How to use one of Microsoft’s new computers without leaking information?
Let's say I am interested in using one of Microsoft's new computers but I have concerns over the massive amount of data, personal behavior, and whatnot being consumed by the machine. Microsoft claims that all of their AI toolings will be performed locally, and let's give them the benefit of the doubt there because it's irrelevant - what I am concerned about is other sites and services obtaining data from the computer - whether it be from a security vulnerability, tracking software, or an outright virus. I could envision that an app or service that uses AI to search the internet and then perform some action could very well have some kind of exploit that then escalates privileges and obtains access to data that the AI software has collected, for example.
I am not really considering doing this as I don't currently have a use case for it, but I am asking these questions as a thought exercise and to learn.
My only solution to this problem was to never connect the computer to the internet.
However, that raises a few difficulties - mostly, how do you install new software, but also, if you want to export anything produced on the machine, how do you transfer it and ensure nothing but the items you want to transfer get moved?
I think connecting it to a local network would open you up to many potential risks if set up incorrectly, but also could have many advantages such as transferring to/from another machine, and searching shared drives.
If you wanted to be as secure as possible, I think you'd have to not connect it to a local network, either. Which means, you need to use external hard drives / flash drives to transfer data back and forth.
My idea is:
Transferring to the machine
- Never connect the AI-driven machine (Machine A) to the internet.
- When you want to install new software, use a machine that is connected to the internet (Machine B) to download it, transfer it to an external drive, and then transfer it to another computer that is also never connected to the internet (Machine C)
- Mount the drive on a newly created VM on Machine C and scan it for viruses. Then delete the VM (don't reuse them). Obviously if a virus is found you need to reinstall the OS on Machine A.
- Transfer the files from Machine C to Machine B.
- As a safety precaution, wipe the external drive after each use
Transferring from the machine
This would maybe be as simple as putting files on an external drive from Machine B and then transferring them to Machine A, then wiping the drive, if you trust that transferring to the machine is secure and cannot expose Machine B to viruses.
This leads to my specific questions:
- What security risks am I missing? Are there any gaps in my thinking?
- Would you recommend a different approach?
When answering, treat physical risks such as physical access to machines as outside the scope of the question. Assume that the machines, when purchased from the manufacturers, were not tampered with to include malware and that there is no way to inject data through cables connected to the machines (dunno if that's even possible).