
My hardware is not compatible
Thank $Deity for that . . .
Microsoft's controversial Recall feature is enabled by default during Windows setup and users must delve into Windows Settings to turn it off. Over the weekend, The Verge's Tom Warren posted screenshots showing Microsoft's latest Out-of-Box Experience (OOBE), in which the Recall feature can't be turned off unless the user …
Why not turn on the camera and microphone as well in an undetectable manner? Then these inputs can be AI-processed and detect if the correct owner is operating the device and warn of license violations if the wrong person is operating the device.
The microphone is paramount to prevent the most heinous crimes. The brand new AI will listen for tell-tale signs of seriously problematic behaviours in the vicinity of the device and alerts the proper authorities when improperly licensed music, games or videos are detected.
Proving the guy who was in charge of Windows 8 hasn't got any idea. Imagine you're business inside UK or the EU and each of your PCs starts recording data on customers which your users accessed during the course of their work using Citrix or RDP to avoid data getting onto the local PC.
Now you've suddenly got data on the local PC. You don't know how Copilot's copy is stored, modified, or deleted so you can't deal with subject access requests, you don't know how much of it gets slurped by Microsoft, and you're suddenly responsible for it all.
Proving the guy who was in charge of Windows 8 hasn't got any idea.
I don't understand why you have 20 upvotes. You're saying the same thing he was saying, just in different words. He's saying that the default is the least problematic part. The greater problems are - everything else about the feature, including but not limited to the things you list. Surely you've seen similar variations of the very common phrase "...was the least of its problems" before?
Sinofsky isn't out of touch here - he is exactly right and you're actually in total agreement with him - though you apparently don't recognise it.
I meant what I said. All of the problems stem from being opted into it and the greatest problem is being opted in to this in the first place. All of these problems listed in the comments and elsewhere (GDPR, malware, etc...) are brought about because Recall is opt-out meaning it will be used at scale meaning all of its design failures will be evident at scale.
Why hasn't there been this amount of push back caused by Rewind? Because it's third party software, it's not supplied with every computer and running by default.
Like so many problems in Windows brought about because stupid OS features are either opt-out or defaulted to the least secure option. This is and always has been the cause of most of Windows' problems, right back to hiding known file extensions and autorun.
This should be an optional feature which defaults to off. By optional feature I mean listed in System > Optional features > More Windows features which defaults to uninstalled. If MS really want to they could add a page when installing which tries to get you to opt in but they know most people just click through those pages.
Doesn't even have to be a rogue employee. The current common ransomware technique is for the malware to silently turn on windows built-in disk encryption, except using a password the malware knows that is unknown to the user. Once encryption is complete, delete the password from the configuration, viola, your data is now accessable only to the controller of the malware.
So now, in addition to holding you ransom to your own disk encryption system, they can use the built in screen-logger. Silently turn it on, collect some data, then threaten to blackmail you over the contents of the data - or even just skim any credentials captured and use them themselves.
In the same way that deleting a Google Photos or Apple iCloud image gets rid of it entirely. If it's perfectly legal to simply hide the data or feature from any non-EU user when they hit "delete" or "disable", why wouldn't you take advantage of that? They even explicitly opted in by "carefully reading & signing" the ToS / T&C.
"Features that are the future of computing should be on by default and turning things off should not be part of any routine or default customer experience. If it can't be on then it isn't a platform feature."
The choice of which features are on should be made by the owner of the computer, and that is the person who paid for it, not the OS vendor. Since real people vary, the defaults should be conservative.
OS vendors who fail to grasp this simple point should kindly FOAD.
I think what he means is that if you introduce a new feature and it's turned off by default it's likely to stay that way and it will never be a central part of the platform. So from MS' perspective they have no choice but to have it on by default if they really want this to be part of the platform.
Of course from my perspective they can go to h*ll with this and it will be the first thing turned off and uninstalled. Many users (maybe even the majority?) just accept defaults though so it would be running on a huge number of pcs and I have no doubt that while processing is done locally MS have a way of getting the AI training from all this data fed back into the greater copilot program so they can win the AI war.
Breathtakingly bad. I bought a new laptop and Windows S was on it. 3 days to get it to switch off S-Mode so I could install other non-MS store software.
Touchpad scroll sensitivity is not fixable so it's like using a Win3.1 machine. Sound constantly goes out of sync even when just playing from the laptop.
Ive not tried using Windows properly since Vista. Nothing has changed. It is still a steaming pile of sh1t and that Microsoft feeling, that sickening, Ive been ripped off feeling prevails.
For the first day or so I was quietly impressed and thought OMG they have finally produced a decent OS. But no, the next few days the same types of problems we had with XP start showing up. Laptop blindly fast day 1. Day 4 it's a crawl. Firefox is unusable and at least 3 times slower than Edge and I think that MS are doing that deliberate.
I had forgotten how deeply I could hate until I switched on Win11. It's a hate like no other. It's like going back to someone who abused you.
Why?
Why does m$ want to take screenshots of your desktop every 2 minutes(or whenever), it cant be for the user's benefit since creating and saving the screenshot will impact on your computer's performance.
So only reasons I can see is so m$ can see what programs you are using so they can tell if you're using a pirated copy, and so that they can issue commands to your pc to search said screenshots for content so they can then sell advertising aimed at you. oh and law enforcement
The telling feature is if it is only available on home versions not corperate ones... as getting their ass sued off by companies, countries, and trade blocs is not in the game plan (unless they have some nice juicy blackmail from someone's home computer thats just had recall reactivated by an 'update')
The Recall feature's contents may not be accessible by outside sources (and only to anyone with physical system access, since that never happens unauthorized), but it's guaranteed that they're harvesting the metadata from its generation process. That would be an absurd amount of potentially revenue-generating user and behavioral data left on the table.
There's proof of concepts already showing that you can drop malware on a machine and exfiltrate the recall DB before the antivirus kicks in a few seconds later and removes the malware. The recall DB isn't that large so it only takes a second to upload to a remote server.
When Microsoft said it was encrypted, they meant by BitLocker (i.e. transparent to the software running at the time, including malware).
The data is held in unencrypted in SQLite databases in AppData.
> The data is held in unencrypted in SQLite databases in AppData
Damn shame it is impossible to add encryption to an SQLite database - oh, wait a moment:
https://learn.microsoft.com/en-us/dotnet/standard/data/sqlite/encryption?tabs=netcore-cli "SQLite doesn't support encrypting database files by default. Instead, you need to use a modified version of SQLite like SEE, SQLCipher, SQLiteCrypt, or wxSQLite3. This article demonstrates using an unsupported, open-source build of SQLCipher, but the information also applies to other solutions since they generally follow the same pattern."
Perhaps MS devs aren't allowed to "waste their time" reading the MS "learn" website?
"Perhaps MS devs aren't allowed to "waste their time" reading the MS "learn" website?"
What you *mean* is that MS don't learn !!!
This is totally believable !!!
Windows 11 is a Horror show that has escaped from a deranged mind .... the deranged mind appears to be *still* in control, hence 'Recall' !!!
There is *NO* possible upside to Recall, it is a security failure waiting to be enacted !!!
Even switching it off is *not* safe as if the code is still there it can be re-enabled by some miscreants s/w !!!
Wait carefully while someone shows how to do it in the next 3-6 months ... or possibly less !!!
Thanks MS ... what more can you do to help me to lose *all* my important personal information / data !!!
:)
"Wait carefully while someone shows how to do it in the next 3-6 months ... or possibly less !!!"
I was wrong ..... I meant 3-6 HOURS !!!
See https://github.com/xaitax/TotalRecall?is=de8f99f633779c48394560419ed2ff46c36627f60fd2bd92d66c65518957cfdd
MS ... do you still think this is a good idea & secure !!!
:)
> turning things off should not be part of any routine or default customer experience.
So, anybody else here got a list of things that are routinely hunted down and turned off whenever they install Windows?[1] Either by hand or by IT supplying their own ready-to-go image.
Frankly, I'd think turning things off ought to a routine for pretty much everyone - it is daft[2] to believe that every "amazing new feature" is worth the resources to *every* user.
And as for believing *your* every feature is "the future of computing" that everyone ought to use...
[1] actually, any OS - I find that even Linux installs are best followed by a routine of removing stuff that gets added by default, as well as the obvious "install other stuff you do like". And, yes, I do know about creating one's own distro respins: following the routine isn't arduous, just tedious: it isn't a big enough issue to warrant the need for a respin, let alone a Corner Linux distro.
[2] nicest way to frame it; other descriptions, using the word "pathological", are available
"I find that even Linux installs are best followed by a routine of removing stuff that gets added by default,"
As a matter of interest, what things and what distro? I'm curious as I'm apt to find myself adding things rather than removing them but that might just depend on the choice of distro.
When I first heard about this feature, I was sure that the 'snapshots' were a record of the OS state, so that you could roll forwards or back - kind of like a global 'undo'.
Is it truly just a series of screenshots? Must be an extremely obscure use case. Even if copilot is able to 'search' the content of the screenshots.
@sneakythumbs
Basically, lots of screenshots. "AI" OCR then run on screenshot and the scraped / "AI" interpreted text stored.
So DBs will tend to be fairly small (as not storing lots of images)
A fairly small DB means very quick to steal....probably a reasonable chance of Recall DB targeting malware to upload recall DB somewhere before anti malware software detects & quarantines it.