It's only a preview, and maybe it should stay there ... forever
Microsoft's Windows Recall feature is attracting controversy before even venturing out of preview.
Microsoft said in its FAQs that its snapshotting feature will vacuum up sensitive information: "Recall does not perform content moderation. It will not hide information such as passwords or financial account numbers. That data may be in snapshots stored on your device, especially when sites do not follow standard internet protocols like cloaking password entry."
Mozilla's Chief Product Officer Steve Teixeira told The Register: "Mozilla is concerned about Windows Recall. From a browser perspective, some data should be saved, and some shouldn't.
Jake Moore, Global Cybersecurity Advisor at ESET, noted that while the feature is not on by default, its use "opens up another avenue for criminals to attack."
Moore warned that "users should be mindful of allowing any content to be analysed by AI algorithms for a better experience."
Cybersecurity expert Kevin Beaumont was scathing in his assessment of the technology, writing: "In essence, a keylogger is being baked into Windows as a feature."
AI expert Gary Marcus was blunter: "F^ck that. I don't want my computer to spy on everything I ever do."
2010 sounds so fantastical, and such a far away time of mystery in the future. We'll have flying cars, and robot monkey maids, and brain chips that can drive cars, and.......it was 14 years ago??? It's currently 2024? Well that sounds like a depressing year!
Actually really enjoying OpenSUSE Tumbleweed... first time on a rolling release distro and so far no major complaints.
Probably would have started with Arch (btw) but I felt a little daunted by the install process. In contrast with my ~2010 attempt, all my data is on a separate drive with automatic backups to NAS — so when I upgrade to an NVMe drive I'm going to give it a whirl.
So currently only Edge users can filter what gets picked up by Recall by site, and Chromium users get private browsing mode blocked out of the box? In the article, the Mozilla rep they interviewed says that Microsoft didn't reach out to them or hasn't made available any documentation on how to get non chromium browsers to pick what gets included in Recall.
Even if this is something thats off by default and is encrypted if you do turn it on, boy would I never want to turn it on.
Me either, and at least in my experience with Windows these things have a way of 'accidentally' turning themselves on after a random update or something
I think the would becomes a lonely place if everyone started only talking with their AI friend. And you know that's what would happen. Humans would isolate from each other ever more.
if everyone started only talking with their AI friend.
This would be super great for the ruling class behind the AI curtain. Your AI pal would compliment and flatter you while guiding you down the corporate cattle chute.
To a way you can already do AI audio chat with sillytavern or tavernAI and oobabooga llm in the backend. Its a little setup required but you can find online tutorials. For example from aitrepreneur on YT. It's not perfect yet, but we'll get there. It's already fun to use, I just wish I had a better PC to run with a bigger and newer language model. Now using a recall function, that's too new, but I'd not surprised if we get that in a few months.
The potential for self hosted AI is there! I've seen a few projects in the works, and if youre tech saavy you can spin up your own. It is pretty resource intensive, but could be run on a home server.
I'm pretty excited to have my own personal AI, vut i want one that is trained on data I select and who only phones home to my server lol.
Why is this upvoted. It's a wrong statement. Maybe there's no recall open source local AI yet but voice chat with AI is already possible without sending your information to anyone else.
What's the point of this feature ? If it were not evil, what problem would it solve ? How often do you go to your PC and think "what was that thing I saw but never thought to create a bookmark or save the link/image".
Even if people use it, it would be for something they missed because they thought it was unimportant or didn't interest them, which is a very rare use case.
And still it is a highlight feature !
I wonder if it is lack of ideas or lack of commitment to create a good idea , given a technology, when these kinds of useless features are launched.
Just do what video game companies do. They have an old game. It runs on old hardware. Some parts of the game feel very outdated in modern day. So they update the graphics, retool some outdated game mechanics, update it's availability to run modern hardware.
They take 20 year old games, update them, and then sell it back to you at full price as a remaster.
I guess what I'm saying is........forget trying NEW ideas. Just give us Windows XP 2.0 that works on modern hardware with ongoing security updates.
I think the problem with big companies like Microsoft, EA, Ubisoft, Bethesda, etc is that once all the smart & creative people have gone, all you have left are the "line must always go up" business idiots, who have no idea what their company does or how to fix it.
CoPilot is exactly the kind of End-stage, "let's screw our customers to death" idea the CEOs come up with right before their company implodes.
The reason I know that's true is because when this stupid idea for CoPilot came up, there were no smart people who immediately said, "do you have any idea what a terrible f*cking plan this is?"
Ironically the business people are terrible at business. I genuinely think LLMs (despite their economic evils) are stunning pieces of technology.
But they are money sinks and the only plans for profit are subscriptions or advertisements. It's Social Media/Streaming/Tech Startups panicked hype investing all over again. Subscriptions and advertising just simply do not pay the bills for huge server and gpu farms.
But sustainability isn't what they want is it? They want the stock to go up to then cash out when it's about to fall. sigh
This is something that steve jobs talked about in an interview that I cannot find at the moment. Its ironic coming from him, but he was talking about when a company truly begins to die. His theory was that when a company is founded, the people that made and designed the product/service are in positions of power. But as a company grows and lives on they get replaced with marketing people. They dont know how to make anything, but they do have that "line go up" mentality. Instead of making something better, the marketing and sales people find ways to sell worse things. Again, hilarious coming from him but i think he had a point.
I don't know if it's really about a breakdown between 'innovators' and 'sales/marketing', but instead a breakdown between people who sincerely want to deliver something intrinsically valuable versus product delivery being some unfortunate obnoxious means to the end of "more money now". A company founded from the onset of "don't care, just make money" will generally fail, and the ones that succeed are the ones that care. Then you move beyond the "founder" generation of a company and then you get to watch the effort get scavenged to pieces.
Whatever may be said of Jobs, he really liked the company and products he was in charge of. Sometimes he would value form over function more than I would like, but it was still at least a facet of the actual product rather than hyper fixation on how to make the profit margins grow without much regard for the product itself. Yes, massive wealth flowed in as they caught the culture just right with iPod and then iPhone, but I don't think it ever descended to cannibalizing the company to make those numbers even better than they were.
Honestly if you do truly value having control over your privacy take this advice to heart. There are so many good Linux options now that are even easier than Windows to install. All it takes is a few clicks. You can even choose which UI you prefer in many cases. All those previous barriers to entry no longer exist.
It's meant for gaming, but I find it's so feature complete that's it's great for non-gaming purposes.
Somehow it even works better on my monitor than Windows, since I can actually control my brightness from an applet rather than having to use my monitor buttons.
Most malware that targets linux goes for server stuff, since those are the most valuable targets. End user linux, which barely hits 3% usage, isn't a common target because there's not much to be gained.
literally every cybersecurity expert is saying this would be a bad idea that could be used maliciously by anyone. I really hope the executives listen to them.
yeah, sure, it's supposedly encrypted and supposedly stored locally exclusively and supposedly not turned on by default, but even if that does turn out to be true, scammers can use it with remote desktop to snoop, anyone who plants a RAT on your system could look through that shit too.
Microsoft's bread and butter has been selling and servicing to businesses.
So with that in mind, the hell are they thinking? Windows 10 end of life guarantees that businesses specifically will have to switch. Then the next option in line is one that will by default vacuum up all your proprietary information to feed into an AI, effectively "copyright laundering" it?.
Even if there's ways to deactivate the feature, the non-tech savvy managers will just go off of the headlines and the tech savvy ones will recognize the security risk. And government/healthcare computer might just fork Linux into a non-open source version.
Ironically it feels like they're focusing too much on consumers (on extorting them) and shooting themselves in the foot for their business clientele.
The user can then scroll through the archive of snapshots to find what were doing some time back, or query an AI system to recall past screenshots by text.
The Windows 11 feature is supposed to eventually expand to allow users to pull up anything that happened recently on their Copilot+ PC and interact with or use it again, as the system logs all app activity, communications, and so on, as well as by-the-second screenshots, to local storage for search and retrieval.
The IT giant also says that for the relatively small number of users running its Edge browser – with a market share of just under 13 percent, according to Statcounter – InPrivate sessions won't be snapped, nor will DRM content.
Other Chromium-based browsers can filter out private browsing activity but lose the ability to block sensitive websites (such as financial sites) from Recall.
Microsoft did not engage our cooperation on Recall, but we would have loved for that to be the case, which would have enabled us to partner on giving users true agency over their privacy, regardless of the browser they choose."
Industry must consider data protection from the outset and rigorously assess and mitigate risks to people's rights and freedoms before bringing products to market.
The original article contains 1,057 words, the summary contains 209 words. Saved 80%. I'm a bot and I'm open source!
What exactly can recall see? Is it just what's on screen?
Because, if I'm like most people when I type my password, I keep my passwords hashed on the screen as I type it. (i'm using anything but Windows since 2016)
It completely depends on their implementation. Apple released Local Snapshots for OSX with Time Machine in 2007. Granted, they’re created hourly rather than every few minutes, but there hasn’t been a vulnerability or exploit as a result of the feature.
That’s pretty much a completely different feature though? It creates local backups. It respects passwords and encryption. It doesn’t take periodical screenshots of what you’re doing and reads their content to feed an LLM.
We built privacy and security into Recall's design from the ground up. With Copilot+ PCs, you get powerful AI that runs locally on your device. No internet or cloud connections are required or used to save and analyze snapshots. Your snapshots aren't sent to Microsoft. Recall AI processing occurs locally, and your snapshots are securely stored on your local device only.
Snapshots are encrypted by Device Encryption or BitLocker, which are enabled by default on Windows 11. Recall doesn't share snapshots with other users that are signed into Windows on the same device. Microsoft can't access or view the snapshots.
You can delete your snapshots at any time by going to Settings > Privacy & security > Recall & snapshots on your PC. Windows sets a maximum storage size to use for snapshots, which you can change at any time. Once that maximum is reached, the oldest snapshots are deleted automatically.
I assumed the Copilot integration was elective. The article states it’s not on by default.
Otherwise it’s the same. Local backups through Time Machine can be accessed a la carte through a screenshot-based GUI, so the screenshots are part of the Local Snapshots stored on your local drive. They’re password protected and decrypted at user login.