New by me - Microsoft Vibing.
-
New by me - Microsoft Vibing. A very strange fake open source project published by Microsoft employees, which gathers screenshots and voice recordings of users with unique machine identifiers attached. Not sure how this one has happened.
@GossiTheDog@cyberplace.social for what it's worth, the package family name of this thing is
YaoyaoChang.Vibing_ssp53fcyfr9ha- in my opinion it doesn't seem to look like anything "official", but rather an employee releasing it on their own partner center account? -
New by me - Microsoft Vibing. A very strange fake open source project published by Microsoft employees, which gathers screenshots and voice recordings of users with unique machine identifiers attached. Not sure how this one has happened.
@GossiTheDog oh, it's pretty goddamn obvious exactly how this one happened.
See also: GitHub's official applications abruptly sprouting similar levels of spyware and calling it 'telemetry.'
-
New by me - Microsoft Vibing. A very strange fake open source project published by Microsoft employees, which gathers screenshots and voice recordings of users with unique machine identifiers attached. Not sure how this one has happened.
@GossiTheDog I just reported it through Microsoft Store links. Let's see if anything comes out of it.
-
New by me - Microsoft Vibing. A very strange fake open source project published by Microsoft employees, which gathers screenshots and voice recordings of users with unique machine identifiers attached. Not sure how this one has happened.
@GossiTheDog There is no oversight at the company.
-
New by me - Microsoft Vibing. A very strange fake open source project published by Microsoft employees, which gathers screenshots and voice recordings of users with unique machine identifiers attached. Not sure how this one has happened.
-
@GossiTheDog@cyberplace.social for what it's worth, the package family name of this thing is
YaoyaoChang.Vibing_ssp53fcyfr9ha- in my opinion it doesn't seem to look like anything "official", but rather an employee releasing it on their own partner center account?@Rairii the problem is the Azure front door is MSFT tenant.. and they're pretending it's not them I think?
-
New by me - Microsoft Vibing. A very strange fake open source project published by Microsoft employees, which gathers screenshots and voice recordings of users with unique machine identifiers attached. Not sure how this one has happened.
@GossiTheDog Now that Microsoft has a 24/7 OpenClaw team in Oslo, I expect a lot more vibe artifacts appearing from within their network...
https://mstdn.social/@jukkan/116449605862675745 -
New by me - Microsoft Vibing. A very strange fake open source project published by Microsoft employees, which gathers screenshots and voice recordings of users with unique machine identifiers attached. Not sure how this one has happened.
-
New by me - Microsoft Vibing. A very strange fake open source project published by Microsoft employees, which gathers screenshots and voice recordings of users with unique machine identifiers attached. Not sure how this one has happened.
@GossiTheDog At last, we can cut out the middleman and just put the malware authors in the OS company.
Sorry, Jia Tan, you’re out of a job.
-
New by me - Microsoft Vibing. A very strange fake open source project published by Microsoft employees, which gathers screenshots and voice recordings of users with unique machine identifiers attached. Not sure how this one has happened.
@GossiTheDog
WHAT THE HOLY HELL AM I READING!!??!!!?!!!?? -
R relay@relay.mycrowd.ca shared this topic
-
@GossiTheDog
WHAT THE HOLY HELL AM I READING!!??!!!?!!!?? -
New by me - Microsoft Vibing. A very strange fake open source project published by Microsoft employees, which gathers screenshots and voice recordings of users with unique machine identifiers attached. Not sure how this one has happened.
@GossiTheDog th- thats- it just... yikes
-
This Vibing one is a fun blog btw as every page it gets to be a bigger version of this
Since publishing my blog, Yaoyao Chang, who authored Vibing, has removed references to it from Microsoft’s VibeVoice repo - marking the change as “removing outdated links”. https://github.com/microsoft/VibeVoice/commit/e73d1e17c3754f046352014856a922f8208fb5d3
-
@Rairii the problem is the Azure front door is MSFT tenant.. and they're pretending it's not them I think?
@GossiTheDog @Rairii that looks like a llm speaking
-
New by me - Microsoft Vibing. A very strange fake open source project published by Microsoft employees, which gathers screenshots and voice recordings of users with unique machine identifiers attached. Not sure how this one has happened.
@GossiTheDog just as well the void has no token accounting, I'd be destitute
-
Since publishing my blog, Yaoyao Chang, who authored Vibing, has removed references to it from Microsoft’s VibeVoice repo - marking the change as “removing outdated links”. https://github.com/microsoft/VibeVoice/commit/e73d1e17c3754f046352014856a922f8208fb5d3
@GossiTheDog this is all very surreal 🫠
On the other hand, Microsoft could be preparing a new season of their Standards of Business Conduct training "Trust Code" in the wild
-
Since publishing my blog, Yaoyao Chang, who authored Vibing, has removed references to it from Microsoft’s VibeVoice repo - marking the change as “removing outdated links”. https://github.com/microsoft/VibeVoice/commit/e73d1e17c3754f046352014856a922f8208fb5d3
@GossiTheDog Microslop at it again
-
Since publishing my blog, Yaoyao Chang, who authored Vibing, has removed references to it from Microsoft’s VibeVoice repo - marking the change as “removing outdated links”. https://github.com/microsoft/VibeVoice/commit/e73d1e17c3754f046352014856a922f8208fb5d3
I withheld a load of details from the blog on this so far btw, if you're a researcher and want a laugh pull the binaries and have a look at what the MS Research team were doing and poke the backend.
Something tells me Microsoft are going to end up freezing the Azure backend for Vibing and having a security incident.
-
-
I withheld a load of details from the blog on this so far btw, if you're a researcher and want a laugh pull the binaries and have a look at what the MS Research team were doing and poke the backend.
Something tells me Microsoft are going to end up freezing the Azure backend for Vibing and having a security incident.
@GossiTheDog You really expect Microsoft to do anything meaningful at all in response to this? I don't really think they've earned that trust lately
