1660

It's a nightmare scenario for Microsoft. The headlining feature of its new Copilot+ PC initiative, which is supposed to drive millions of PC sales over the next couple of years, is under significant fire for being what many say is a major breach of privacy and security on Windows. That feature in question is Windows Recall, a new AI tool designed to remember everything you do on Windows. The feature that we never asked and never wanted it.

Microsoft, has done a lot to degrade the Windows user experience over the last few years. Everything from obtrusive advertisements to full-screen popups, ignoring app defaults, forcing a Microsoft Account, and more have eroded the trust relationship between Windows users and Microsoft.

It's no surprise that users are already assuming that Microsoft will eventually end up collecting that data and using it to shape advertisements for you. That really would be a huge invasion of privacy, and people fully expect Microsoft to do it, and it's those bad Windows practices that have led people to this conclusion.

top 50 comments
sorted by: hot top controversial new old
[-] dmtalon@infosec.pub 324 points 1 year ago

Ya, a PR nightmare for the next 15 minutes until the next unbelievable thing comes along and the ADD nature of people forgets windows is watching everything they do.

[-] FlashMobOfOne@lemmy.world 35 points 1 year ago

That's usually what I think too, but after watching how Twitter's gone to shit since the two big user departures, I think this could legitimately affect Microsoft's bottom line.

[-] Voytrekk@lemmy.world 67 points 1 year ago

That will rely on businesses moving away from Windows. That is where they make a ton of their money with Enterprise licenses and Office 365 subscriptions.

[-] Infynis@midwest.social 41 points 1 year ago

And businesses don't give a shit about their employees' privacy

[-] Starkstruck@lemmy.world 40 points 1 year ago

They do care about keeping their company secrets and proprietary info though. Recall could make corporate espionage a cake walk.

load more comments (3 replies)
load more comments (1 replies)
load more comments (2 replies)
load more comments (8 replies)
[-] naeap@sopuli.xyz 107 points 1 year ago* (last edited 1 year ago)

Microsoft has built a number of safety features into Windows Recall to ensure that the service can't run secretly in the background. When Windows Recall is enabled, it places a permanent visual indicator icon on the Taskbar to let the user know that Windows Recall is capturing data. This icon cannot be hidden or moved.

Oh my, that one is really cute

[-] uriel238 69 points 1 year ago* (last edited 1 year ago)

Malware will disable that icon. Law enforcement will buy [that] malware.

[-] phoneymouse@lemmy.world 51 points 1 year ago

Well find out in 10 years that that wasn’t true and that it did capture data when the icon wasn’t present whoopsies.

[-] wreckedcarzz@lemmy.world 20 points 1 year ago* (last edited 1 year ago)
If chkCaptureData.checked then
   recall()
   bigNotify()
Else
   recall()
End
load more comments (2 replies)
[-] cupcakezealot 84 points 1 year ago

I mean 95% of their customers probably don't care or even know what Recall is but...

load more comments (7 replies)
[-] rtxn@lemmy.world 69 points 1 year ago* (last edited 1 year ago)

My dad is now pissed at both Microsoft and Adobe, and curious about Linux. If I can find a Lightroom alternative, he might actually switch.

[-] ultratiem@lemmy.ca 66 points 1 year ago

You guys trusted MS before this???

[-] TwilightVulpine@lemmy.world 25 points 1 year ago

A couple years ago it wasn't thoroughly and transparently sucking off every bit of personal data it could get, and gearing up to put adds on the desktop on top of that.

load more comments (3 replies)
[-] PerogiBoi@lemmy.ca 63 points 1 year ago* (last edited 1 year ago)

I figured on my gaming and VR rig that I’d begrudgingly upgrade it to W11 when W10 stopped receiving security updates and support but at this point the recall feature (which will be used to train LLMs regardless of what Microsoft promises or guarantees) has ensured that I never install that kind of spyware as an operating system.

I’d rather spend forever troubleshooting and getting my Valve Index to work with Ubuntu than deal with a giant backdoor.

[-] areyouevenreal@lemm.ee 30 points 1 year ago

I wouldn't go for Ubuntu. They are also run by a corporation that has done problematic things with the project. It also just doesn't work that well anymore. Better off going for something Debian or Fedora based, or even an Ubuntu derivative like Pop OS.

load more comments (14 replies)
load more comments (7 replies)
[-] ulkesh@lemmy.world 53 points 1 year ago

I’m telling everyone I know it’s time to move to Linux, or worst case Mac.

load more comments (8 replies)
[-] gravitas_deficiency@sh.itjust.works 52 points 1 year ago* (last edited 1 year ago)

A lot of people here seem to be missing the nuance.

Sure, it’s problematic for their consumer market share, but you’re right that that’ll probably be forgotten by the mostly tech-illiterate populace over time. But that’s not the problem.

Step 0 of MS’s plan for this should have been “make sure there is an absolutely bulletproof and ironclad way to disable that stuff completely for enterprise customers”. And they didn’t do that. So now, enterprise IT writ large is going to… you know… just not buy any of these devices. Which is absolutely their right.

But the really frustrating bit is that MS may have significantly harmed the rollout of ARM-based laptops (as well as x86 chips with beefy NN-optimized tiles) with this, and additionally done real, massive harm to Intel, AMD, and Qualcomm by doing so. All three of those manufacturers have gone to ENORMOUS lengths to roll this tech out, largely at MS’s behest. They’re all going to take this on the chin if the rollout goes poorly. And the rollout is already going poorly.

But MS thought they could Apple-handwave away the details. And they can’t, because a lot of people who understand the absurd security implications of continuous capture and OCR and plaintext storage of the OCR output. It’s not something you can handwave away. It’s entirely a non-starter in the context of maintaining organizational security (as well as personal data security, but we’ve already talked about why that’s a bit of a moot point with the general public). But enterprise IT largely does try to take their job seriously, and they are collectively calling MS’s bluff.

The problem for the long term is that MS has pretty much proven to the IT industry with this stunt that they can’t be trusted to make software that conforms to their needs. That’s a stain that isn’t going to go away any time soon. It might even be the spark that finally triggers enterprise to move away from MS as a primary client OS. After all, Linux is WAY easier to manage from a security perspective.

TL;DR: the issue is that MS has significantly damaged their reputation with this stunt. And you can’t buy reputation.

Edit:

The article has an update:

Update noon ET June 7, 2024: Microsoft has released a statement noting it is making three significant changes to how Recal works including making it opt-in during setup, requiring Windows Hello to enable Recall, proof of presence is now required to view your timeline, and search in Recall, and adding additional layers of data protection including “just in time” decryption protected by Windows Hello Enhanced Sign-in Security (ESS) so that snapshots will only be decrypted and accessible when the user authenticates.

It’s definitely a move in the right direction… but it also begs the question of why didn’t they do that in the first fucking place? Seriously, some heads are gonna roll over how badly this whole release was planned, and the very clear lack of due diligence.

load more comments (1 replies)
[-] nutsack@lemmy.world 48 points 1 year ago

it isn't a nightmare for them. they will be fine. they normalize everything they do

[-] Kroxx@lemm.ee 25 points 1 year ago

Yeah like I hate Microsoft, I am migrating to Linux, and the things I read about recall were pretty fucking horrifying to me. At the end of the day though the general public doesn't give two shits about tech other than it works out of the box.

load more comments (1 replies)
[-] bluewing@lemm.ee 46 points 1 year ago

Pfffttt, Microsoft has been there, done this, and got a whole closet full of tee shirts for stuff like this many times over the years. In the end the users don't care and can't stop it. And they are, by in large, too lazy to change to something else to completely avoid it.

It hasn't ever affected the bottom line enough to matter to them. They will just pull this ~~bug~~ feature and wait for a better day. Or perhaps they will figure out a way to introduce it piecemeal to disguise it better.

load more comments (1 replies)
[-] Teknikal@lemm.ee 45 points 1 year ago

All I want from an Os is to launch my programs of choice and not suck up my battery running unnecessary junk I couldn't care less about.

[-] MIDItheKID@lemmy.world 29 points 1 year ago

The worst part is that Windows can do that, but Microsoft insists on enshittifying it. Like Windows 11 isn't that terrible if it wasn't for all of the data collection and advertisements and other shit.

I miss the Windows 7 days where you could download a stripped down ISO that was just the OS. It launched your programs of choice and didn't suck up your battery running unnecessary junk.

[-] nossaquesapao@lemmy.eco.br 24 points 1 year ago* (last edited 1 year ago)

Last week, I went to a friend's house and asked to use her computer, which is still a core 2 duo with 2gb of ram and an hdd, running win7. I was a bit surprised to see her family having it as their only computer, but more surprised to see how fast it was. I expected to have the most laggish experience of my life, but it was.. smooth. I've used machines with much modern low end cpus, more ram and ssds that performed much worse than that on win10. The enshittification is real.

load more comments (2 replies)
[-] spaghettiwestern@sh.itjust.works 44 points 1 year ago* (last edited 1 year ago)

It's also important to remember that Microsoft has no monetary incentive to force people to use Windows Recall.

With that in mind, there would be no reason for Microsoft to automatically enable Windows Recall in an update down the line. If it does happen, the user will be able to instantly tell thanks to that that visual indicator and turn it off again.

This article is nothing but propaganda. There is huge monetary incentive to force people to use Windows Recall and collect their data, and Microsoft routinely uses Windows Update to enable data collection. They began that practice years ago on Windows 7. It's a ridiculously simple matter for MS to disable the visual indicator and force This Week's Plan on their users to monetize their data.

Windows Central pretends to be critical of plans to enable a feature that can be made into malware by Microsoft in a couple of minutes, but then back peddles and says it can't be done (utter BS) and if it could be, it wouldn't be that bad.

[-] barsquid@lemmy.world 20 points 1 year ago

Even if the database remains local only forever, which I don't believe for a second, the computer will eventually make hyperspecific requests for ads based on the spying.

load more comments (1 replies)
[-] Cosmicomical@lemmy.world 44 points 1 year ago

I don't want to be the guy that always says Linux, but... ...Linux

load more comments (18 replies)
[-] modifier@lemmy.ca 43 points 1 year ago

You can only piss on our faces and tell us it is raining for so long.

[-] FilthyShrooms@lemmy.world 21 points 1 year ago

"It's raining, I see" says the blind man as he pisses into the wind

[-] CaptPretentious@lemmy.world 42 points 1 year ago

This is status quo for every large corporation. Microsoft, Apple, Amazon, EVERY SOCIAL MEDIA PLATFORM, Roku.... They all, ALL, push boundaries to see what they can get away with to not only sell you something, but also make you the thing they sell. Sometimes they're bold enough to make it public what they're doing, sometimes, it's a leak that happens when people find out how little the company actually cares about it's users (Apple, so many user data leaks).

load more comments (14 replies)
[-] afraid_of_zombies@lemmy.world 42 points 1 year ago

Just think they might go from owning 98% of the market to 97% of the market. I am sure this is a nightmare for them.

load more comments (9 replies)
[-] Delonix@lemmy.world 39 points 1 year ago
[-] CarbonatedPastaSauce@lemmy.world 27 points 1 year ago

For those of you that are tired of Microsoft's bullshit, a great place to start is Linux Mint or, if you want to be on the bleeding edge with a rolling distro that still gets some testing, openSUSE Tumbleweed (which is what I'm using).

Signed,

Linux daily driver convert of ~3 months now.

load more comments (6 replies)
load more comments (5 replies)
[-] mypasswordis1234@lemmy.world 38 points 1 year ago

TL;DR:

  • Windows Recall, part of Microsoft's new Copilot+ PC initiative, has sparked major privacy and security concerns.
  • The feature uses AI to capture and store screen data locally, allowing users to search for past activities using natural language.
  • Despite assurances that data is not uploaded to the cloud or used by Microsoft, user trust is lacking.
  • Microsoft has a history of practices that have eroded user trust, including obtrusive ads, ignoring user preferences, and requiring Microsoft Accounts.
  • Users are skeptical, fearing future misuse of the collected data for advertising or AI training.
  • Windows Recall reportedly stores data unencrypted, making it vulnerable to access by third-party apps and potential malware.
  • The open nature of Windows amplifies these risks, unlike more secure systems like iOS and Android.
  • Users have compared Windows Recall to spyware, with many threatening to switch to other operating systems like Linux or Mac.
  • Microsoft's attempts to keep the development of Windows Recall secret did not help build trust.
  • Windows Recall will only be available on new Copilot+ PCs, requiring specific hardware not present in existing PCs.
  • Users will have the option to disable the feature, but there are concerns about it being enabled by default.
  • Despite security issues, the feature is effective in helping users find lost or forgotten data.
  • It could improve productivity if trust and security concerns are resolved.
load more comments (2 replies)
[-] EnderMB@lemmy.world 38 points 1 year ago

Outside of the "Microsoft bad" comments, this is a prime example of why big tech companies need to stop promoting AI leads to a position where they are able to have influence over initiatives outside of AI.

The worst thing to happen to basically every product/service in tech right now is AI. It's made Google unreliable in the eyes of normal people for the first time in decades, it's destroying trust in Amazon content across reviews and Kindle, it's adding features to Facebook that no one ever wanted, etc.

load more comments (2 replies)
[-] ProgrammingSocks@pawb.social 35 points 1 year ago

Stallman just keeps being right*

*About software freedom

load more comments (1 replies)
[-] NutWrench@lemmy.world 33 points 1 year ago

I finally switched to Linux Mint a week ago. I've just had enough of Microsoft and I couldn't think of any more reasons why I shouldn't switch.

I've got Libre Office for all my productivity needs. All my Steam games work under Linux. My VPN works just fine. Firefox for web browsing. Thunderbird for email. And Wine to run those 1-2 Windows programs that I just can't do without.

load more comments (5 replies)
[-] JasonDJ@lemmy.zip 32 points 1 year ago

You know what would be a nice thing to put into windows?

A fucking decent way to search for files.

Also, grep and tail, as implemented in Linux. It's 2024 and there's no native equivalent to tail -f *.log. How embarrassing.

load more comments (18 replies)
[-] kittenzrulz123 30 points 1 year ago

Microsoft: oh no we might loose 0.0000001% of users, it doesn't matter since we can shove our software down people throats

[-] Dra@lemmy.zip 27 points 1 year ago

Buy a mac or support steamOS adoption or just get a linux distro. This will drive the improvement of nontechnical consumer GNU/Linux

load more comments (4 replies)
[-] 58008@lemmy.world 23 points 1 year ago

I wish Linux weren't completely fucking impenetrable for casual users.

[-] Gormadt 31 points 1 year ago

It's gotten a lot better over the years

When I first tried it (back in 2010) it was pretty rough all around but after trying it again recently due to the whole TPM requirement for Windows 11 I've found it to be really straight forward

Linux Mint is really user friendly and is what I've even put on my grandma's pc

load more comments (9 replies)
load more comments (15 replies)
[-] TipRing@lemmy.world 23 points 1 year ago

I know it's WindowsCentral but the article has some pretty naive takes. Given the propensity of threat actors to target Windows due to its market share it's impossible to not see a system that records user activity as a huge treasure trove for both malware and hackers.

It also doesn't mention that Microsoft claimed that it would be impossible to exfiltrate Recall data and of course researchers found it not only possible but trivial, with the data lacking even basic protections. Assurances that there are mechanisms to prevent Recall from secretly monitoring you mean nothing when prior assurances about safety have been found to be paper thin at best.

Further it ignores that telemetry gathered by Windows has dramatically increased in the last several years with methods to disable it being eliminated or undone by OS updates. Microsoft is hungry for user data and it would be absurdly naive to think that Recall won't be a tool they use to gain more of it. If not now, then definitely later.

The author does point out that Recall has been weirdly under wraps, avoiding the usual test bed for new feature rollout. Microsoft has been acting shady about the feature and then the feature itself does shady things (like record PII, credit card data, etc.), of course users are going to think the worst. At this point it's a survival tactic.

Microsoft doesn't have trust issues because of bad PR or a few missteps. Microsoft has trust issues because they have violated user trust repeatedly for decades. They have done nothing to make users feel like they care at all about keeping Windows secure and safe and they clearly have no regard for user privacy. This only question is whether this backlash will do anything to make Microsoft reconsider the way it treats its users. I predict they will learn all the wrong lessons from this.

[-] PsyDoctah9Jah@lemmy.world 23 points 1 year ago

Both Apple and Microsoft are two sides of the same coin....

One went left, the other went right, both going to the same location....

The only thing to consider is how you prefer to travel and how quickly you want to arrive....

load more comments (4 replies)
[-] masquenox@lemmy.world 23 points 1 year ago

TIL: There are still people that trust Microsoft.

[-] padge@lemmy.zip 21 points 1 year ago

The day Windows 10 loses support is the day I primary (or solo) boot Linux on my gaming desktop. The more news I read the more certain I am in this.

load more comments (6 replies)
[-] Tryptaminev@lemm.ee 20 points 1 year ago

and here i am, happy that i could buy a notebook for 200 bucks less w.o. a windows preinstalled on it, enjoying my beginner friendly linux distro.

load more comments (3 replies)
load more comments
view more: next ›
this post was submitted on 08 Jun 2024
1660 points (100.0% liked)

Technology

75670 readers
2976 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 2 years ago
MODERATORS