Microsoft’s Windows Recall feature is attracting controversy before even venturing out of preview.

Microsoft said in its FAQs that its snapshotting feature will vacuum up sensitive information: “Recall does not perform content moderation. It will not hide information such as passwords or financial account numbers. That data may be in snapshots stored on your device, especially when sites do not follow standard internet protocols like cloaking password entry.”

Mozilla’s Chief Product Officer Steve Teixeira told The Register: "Mozilla is concerned about Windows Recall. From a browser perspective, some data should be saved, and some shouldn’t.

Jake Moore, Global Cybersecurity Advisor at ESET, noted that while the feature is not on by default, its use “opens up another avenue for criminals to attack.”

Moore warned that “users should be mindful of allowing any content to be analysed by AI algorithms for a better experience.”

Cybersecurity expert Kevin Beaumont was scathing in his assessment of the technology, writing: “In essence, a keylogger is being baked into Windows as a feature.”

AI expert Gary Marcus was blunter: “F^ck that. I don’t want my computer to spy on everything I ever do.”

    • FlashMobOfOne@lemmy.world
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      5 months ago

      Yup, I’m setting up a dual boot when my thumb-drive arrives.

      Actually really excited to get back to computing the way it was in 2010. :)

      • Lost_My_Mind@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        5 months ago

        2010 sounds so fantastical, and such a far away time of mystery in the future. We’ll have flying cars, and robot monkey maids, and brain chips that can drive cars, and…it was 14 years ago??? It’s currently 2024? Well that sounds like a depressing year!

        • FlashMobOfOne@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          5 months ago

          Yup, I couldn’t have imagined the extent of the enshittification.

          I’m glad I can turn back the clock a little on my PC at least.

      • felbane@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        5 months ago

        Actually really enjoying OpenSUSE Tumbleweed… first time on a rolling release distro and so far no major complaints.

        Probably would have started with Arch (btw) but I felt a little daunted by the install process. In contrast with my ~2010 attempt, all my data is on a separate drive with automatic backups to NAS — so when I upgrade to an NVMe drive I’m going to give it a whirl.

        • FlashMobOfOne@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          5 months ago

          Nice!

          I just want something that’s similar to Windows, regularly updated, easy to use, and comes with proton already installed.

  • rem26_art@fedia.io
    link
    fedilink
    arrow-up
    66
    ·
    5 months ago

    So currently only Edge users can filter what gets picked up by Recall by site, and Chromium users get private browsing mode blocked out of the box? In the article, the Mozilla rep they interviewed says that Microsoft didn’t reach out to them or hasn’t made available any documentation on how to get non chromium browsers to pick what gets included in Recall.

    Even if this is something thats off by default and is encrypted if you do turn it on, boy would I never want to turn it on.

    • makyo@lemmy.world
      link
      fedilink
      English
      arrow-up
      32
      ·
      5 months ago

      Me either, and at least in my experience with Windows these things have a way of ‘accidentally’ turning themselves on after a random update or something

  • Crismus@lemmy.world
    link
    fedilink
    English
    arrow-up
    59
    arrow-down
    2
    ·
    5 months ago

    As much as I want “Jarvis” OS system, I really don’t want the version made by Microsoft, Google, or, Apple.

    I want to be able to talk with my AI PC, but I want secure AI that’s just for me and won’t steal all my data for any Corporations to browse.

    • prole@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      1
      ·
      5 months ago

      I think the would becomes a lonely place if everyone started only talking with their AI friend. And you know that’s what would happen. Humans would isolate from each other ever more.

      • rayyy@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        ·
        5 months ago

        if everyone started only talking with their AI friend.

        This would be super great for the ruling class behind the AI curtain. Your AI pal would compliment and flatter you while guiding you down the corporate cattle chute.

    • SomeGuy69@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      2
      ·
      edit-2
      5 months ago

      To a way you can already do AI audio chat with sillytavern or tavernAI and oobabooga llm in the backend. Its a little setup required but you can find online tutorials. For example from aitrepreneur on YT. It’s not perfect yet, but we’ll get there. It’s already fun to use, I just wish I had a better PC to run with a bigger and newer language model. Now using a recall function, that’s too new, but I’d not surprised if we get that in a few months.

    • hazeebabee@slrpnk.net
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      The potential for self hosted AI is there! I’ve seen a few projects in the works, and if youre tech saavy you can spin up your own. It is pretty resource intensive, but could be run on a home server.

      I’m pretty excited to have my own personal AI, vut i want one that is trained on data I select and who only phones home to my server lol.

      • Aniki 🌱🌿@lemm.ee
        link
        fedilink
        English
        arrow-up
        8
        ·
        5 months ago

        WTF? You can make your very own private, locally run, AI assistant on a Raspberry PI, and make your own interface with an ESP32. Right now.

      • SomeGuy69@lemmy.world
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        3
        ·
        5 months ago

        Why is this upvoted. It’s a wrong statement. Maybe there’s no recall open source local AI yet but voice chat with AI is already possible without sending your information to anyone else.

  • red_pigeon@lemm.ee
    link
    fedilink
    English
    arrow-up
    43
    ·
    edit-2
    5 months ago

    What’s the point of this feature ? If it were not evil, what problem would it solve ? How often do you go to your PC and think “what was that thing I saw but never thought to create a bookmark or save the link/image”.

    Even if people use it, it would be for something they missed because they thought it was unimportant or didn’t interest them, which is a very rare use case.

    And still it is a highlight feature !

    I wonder if it is lack of ideas or lack of commitment to create a good idea , given a technology, when these kinds of useless features are launched.

    • NutWrench@lemmy.world
      link
      fedilink
      English
      arrow-up
      25
      ·
      5 months ago

      I can’t think of a single reason why I would need detailed snapshots of everything I did with my own computer.

      But I can think of plenty of reasons why corporations, advertisers and governments would want that.

    • JeffreyOrange@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      5 months ago

      I can’t remember the last time Microsoft Imolemented a good idea into windows other than small UI changes.

      • br3d@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        edit-2
        5 months ago

        Windows 11 has better window shadows than Windows 10. That is literally the only improvement I’ve found

    • sugar_in_your_tea@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      6
      ·
      5 months ago

      Use case: I remember doing something yesterday about this, but I can’t find the email/document/etc.

      But I honestly don’t think the value outweighs the cost, so if I still used Windows, this would absolutely be something that drives me away.

    • Lost_My_Mind@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      5 months ago

      Just do what video game companies do. They have an old game. It runs on old hardware. Some parts of the game feel very outdated in modern day. So they update the graphics, retool some outdated game mechanics, update it’s availability to run modern hardware.

      They take 20 year old games, update them, and then sell it back to you at full price as a remaster.

      I guess what I’m saying is…forget trying NEW ideas. Just give us Windows XP 2.0 that works on modern hardware with ongoing security updates.

      That’s all anyone wants.

  • NutWrench@lemmy.world
    link
    fedilink
    English
    arrow-up
    41
    ·
    5 months ago

    I think the problem with big companies like Microsoft, EA, Ubisoft, Bethesda, etc is that once all the smart & creative people have gone, all you have left are the “line must always go up” business idiots, who have no idea what their company does or how to fix it.

    CoPilot is exactly the kind of End-stage, “let’s screw our customers to death” idea the CEOs come up with right before their company implodes.

    The reason I know that’s true is because when this stupid idea for CoPilot came up, there were no smart people who immediately said, “do you have any idea what a terrible f*cking plan this is?”

    • Gestrid@lemmy.ca
      link
      fedilink
      English
      arrow-up
      8
      ·
      5 months ago

      I’m sure some did, but, unfortunately, those people aren’t the ones making the business decisions.

      The “line must go up” people are in charge because “line must go up” investors are saying the “line must go up”.

    • Wirlocke@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      8
      ·
      edit-2
      5 months ago

      Ironically the business people are terrible at business. I genuinely think LLMs (despite their economic evils) are stunning pieces of technology.

      But they are money sinks and the only plans for profit are subscriptions or advertisements. It’s Social Media/Streaming/Tech Startups panicked hype investing all over again. Subscriptions and advertising just simply do not pay the bills for huge server and gpu farms.

      But sustainability isn’t what they want is it? They want the stock to go up to then cash out when it’s about to fall. sigh

    • mojofrododojo@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      5 months ago

      all you have left are the “line must always go up” business idiots, who have no idea what their company does or how to fix it.

      boy does this seem to describe google nowadays

    • IEatAsbestos@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      5 months ago

      This is something that steve jobs talked about in an interview that I cannot find at the moment. Its ironic coming from him, but he was talking about when a company truly begins to die. His theory was that when a company is founded, the people that made and designed the product/service are in positions of power. But as a company grows and lives on they get replaced with marketing people. They dont know how to make anything, but they do have that “line go up” mentality. Instead of making something better, the marketing and sales people find ways to sell worse things. Again, hilarious coming from him but i think he had a point.

      • jj4211@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        5 months ago

        I don’t know if it’s really about a breakdown between ‘innovators’ and ‘sales/marketing’, but instead a breakdown between people who sincerely want to deliver something intrinsically valuable versus product delivery being some unfortunate obnoxious means to the end of “more money now”. A company founded from the onset of “don’t care, just make money” will generally fail, and the ones that succeed are the ones that care. Then you move beyond the “founder” generation of a company and then you get to watch the effort get scavenged to pieces.

        Whatever may be said of Jobs, he really liked the company and products he was in charge of. Sometimes he would value form over function more than I would like, but it was still at least a facet of the actual product rather than hyper fixation on how to make the profit margins grow without much regard for the product itself. Yes, massive wealth flowed in as they caught the culture just right with iPod and then iPhone, but I don’t think it ever descended to cannibalizing the company to make those numbers even better than they were.

  • Flying Squid@lemmy.world
    link
    fedilink
    English
    arrow-up
    29
    ·
    5 months ago

    But the C-suite folks think it’s a great new way to spy in their employees, so I’m guessing it’s here to stay.

        • sugar_in_your_tea@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          5
          ·
          5 months ago

          But AI is “somebody else’s computer,” at least that’s how most work. What’s to guarantee that it’s actually local and stays local going forward?

          • Avatar_of_Self@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            5 months ago

            Not that I’m defending it but the data and the model itself on Recall stays all local and encrypted, according to Microsoft. It also says it won’t use it for ad targeting or will sell the data. Of course, the caveat is that is what they are saying right now and may not be saying in the future. We’ve obviously seen strategies where gradually things move down the spectrum as it continuously normalizes.

            With MS we’ve seen the “Start” menu advertise Candy Crush forever and then “recommended apps” and it isn’t a far step to show “sponsored recommended apps” and then just “sponsored content” as things continue to become more normal for everyone, especially if its for the “Home” version or whatever. People will just argue to pay whatever for a Pro license.

            Going to full blown ads now though? It’ll piss the consumer off. Do it gradually over a decade? There will be some rumblings, sure, but it probably won’t matter. By then they might be able to give you a “free” cloud VDI (with lots ads from the OS) with less ads and CPU/GPU power based on subscription tiers and you just need to buy a cheap $30 thin client and everyone will just be OK with that.

          • Lost_My_Mind@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            5 months ago

            …corporate good will to be on the side of the peoHAHAHAHAHA!!!

            Sorry, could say it with a straight face.

    • Alph4d0g@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      9
      ·
      5 months ago

      Honestly if you do truly value having control over your privacy take this advice to heart. There are so many good Linux options now that are even easier than Windows to install. All it takes is a few clicks. You can even choose which UI you prefer in many cases. All those previous barriers to entry no longer exist.

    • Lost_My_Mind@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      5 months ago

      I’ve tried to get into linux 4 different times now. Over the coarst of 15 years.

      I have no idea what I’m doing.

      • Lumisal@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        1
        ·
        5 months ago

        Try BazziteOS

        It’s meant for gaming, but I find it’s so feature complete that’s it’s great for non-gaming purposes.

        Somehow it even works better on my monitor than Windows, since I can actually control my brightness from an applet rather than having to use my monitor buttons.

        • Gestrid@lemmy.ca
          link
          fedilink
          English
          arrow-up
          15
          ·
          5 months ago

          Not OP, but I feel like every time I come across a thread like this, someone is recommending a different version of Linux. It makes it really difficult to decide, and I can’t exactly just “try out” Linux on my computer the same way I could try out other programs.

          Yes, I could install it on a thumb drive, but that’s not persistent, so I couldn’t try it out for more than a few hours. Takes longer than that to decide to completely switch OSes.

          • Lumisal@lemmy.world
            link
            fedilink
            English
            arrow-up
            8
            ·
            5 months ago

            You can make a persistent install on a thumb drive actually. Has been possible for about a decade I think. There’s even a program now called Ventoy that lets you make multiple persistent installs of different Linux distros on a single thumb drive even.

            • Gestrid@lemmy.ca
              link
              fedilink
              English
              arrow-up
              3
              ·
              5 months ago

              I think I’ve tried Ventoy before, actually. I didn’t know it did persistent installs.

              Unfortunately, I couldn’t figure out how to enable my PC to boot from a USB device. It uses the most recent version of the MyAsus UEFI, the one that looks like this picture I pulled from online (minus the red outline, obviously):

              You don’t happen to know how to enable booting from a device from there, do you? All the guides I found online were for an older version of the Asus UEFI settings.

              • Lumisal@lemmy.world
                link
                fedilink
                English
                arrow-up
                2
                ·
                5 months ago

                Normally when your PC is initially starting up, F8 will bring up the boot menu and you’d select the USB drive. Otherwise, where it says boot order, clicking around there should let you change the boot order and have the drive boot first every time. Actually, if you’re using it as a persistent then this is probably the better option.

                I’m not the biggest computer buff compared to some here, so if I’m wrong in any way let me know or comment again - someone will likely come give the right answer lol.

                Plus I haven’t used Ventoy much, I only used to do it the old fashioned way of partitioning it many years ago until I found what I liked best.

                For beginners, I recommend Fedora or Ubuntu based distros because they’re definitely the most user friendly, like windows or the days, possibly more now? At least BazziteOS has had more feature compatibility than Windows, which I was shocked by. Still testing all my games, but so far that works well too.

              • hazeebabee@slrpnk.net
                link
                fedilink
                English
                arrow-up
                1
                ·
                5 months ago

                Chiming in to say that on my asus laptop, the start up button is f12! Press as soon as the first logo appears on the screen. It might take a few times to get the timing right, if you miss it just restart the computer.

                It should take you to a menu that looks like a classic hacker screen (blue screen with pixilated text, no clickable UI). Then go to the boot options and select the USB.

          • Balder@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            5 months ago

            You can use something like VirtualBox or VMWare. Won’t be the fastest experience, but also not so bad. It’s good enough to have a feel of how something works.

          • Katana314@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            5 months ago

            The kicker is, for years and years down the line, all of your tech questions will be written to Google as “How do I xxxx in <obscure distro name here>”.

            Many, but not all, of those problems are resolved by searching “in Linux”, but others you’d have to search for “in <similar distro>”. Windows is just Windows.

          • IzzyScissor@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            5 months ago

            You can create a partition on your hard drive and set your PC up to dual-boot. I have no idea if this is still widely used or if there is another, better/easier way, but it’s what I did a long time ago for a hat simulator game.

            • Gestrid@lemmy.ca
              link
              fedilink
              English
              arrow-up
              3
              ·
              edit-2
              5 months ago

              I’ve read in a few different places that, unfortunately, more recent Windows bootloader’s can break dual-boot setups.

          • EmperorHenry@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            5
            ·
            5 months ago

            And not just that, but each distro of linux has its own quirks and each one is compatible with a different list of brands of hardware. you could brick your system if you install the wrong distro on the wrong hardware, like down to the bios

            And contrary to popular belief, LINUX CAN GET MALWARE JUST AS EASILY AS WINDOWS CAN.

            With windows, there’s a 30 year history of malware infections and there’s several good choices for windows based antivirus programs, and three amazing ones. The people who work at those antivirus companies know how vulnerable windows is and so they’re always working on improving their software…at least the good ones are, but those same antivirus programs on linux don’t have nearly as much stuff in them to fight against APTs most linux versions of great antivirus programs like comodo and kaspersky are gutted down to just a regular antivirus with heuristics, no zero-day threat protection at all, you’re completely dependent on how fast the new malware can get added to the blacklist.

            But on windows, if you use comodo and know how to configure it and understand that it will never pop up unless something might be wrong, you’re always prepared for zero-day threats and even zero-hour threats.

            Linux used to be super secure, simply because there were so few people using it or even aware of it, but with every linux distro being open source, malware-makers can make all kinds of exploit kits for it in record time, because there’s no trial an error like there is on windows, at this point in time, no antivirus company is really prepared to deal with zero-day linux malware.

            But windows users, even stupid ones know that you need an antivirus program on windows. So the malware-makers have to play a cat-and-mouse game with windows malware if they hit a decent number of systems with their malware, that malware isn’t going to be unknown for very long. And antivirus companies like bitdefender and avira, the former of which is great at adding new samples to the blacklist at super speed, and avira which isn’t as good at that anymore because they got bought by…norton? If I remember correctly, they rent their database out to other antivirus companies, Eset, another really good detector of new malware also rents their database out to other antivirus companies.

            ClamAV is good at detecting linux based malware…as far as I’ve heard, but it’s useless against anything unknown to it.

            windows is a pain in the ass to detail with…but that’s only if you don’t know how to work with it. Linux can be that way too. If there’s a bug in some software that fucks up parts of your OS, there’s not much support you can get from local techs, but if something like that happens with windows, there’s loads of freelance independent computer techs out there that know how to fix it.

            Linux is cool, if you can make it work for you, great! But don’t act like windows is worthless. There’s ways to deal with the bloat, and there’s endless amounts of free advice on countless forums across the entire internet on how to deal with problems that come up

            • Gestrid@lemmy.ca
              link
              fedilink
              English
              arrow-up
              1
              ·
              5 months ago

              Honestly, I have Windows working just the way I want it right now (and I do know enough to be able to wrangle it to do just what I want it to do), but I could do without so much spyware. That’s the main reason I’m looking into Linux. Any way you know how to get rid of Windows’ built-in spyware without impacting security at all or breaking anything too badly?

              On a different note, I have actually been looking for a new antivirus, preferably a free but very good one. Norton (my dad subscribed to it and got like 10 license keys years ago and shared with the family) has become too much like adware for me in recent years. Your comment has been helpful with that.

    • EmperorHenry@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      7
      ·
      5 months ago

      malware on linux is surprisingly common, more common than most people realize.

      in fact, for every variety of malware for windows, there’s a version of it for many linux distros too

      • I Cast Fist@programming.dev
        link
        fedilink
        English
        arrow-up
        5
        ·
        5 months ago

        Most malware that targets linux goes for server stuff, since those are the most valuable targets. End user linux, which barely hits 3% usage, isn’t a common target because there’s not much to be gained.

  • EmperorHenry@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    16
    ·
    5 months ago

    literally every cybersecurity expert is saying this would be a bad idea that could be used maliciously by anyone. I really hope the executives listen to them.

    yeah, sure, it’s supposedly encrypted and supposedly stored locally exclusively and supposedly not turned on by default, but even if that does turn out to be true, scammers can use it with remote desktop to snoop, anyone who plants a RAT on your system could look through that shit too.

    • anavrinman@lemmynsfw.com
      link
      fedilink
      English
      arrow-up
      16
      ·
      5 months ago

      “I really hope the executives listen to them.”

      Oh man. Needed a good laugh tonight. Thanks champ.

  • Lumisal@lemmy.world
    link
    fedilink
    English
    arrow-up
    15
    arrow-down
    1
    ·
    5 months ago

    No one here mentioning this will be a gold mine for Malware makers and hackers.

  • Blackmist@feddit.uk
    link
    fedilink
    English
    arrow-up
    8
    ·
    5 months ago

    Even if we believe them and all the data stays local to your machine, what’s to stop your average bit of malware accessing it?

    So now not only is any data compromised going forward, but all your data going back as well.

  • Wirlocke@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    8
    ·
    5 months ago

    Microsoft’s bread and butter has been selling and servicing to businesses.

    So with that in mind, the hell are they thinking? Windows 10 end of life guarantees that businesses specifically will have to switch. Then the next option in line is one that will by default vacuum up all your proprietary information to feed into an AI, effectively “copyright laundering” it?.

    Even if there’s ways to deactivate the feature, the non-tech savvy managers will just go off of the headlines and the tech savvy ones will recognize the security risk. And government/healthcare computer might just fork Linux into a non-open source version.

    Ironically it feels like they’re focusing too much on consumers (on extorting them) and shooting themselves in the foot for their business clientele.

    • EmperorHenry@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      5
      ·
      5 months ago

      Ironically it feels like they’re focusing too much on consumers (on extorting them) and shooting themselves in the foot for their business clientele.

      It’s like they saw all the shittiest things about apple products and said “game on motherfuckers!”

      imagine how many people are going to get doxxed by this feature.

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    7
    ·
    5 months ago

    This is the best summary I could come up with:


    The user can then scroll through the archive of snapshots to find what were doing some time back, or query an AI system to recall past screenshots by text.

    The Windows 11 feature is supposed to eventually expand to allow users to pull up anything that happened recently on their Copilot+ PC and interact with or use it again, as the system logs all app activity, communications, and so on, as well as by-the-second screenshots, to local storage for search and retrieval.

    The IT giant also says that for the relatively small number of users running its Edge browser – with a market share of just under 13 percent, according to Statcounter – InPrivate sessions won’t be snapped, nor will DRM content.

    Other Chromium-based browsers can filter out private browsing activity but lose the ability to block sensitive websites (such as financial sites) from Recall.

    Microsoft did not engage our cooperation on Recall, but we would have loved for that to be the case, which would have enabled us to partner on giving users true agency over their privacy, regardless of the browser they choose."

    Industry must consider data protection from the outset and rigorously assess and mitigate risks to people’s rights and freedoms before bringing products to market.


    The original article contains 1,057 words, the summary contains 209 words. Saved 80%. I’m a bot and I’m open source!