worldwide in July 2025.
OTOH we will see if there's any type of weasel-wording on whether browser is in fact non-supported (i.e. will go to audio-only mode.)
The other possibility, is that every 'supported' platform has some form of DRM that results in the functionality working even on browser (just thinking out loud about DRM functionality possibilities) means Windows/MacOS/Android/iOS all work but everyone else is out of luck.
asadotzler · 32d ago
Browser DRM like WideVine and PlayReady do the enforcing
dheerajvs · 32d ago
I've disabled DRM on my Firefox browser.
Sheesh, we've come to a state where browsers can no longer be referred to as "user agents".
kccqzy · 32d ago
Really? I didn't know it was possible to use DRM like WideVine for peer-to-peer video.
adolph · 32d ago
Teams is going through a central server and bouncing it out to participants, right? Not p2p.
SoftTalker · 32d ago
I thought Teams was a reskin of Skype so whatever they used to do…
pests · 32d ago
Same way Netflix does I’m sure.
rvba · 32d ago
The things you mention are a dream for most corporate employees, where everything is locked on their computers.
They will just make photos using their phones.
sureIy · 32d ago
"Easily" is temporary. There's already zero way to capture protected pixels on iOS. Cabled mirroring, screen casting, airplay, they're all blocked. Messaging apps are capitalizing on this with "screenshot protection for temporary media". Netflix has been doing it for ages. Jailbreak? Detected and blocked as "insecure device"
Maybe you can do it on not-iOS, until your insecure setup will be blocked by the server. Cat and mouse until there's 3 mice in the whole world.
tstrimple · 32d ago
Ran into this “feature” this week. So instead of grabbing a screen cap from my VDI I have to grab it from my primary OS and then email myself the image to cross that corp “boundary”. They recently disabled copy and paste between my computer and the VDI session as well.
tylerhou · 32d ago
Wouldn’t HDCP prevent viewing content on another device? I assume that is what technology they would use to implement this.
mindcrash · 32d ago
That's quite unfortunate because due to a screen capture through Snipping Tool I got evidence of my org planning to fire me before even making announcements through a shared PowerPoint deck with a slide containing a org chart which shouldn't really be there at the time in the Teams meeting.
So from a employee POV it has its uses.
But people who will get in the same situation like me could simply use the camera on their phone pointed at the screen and be done with it, I guess.
adrr · 32d ago
I would always screenshot people's desktop/email when they started presenting, lot of people dig up decks in their email or they share their full desktop. Emails are useful especially when dealing with a vendor to see what other customers they are dealing with.
asadotzler · 32d ago
use your smartphone's camera next time. that puts the evidence on your device rather than your company's device.
tonetegeatinst · 32d ago
The workaround that Microsoft is officially supports but isnt mentioning it.....is using microsoft recall.
svaha1728 · 32d ago
Yes. Don’t take a screenshot of your teams meeting, you aren’t trustworthy. We will block that while we take a screenshot of everyone’s computer every couple minutes and run an LLM on it.
TiredOfLife · 32d ago
When Microsoft announced Recall they explicitly mention that it won't record drm video. Won't record private Browser windows. Will have configuration for what apps/windows to exclude.
sureIy · 32d ago
What makes you think that userspace software can bypass userspace restrictions?
Any and every screen capture app will show a blank or a replacement screen for the restricted area.
wmf · 32d ago
Why would Recall be allowed to screenshot DRMed content?
TiredOfLife · 32d ago
It wouldn't, but nobody criticising Recall uses Windows or had read the announcement
drawfloat · 32d ago
Because Recall would lose its entire purpose if it cannot recall any of your working day.
dustbunny · 32d ago
Yeah maybe this is a way of preventing anyone else from creating a copilot competitor
Hilift · 32d ago
Does psr.exe no longer take screenshots?
whstl · 32d ago
A former colleague was harassed for a months on end a boss and used screen recordings to prove it to HR.
Not surprised at all that MS is doing this.
neilv · 32d ago
> Those joining from unsupported platforms will be automatically placed in audio-only mode to protect shared content.
Is this anti-competitive and anti-open-standards?
deadbolt · 32d ago
Good to see Microsoft returning to their roots /s
bob1029 · 32d ago
Any security feature that can be totally defeated with a spicy HDMI splitter and a 2nd computer should not exist.
This stuff looks much more to me like "fuck the user" than anything else. I am 100% convinced there is a cult of evil bastards at Microsoft, et. al. that is hellbent on making everyone's UI/UX as janky as possible.
Xelynega · 32d ago
Yea, this sounds like "Microsoft teams no longer supporting video on Linux and old versions of mac/windows" more than anything
throitallaway · 32d ago
Yep, joining Teams meetings from a browser on Linux is a flaky experience at best (despite Meet and Zoom working fine.) I'll happily send back a Google Meet invite to anyone that invites me to a Teams meeting.
shim__ · 32d ago
Sounds like an good reason to turn down invites with an Teams link
timewizard · 32d ago
My complete guess would be a legal team asked for this. You can easily imagine several scenarios that would prompt them to seek out a feature like this.
I think this because our company recently enforced a 2 year mail deletion policy on all mailboxes for "legal reasons." Which were "we don't want stuff to show up in discovery if we get sued."
maxloh · 32d ago
They could just integrate Web DRM APIs like Google Widevine, Microsoft PlayReady, and Apple FairPlay, as both of them are integrated into the operating system and only work with a supported monitor. An HDMI splitter would likely not pass the test.
Streaming services like Netflix and Disney Plus use these APIs to protect their content as well.
flutas · 32d ago
That's why OP mentioned a spicy HDMI splitter. HDMI splitters are allowed to break HDCP, which means that protection doesn't really matter.
I use a setup like this frequently for work to demo our Android TV based apps with full content even though it all has DRM applied. Always leads to a "how did you get this footage" line of questioning for anyone who knows that we use DRM.
rthnbgrredf · 31d ago
How about a Camera directed at the screen, from an angle not visible by your webcam?
constantcrying · 32d ago
No. It is there to protect an organization from itself. It tells the participants that the content should not be shared by them.
It is essentially like a watermark in a PDF. It can be trivially defeated, but that isn't the point.
Like Google collecting all of our location history for their own usage, but not allowing us to see it via web anymore (only on mobiles), or having the android dialer not allowing us to record our own phone conversation (easily circumvented), or movie/music/game publishers not allowing us to backup our own media… you get the point.
All these are due to laws and regulations that are there to protect the big companies and don’t take into consideration users and the common sense ;-)
This feature is not due to laws and regulations.
The user in this case is the presenter who clicks the button to enable screenshot protection on their meeting. This is Microsoft trying to deliver a feature their users want, not laws and regulations making them do something their users don’t want.
It is security theater at its peak.
* Naive screencaps are much less traceable to the leaker than a naive photo is. Yes, someone can strip out EXIF data, but we've seen over and over again that they generally don't. And even without EXIF a naive framing on the photo is more likely to expose information about the location or identity of the person who took it.
* A photo of a webinar is going to (barring serious postprocessing) look much less official and be less legible than a screenshot, so the use cases for illicit captures are going to be fewer. Few people are going to try to take a phone photo of the top-secret meeting and use the slide in their next team all-hands, but many might forget the rules and than snap a screenshot really quickly for later use.
* Just having the ability to block the easy method of screen captures helps avoid cases where the person doing the capturing isn't actively malicious, just ill-informed. If a normal employee attempts a screenshot and is reminded they're not supposed to do that, they're not going to pull out their phone to take a photo, they're going to say "oops" and move on.
Yeah, there are threat models that won't be stopped here, but most of corporate InfoSec is wrapped up in protecting against pretty lame threat models that would benefit from this—mostly uninformed/ignorant employees screwing up without intending to be a threat.
Perhaps someone will find this useful ...
Not sure what "support" you expect for unsupported clients.
It's definitely not true that this feature breaks support for devices not owned by the manufacturer. The follow on question about whether all possible web clients / operating systems would be supported, I don't know. The article just says that web is supported.
“Web is supported” in this instance just means “the web, but only when mediated by google, microsoft or apple”, which is not the web as far as I'm concerned.
They also can prevent honest people from gathering proofs to cover or defend themselves: abusive boss, illegal requests, harassment...
I don't mean to pile on but, you wouldn't use post processing, you would just take the information out of your screenshots and make a new slide deck if you wanted pass it off as official.
Like running windows in a VM or using an HDMI capture card. And are they going to break running teams meetings when using moonlight etc. with this? If you are OBS capturing during the meeting does it get blacked out or just breaks your recording?
This is primarily about blocking accidental leaks by regular employees who were asked to not record but ignored it. This kind of reuse of content happens all the time in companies of any significant size and isn't entirely stopped by simple requests or watermarks. This tool gives companies one more option to protect against this very lame and boring but also very real threat.
i think this should not be possible to be asked.
For example, an employee might want to record to cover their own ass (e.g., if being asked to do some morally questional things, which the employee could record then use as protection against the company going back on their word).
Having the ability to _control_ whether an employee can keep records independently of the company only serves to move more control away from the employee.
I think you're seriously overestimating regular employees. A significant number of people will send you smartphone pictures when you ask for a screenshot - why would they suddenly start looking into on-device screen capture when taking a picture or video of some random presentation?
People know it’s not perfect. However, raising the bar discourages the spontaneous captures that people might try out of habit.
This feature provides value because it increases friction. It won't stop really determined and motivated users from leaking, but it'll make leaks, especially accidental leaks / those due to hacks, a lot less common.
The same applies to DRM, "security by obscurity", social media post editing / deletion, dark patterns, loss leaders, promotions and coupons, the list is endless.
If your user is a perfectly rational being with infinite time and infinite tech savviness, the proverbial "spherical cow", those features make 0 sense. Just like spherical cows, though, those users don't actually exist, and so friction matters.
That doesn't mean friction is infinite, though. It's too easy to overestimate it and fall into the trap of thinking that "users won't bother doing this, it doesn't matter if this combination of actions loses us money, it's too bothersome", and then get very surprised very quickly.
I don’t underestimate friction, I just know even my grandma would reach for her camera for a picture of her screen and she doesn’t even know what a screen capture is. It’s a stupid feature that doesn’t create friction, it just encourages users to take an untraceable action.
I would FAR prefer recording who took a screenshot than blocking it as a presenter.
The friction pushes the flow into something even worse — while not actually changing the behavior.
It would be surprising if Teams does not already capture that kind of event in its user activity event trail[0].
The amount of privacy-invasive capturing and reporting that Teams does is so staggering that it can probably rival surveillance that of North Korea on its own citizens.
[0] https://learn.microsoft.com/en-us/microsoft-365/admin/activi...
Everyone knows this. You don’t need this survey (which surely was a real thing that actually occurred and not something you just conveniently imagined for this argument, right?) to tell you that.
It’s literally written in the linked article.
We know. There are ways around it. But it’s friction, and friction has value. People know it’s not perfect, but it’s another reminder that people aren’t supposed to be doing it.
It’s a solution searching for a problem it can’t solve.
Friction implies you’re stopping a user from taking an action they consider the easiest way to solve the problem. Since you think I “invented” the survey, I invite you to ask all of you non technical friends and family how they would go about capturing an image of their computer screen if they needed to quickly show you a copy of what they’re looking at.
I absolutely guarantee you that taking a picture with their phone will be the winner by an order of magnitude.
No comments yet
Yes, somebody who's clever enough would keep the camera away from view, and maybe would try several times first to hold it in a way that gives a good view of the screen, etc. But this is out of scope, it's a clear malicious intent, when we could expect much more sophisticated means.
Either the information your are sharing is sensitive, or it is not. Applying friction to your colleges is just making their jobs more difficult.
The friction here is on the "unwanted" path, and in a way provides "lube" (less thinking and care) for the correct security posture.
No comments yet
The people using this feature aren’t going to imagine it as 100% protective against any and all possible methods of exfiltrating data. It’s a feature for discouraging casual data capture and dissemination. It serves to remind people doing spontaneous captures that they aren’t supposed to, but everyone knows a dedicated person could find a way to get that photo if they really, really want.
That doesn’t make it useless. Every time you raise the level of difficulty for accomplishing something, a percentage of attempts are thwarted or discouraged. As it turns out in the real world, raising the bar even a little tiny bit is effective in thwarting or discouraging the majority of attempts across the average user base. You’re not defeating the dedicated attackers, but you’re reducing the overall number of successful attacks and even attempts.
The same is true for things like the office firewall blocking websites: Yes, we all know a dedicated engineer can create a way around it, but it’s going to stop most employees from getting to those sites and serve as a reminder to others that they’re not supposed to access them.
For the love of God, please show an iota of acknowledgment that this could just be a matter of personal taste, instead of immediately resorting to such absolutist statement. It’s very telling that your portrayal of “I don’t like this” is “this is surely unbearable for anyone that does the sort of work that I do. Anyone that makes this work for them is doing this OTHER class of things”. And I’ve got absolutely zero doubt that you consider the things that you listed as being ‘lesser’ than your ‘real computer work’.
Casual is much easier with a phone. In Windblows to capture the screen you need to press print screen, then go to paint -> paste then save it. Paint cannot have 2 images open at the same time.
Win-Shift-S
I regularly, as do many of the people here, join meetings from my phone. I often do so so I can squeeze a run in. I especially do so in the types of all hands or large meetings where I’m in listen only mode and things are shared that would be hard to trace back to any individual in the room.
I’m not carrying a second phone to take a picture of a slide - but I regularly take screenshots in those meetings to remind myself of something or to show someone when bitching.
The relevant xkcd here is decryption by wrench (538) - the problem being solved is not battling 1337 hackers, it’s herding normally distributed loan officers at a mid regional bank.
I am not so masochistic.
I'm an example of that threat. I'm a freelancer who often has video calls with new clients. Sometimes I surreptitiously screen cap demos or presentations. It would be very difficult to use a phone that way without breaking the conversational flow.
Other supposed workarounds would require much more preplanning. Like I'd need to know that there was something worth capturing.
HDMI capture with passthrough is $20.
OP did mot solicit or show that there would be any value in people listing ways that one could circumvent this with preparation.
We all know. You aren’t adding anything to the discussion. Nerds love ignoring the cost of human effort if it gives them an opportunity to show that they know something.
There are lots of arguments I find convincing for this being effective. But not OP's. OP is saying they already do these recordings regularly, but "preplanning" would stop them? No way. They already did all the necessary preplanning by the time they finished typing their comment.
Preplanning could be meaningful for other people, but not for them and people like them.
I only mentioned price to make it clear that the level of effort to make the purchase falls within the level of effort they have already established.
I have a systemd timer that clean files older than 24h at startup because the point is not to archive content without consent.
If I ever can't do that I would just use an usb3 screen capture card and record from a second device.
This feature would help make that less likely to happen accidentally or “accidentally.” It wouldn’t stop deliberate leaks but that’s a different problem.
When we did his exit interview he admitted he just wasn’t thinking. He did it all in a couple minutes while in the meeting. Something like this would have stopped him in the process and made him remember that the content was sensitive.
Don’t underestimate the diversity of the people watching zoom meetings. It’s not all engineers with elaborate screen capture setups prepared for the express purpose of recording meetings.
If someone was going to do something dumb like that I wouldn't want them to keep their job now instead simply because the software prevented them from doing something so dumb or dangerous.
People do dumb things. The fact that it won't prevent a determined attacker isn't the point.
A big DRAFT watermark tends to clarify that far more easily and obviously.
:-D
If you wanted video just have the device positioned outside the field of view. Laptop cameras fov is very narrow.
For every 100 people who might decide to take a screenshot during a teams meeting, I doubt there’s 1 person who has all that equipment set up and ready to go. You don’t need to make something 100% effective to get a benefit from doing so.
My company recently configured Slack for mobile to disallow copying text.
It’s all about diffusing that responsibility.
Yeah, if you've got corporate espionage going on this isn't going to stop someone from lifting your slides and taking them elsewhere. But the most common culprit of corporate information security violations isn't a spy, it's a well-meaning employee who didn't hear, remember, or correctly interpret the request to not record the meeting.
Blocking the most common way in which this kind of well-meaning but ill-informed employee would break the expected security rules does work. It's just getting flak here because people are imagining a much more exciting threat model.
It probably works as well as the company firewall blocking sites or the data exfiltration detection blocking companies from being stolen.
Everyone knows they’re not perfect and can be defeated by a sufficiently motivated attacker, but in practice they stop most casual attempts and discourage others.
Why do you think they can't prevent on-device screenshots/screen recording can't be prevented when you control the entire stack?
These aren't the use cases that really matters. What matters is the common case, and it's not about deterring honest folks. Honest folks aren't recording.
This is really a lesson in security blind spots. The number of people that are trying to "get around this" assuming that's the issue.
Edit: I'll make it simple. It will work because honest people aren't trying to get around it. But, they could still expose data they shouldn't. This helps prevent that. Again, a camera is enough to prove it doesn't need to be 100% perfect (and probably more honest considering screenshots can be faked).
So, instead of trying to think of how you can exploit, think of all the ways this private information can get out when it shouldn't and the people on the call aren't trying to release it. Work through that, and see where you get.
I think this makes the counterargument even stronger.
Let's take for granted that this isn't intended to stop a determined leaker and is just meant to prevent honest, unintentional mistreatment of sensitive data.
The question is whether the false positives outweigh the true positives. This feature will impede people from getting things done in subtle but annoying ways (making it more difficult to take notes, hurting accessibility, etc). It's likely that when this is widely deployed, many big orgs are going to overuse it and enable it as a matter of course to prevent liability. Those scenarios where honest people are blocked from doing honest things for which there's no harm are the false positives in this scenario -- there was no need to prevent those scenarios, but they were prevented anyway.
Now consider the true positives: we've agreed that intentional malice is not covered by this feature, and so the true positives are limited just to the smaller subset of scenarios in which honest people unintentionally mistreat sensitive data, and don't include any scenarios where data is being intentionally leaked.
I suspect the number of scenarios that fall into the false positive category will be much greater than the number of scenarios that fall into the true positive category, especially so after intentional malice is excluded. So is this really a net win for anyone?
Honest folks who want to be able to cover their ass later on are.
Honest folks who are working for dishonest people and are planning to be a whistleblower are.
Honest folks who have Recall on are. Possibly against their will if they haven't found out how to turn it off, or it's a work machine where they're not allowed to do so. Maybe they're not if Microsoft actually has enough interdepartmental communication for the "no screenies please" signal to make it all the way to Recall. It'll be hilarious if they don't.
Think about it - if you’re in a life or death situation, you won’t hesitate. Your gun is right there, and it’s there so you can use it. But if the situation doesn’t feel dangerous, the image of having to fill out 3 pages of paperwork justifying your actions is enough to make you hesitate. It’s weaponised bureaucracy. It’s like - there’s an ideal amount of friction for some actions to have. Pulling your gun out should have some friction to it. The choice should have weight.
I see this in just the same way. If the presenter doesn’t want their presentation recorded, there should be some friction to recording it anyway. It shouldn’t be impossible to record. But it shouldn’t be as easy as just taking a screenshot in windows.
Just like that cop with a gun, there should be the right amount of friction for recording a meeting against the wishes of the presenter. How many pages did the cop have to fill out? 3 pages. Not zero. Not 100 pages. How hard is it to record a meeting despite this protection? It’s doable - you need an hdmi capture card, or a camera out of shot, or something else. You probably need to set it all up before the meeting. And so on. It’s not impossible. But it’s not trivial either. That sounds just right to me.
Yes, it will not be capturable. If the VM is not secure it will not display it.
>VNC
The VNC server will not be able to capture it.
I just fired up a linux vm, and hit play.
If this thing actually breaks machines that don’t have a properly configured hdcp chain, it’ll create insane “this meeting is broken” debugging scenarios.
Also, hdcp is trivially bypassed these days (if, for some reason a camera phone recording of the damning meeting isn’t enough, and a perfect digital copy is needed…)
Old versions of it.
Edit: But yeah, nothing to say why it can't work. So, yeah.
Asking participants not to screen record or take screenshot was standard practice at every company I’ve worked at where we discussed anything like financials or sensitive business plans.
Many people still take screenshots of things they think are useful. Things still get shared though emails and occasionally posted on social media.
I have worked with various secure chamber VPN and VNC systems that make it quite difficult to record or screenshot. These are companies where their IP is worth billions of dollars and everyone wants a piece of it. It's difficult enough that it's not worth the effort to try and work around it. The rare time I really need something for debugging, I'll take a photo with my cameraphone, but it rarely comes to that.
Because it's that much harder, I record a lot less of it. Likewise for all the other engineers I work with. Friction won't stop it entirely, but it will make it far less frequent.
That you think the only attack vector here is a 3rd party device means you haven't really considered everything. Consider screenshots that might happen for many reasons, including malicious software, or even normal software someone might be using, and accidental exposure.
Information hasn't leaked because people didn't bother to leak it, not because of your security measures.
I mean, if HR says they won't make an accommodation because they think you're faking your disability than it's as if it never happened. Less transparency always benefits the immoral.
And this type of stuff does happen. A lot. We don't hear about it because:
1. Companies have gotten really good at just covering their tracks, like this.
2. It's a lot of effort to fight back and it's almost never worth it. You pretty much need baby killing material for someone to whistle blow. Lowly transgressions like discrimination aren't worth the effort.
I thought after Blizzard this would be a sort of wake up call.
people who used to take screenshots will now resort to taking screen pictures with their phones. this means microsoft teams is incentivizing everyone to 'leak' content outside of corporate networks.
creating a unworkable 'secure' system causes ordinary people to to go around the security to get their job done. which makes everything less secure in the end.
Startup idea: i-Secure. Your camera can only take/show photos of approved targets. All photos will be analyzed for safety. Unapproved/Unlocked camera devices from China are now illegal.
Nobody forces them to make a presentation. They can always spend their time doing something else.
Because if we shut it all down, a huge chunk won’t start up, and humanity gains huge amounts of electricity generation back, but somewhat more importantly: maybe we could stop carrying smartphones!
(This is mostly in jest, here’s a “/s” for those who can’t tell)
Stop making up laws and regulations that dont exist.
Well, is there a reliable way to circumvent it without using a separate device? I cannot find anything that would just work on Android and not be paid.
Or, you know, just take a picture of the screen with your phone.
Or record the session, or film it, etc etc etc
Microsoft doing this is a huge waste of time other than catching the bottom 5% of people doing something like that.
I just want to add that my company has our stuff so locked down, that it’s easier for me to take a phone pic, transcribe the code with ChatGPT, fix the issue on my personal machine, then type it back into the work laptop for some issues. It’s absurd how businesses want to control everything to such a degree that 1) there are now these crazy, leaky workarounds, and 2) it’s to the detriment of people actually getting stuff done for the business.
It’s an option the presenter can turn on when needed.
If you need the data from the presenter to do your job, presumably you’d contact them and ask.
Businesses want to control everything, so this will become a common default for people to use. It’ll be embedded in all sorts of company policies and I wouldn’t be surprised if Teams clients in some corporate domain can set it as a default option to help promote the policy (by default block screenshots on all our presentations to reduce liability risks).
If it’s like a paper, some data advertised, or some significant work that’s when you generally want and need to contact the author.
So it’s something critically important for you to get your job done, but also something that’s not worth writing a couple sentence e-mail about, but also going to block your work while you sit around and wait all day for it?
Communication is the foundation of any office job. If you’re in a meeting with these people, just ask in the meeting? If you can’t, send an email during the meeting and you haven’t lost any time. It’s really not as hard as you’re trying to make it sound.
I generally discourage people from using ChatGPT for office communication, but to be honest if writing a simple e-mail request to get something you need for your job triggers this level of overthinking, you might benefit from letting it at least draft the email to get you started and past the analysis paralysis.
This is not a problem with this feature, this is a problem with your office's expectations surrounding communication.
At my workplace this exchange looks like a slack message along these lines:
> Hey, can I get a copy of the info from side 10? I'll use it for $X.
Hey sorry to interrupt you but you blocked screenshots so please send me this frame. Also don't mind me I'll stop you again in 65 seconds.
This is literally the threat model that this feature is protecting against: it gives presenters a way to say "no really, when I say don't record I mean don't record". If people end up overusing it at your company, that's a problem to address with them, but I can totally imagine use cases where you would want to turn this on just as an added precaution against accidental but well-intentioned misuse of the visual aids in a private presentation.
This isn't to protect against corporate espionage, it's to give presenters the option to be a little bit more clear about their expectations of confidentiality.
It's not that they can't be modified, but it's an indication that you're not supposed to.
I suppose if the presenter wants no screenshots they’d also want cameras on and you’d have to be pretty sly about using your phone.
Either way, dumb. The analog hole can’t be closed.
This is like a watermark on a PDF. Not some impossible to circumvent security protocol.
These kinds of measures only stop the good guys from doing their jobs. The bad guys put way too much effort into espionage for this to work.
> These kinds of measures only stop the good guys from doing their jobs. The bad guys put way too much effort into espionage for this to work.
This is for preventing casual screenshots and reminding average office workers that meeting content is sensitive. It’s not an iron-clad tool for defeating dedicated espionage involving hidden pinhole cameras.
There have been similar arguments for ages about how if something isn’t iron-clad perfect protection then it’s pointless, but in the real world making something more difficult actually makes people think twice and stops most of the people who would casually do it.
See for example Snapchat’s screenshot notifications. It’s well known that there’s an elaborate way to circumvent it. However the fact that it takes a lot of work and there’s a risk of getting caught trying really hard to deceive the other party is enough to make most people not want to risk it.
This whole comment sections is honestly ridiculous.
Interestingly that can be overcome by moving the video just a little between two screens, which reverts it back to a WDDM surface. =D
Or TWO monitors, with "Duplicate" selected, and a camera recording the second monitor under the desk.
Pedantic correction:
'grab a shot of the monitor out of frame of the webcam of the person wanting to take screenshots of the meeting'.
First time I read it I was somehow imagining breaking of laws of physics lmao.
I suppose the biggest irony of this is, most of the shops that might want to enable this are already so sloppy that they half expect folks to screenshot teams presentations for notes later.
Users have to resort to (exclusively, if possible) open source tools.
Can you manufacture film yourself? Know anyone who does?
It could start with quietly making the essential chemicals in film production and development "controlled". Then you might need a licence to do analogue photography. Eventually even the last few analogue photographers either die or switch to digital due to the increasing impracticality of analogue. Then the film companies stop making it, then you make it illegal for them to start making it again. You've now killed the analogue hole.
Maybe you're hoping it would be futile like the war on drugs, except there's actually demand for drugs. I can't imagine dealers suddenly stocking up on illegal film for all the people wanting to capture stuff from their Teams calls.
I can totally imagine that they will do something similar,so I guess it's pretty simple to implement if done like that
It exist to make the easiest way impossible and to tell participants that the content should not be shared by them.
For sensitive data on the other hand quality doesn't matter as long as it's readable.
Making something more difficult is okay to claim in my view, but trying to over-state capabilities or security concerns is problematic.
The worst thing about this feature is that if someone takes a screenshot it will be saved on an IT controlled computer but if users are forced to snap screen caps with their phones the sensitive information ends up on personal devices and probably cloud synced to Google drive etc
Despite the intense training and constant warnings, it happens constantly. And that’s just the cases they know about and address.
You have to be able to trust your staff, but you also have to be realistic that any organization at scale will have people who either don’t care or don’t think and it happens frequently.
1) Prevent the patients from suing after a data breach or intentional sale of their medical records, regardless of negligence.
2) Transfer as much money as possible from health care to privately owned businesses in the compliance industry.
Very few computer security lessons from that industry generalize to other parts of the economy.
This isn't the same as leaving a tool in someone; making and misplacing a screencap take active doing. If your meeting participants actively want to put data where it doesn't belong, the solution isn't accident prevention
It's essentially a guardrail. It can be easily circumvented if someone was being actively malicious.
Many people are babies.
The only real practical gain is that it might prevent malware from being able to capture visible data, but what's funny about that is one of the desktop systems that can prevent unwanted screen capture by design (Wayland) also intentionally doesn't have any support for DRM/HDCP features, so it will likely be stuck on audio-only mode. High five, Microsoft!
* I wanted to go to the source directly to check if maybe they just left it out, but the link that they currently have seems to be non-sense. It seems to point to something about "Co-pilot" audio transcription. In Romanian, for whatever reason.
https://www.microsoft.com/ro-ro/microsoft-365/roadmap?id=490...
That being said - guessing they are doing this for their enterprise customers mainly, where alot of those other options are locked down. But plenty of people already know to just record their screen from their phone anyway - impossible to block that and much safer way to exfiltrate whatever info/data you need.
Seems like it’s even easier, just join the meeting via browser.
I’m not familiar with a way to enforce this type of restriction in the browser.
> The company plans to start rolling out this new Teams feature to Android, desktop, iOS, and web users worldwide in July 2025.
OTOH we will see if there's any type of weasel-wording on whether browser is in fact non-supported (i.e. will go to audio-only mode.)
The other possibility, is that every 'supported' platform has some form of DRM that results in the functionality working even on browser (just thinking out loud about DRM functionality possibilities) means Windows/MacOS/Android/iOS all work but everyone else is out of luck.
Sheesh, we've come to a state where browsers can no longer be referred to as "user agents".
They will just make photos using their phones.
Maybe you can do it on not-iOS, until your insecure setup will be blocked by the server. Cat and mouse until there's 3 mice in the whole world.
So from a employee POV it has its uses.
But people who will get in the same situation like me could simply use the camera on their phone pointed at the screen and be done with it, I guess.
Any and every screen capture app will show a blank or a replacement screen for the restricted area.
Not surprised at all that MS is doing this.
Is this anti-competitive and anti-open-standards?
This stuff looks much more to me like "fuck the user" than anything else. I am 100% convinced there is a cult of evil bastards at Microsoft, et. al. that is hellbent on making everyone's UI/UX as janky as possible.
I think this because our company recently enforced a 2 year mail deletion policy on all mailboxes for "legal reasons." Which were "we don't want stuff to show up in discovery if we get sued."
Streaming services like Netflix and Disney Plus use these APIs to protect their content as well.
I use a setup like this frequently for work to demo our Android TV based apps with full content even though it all has DRM applied. Always leads to a "how did you get this footage" line of questioning for anyone who knows that we use DRM.
It is essentially like a watermark in a PDF. It can be trivially defeated, but that isn't the point.