To me this is a strong signal for Microsoft
that this feature is extremely useful and has to be kept at any cost. You'll see.
If Microsoft intended the 2024 Build event to be overshadowed by controversy then it succeeded as calls intensify for the company to rethink its strategy around Recall. The Windows Recall feature, still in preview, takes a snapshot of a Copilot+ PC user's screen every couple of seconds and then sends it to disk, letting the …
"An add-on called Forensic Evidence can literally watch, in real time, what an employee is doing, in order to collect evidence for an investigation,"
That sounds like a channel by which possibly restricted information can leak to those not entitled to see it. Just because someone is on a compliance teem doesn't mean they should be enabled to see any personal data the user might be legitimately handling.
This also sounds like a channel that will be available to third-parties such as “Microsoft support”, much in the same way as Remote Assistance, although unlike Remote Assistance the user will have no knowledge a third party is eavesdropping…
Because of this security tools should detect and disable Recall…
Letting the user.
You mean the idiot who can't think unless he has his smartphone telling him what he thinks.
You mean all those users who have now gotten used to Windows Search telling them where their applications were.
I'm sure those people will be eminently capable of understanding what all those screenshots mean . . .
"You mean all those users who have now gotten used to Windows Search telling them where their applications were."
Have you tried search and then given up as most people do? Click start and type reg ... ... ... ... ... ... it takes ... ... quite ... a while ... to find regedit.exe, which is on the $PATH and can be found by the OS faster than you really bother perceiving. Search on the other hand grinds away for ages.
Why is it so hard to spawn searches along various axes simultaneously and async. and return them as they turn up and alter the sorting as desired, on the fly? Do all that without grinding and groaning. I have at least three App menu type thingies on my KDE desktop. They all do Search far quicker than any Windows box and they will search the web and all that nonsense if you like. I can have all of them too, in multiple locations. I do like having choice.
I found that search prefers to search the internet before local resources.
I found that out as just after booting I was using search to launch notepad, it took me to bing!
I would use the start menu but thats broken and unusable these days. I pin my essentials to the task bar
Microsoft PowerToys includes a Run app that is far more useful than Win11's crap Start Menu or search. It can also do a few useful extra things like evaluate simple arithmetic expressions. The PowerToys are free in the Microsoft Store (hey, something useful in the Microsoft Store!) and while they don't have a ton of useful features, there are enough that it's worth downloading. Particularly since it's quick and easy to add to, say, a VM you've just spun up and don't want to spend a lot of time configuring.
I am quite surprised that all the legally-required entities that might be affected by this - medical, banking, Wall Street trading companies, lawyers, etc - haven't said much in support of killing this "technology". From HIPAA to the SEC, certainly having both image & text records of transaction information that is required by law to be secured must raise SOME suspicions...?
Are our 'benefactors' in Big Business asleep at the wheel, or are they just looking at yet another thing that they'll try (somehow) to monetize for their own benefit?
"I am quite surprised that all the legally-required entities that might be affected by this - medical, banking, Wall Street trading companies, lawyers, etc - haven't said much in support of killing this "technology"."
On the contrary, many of these trades are required to keep detailed records eg all customer interaction and trading activity as voice, email and paper for many years, almost all of them have a compliance function that monitors these employee activities, and more relevant to the Recall debate, they're used to snooping on staff whenever they deem it necessary. As the banks are routinely fined for various mis-selling or market rigging activities*, they'd be quite keen on seeing in minute detail what employees are doing. Obviously there's a very serious risk of keeping all this Recall data, but when did the banking sector think ahead and properly manage such predictable risks?
In medical and law, it's less driven by personal gain, but the same principles apply - the organisation would love to have ever more data to use when an individual is being thrown to the wolves, rightly or wrongly. I used to work in one of these sectors, the function of HR was not so much hiring and managing people, it existed to protect the organisation, such that when the star chamber decided individuals were persona non grata, they were pushed out in a way that ensured speed and complete silence, either by buying them off, or by ensuring there was such a waterproof case for gross misconduct that the individual wouldn't ever speak out or contest it, or if litigation did occur individuals could be blamed. Again, the risk of Recall will be seen as minimal and entirely acceptable, until there's been a Recall related disaster.
* Not wholly sure what they're rigging or mis-selling this year, but there's always something: interest only mortgages, private pensions sold to people in defined benefit schemes, interest rate swaps, interbank interest rates, equity release mortgages, sub-prime mortgage lending, foreign exchange market rigging, money laundering, persistent risk-management failures, more recently car finance mis-selling, cum-ex dividend tax fraud. The banking and financial services sector is rotten, yesterday, today, and forevermore.
When continual monitoring is done for compliance reasons, that data is (where done right) kept elsewhere and under lock and key, and quite often with an entirely separate IT team looking after that area of technology. In those organisations such data is explicitly NOT stored all over the place where anybody can get to it. Those compliance teams will be having nightmares, not wet dreams about this.
Exactly. Monitoring for compliance is a very different beast than indiscriminately saving whatever happens to be visible every few seconds.
As I noted in a comment to another story about Microsoft's Not-so-total Recall, this misfeature is a huge problem for legal discovery, too, if an organization where it's in use gets sued.
It's just an astonishingly terrible idea, and it's certainly not a new one, and it has fuck-all to do with "AI" — OCR and fuzzy searching do not in any way require gen-AI or indeed machine learning at all. Bradley Rhodes' Remembrance Agent (1996) was a smarter version of a somewhat similar concept, based simply on a decent natural-language unstructured- and semi-structured text indexing system.
>"....legally-required entities that might be affected by this...."
Oh, no problem, there is an option to disable this functionality. That is already planned in the Go To Market strategy.
Windows 11 Enterprise Privacy Edition
Requires E5 subscription at a 200% markup. After all, entities that need this level of privacy have deep pockets.
Yup......M$ have ANNOUNCED Recall..........
.....but I wonder WHAT ELSE is in there!!!
Maybe current Windows activity is being shipped out over the network, or over Bluetooth.....
Quote (William Burroughs): The paranoid is a person who knows a little of what is going on.
Wow. Not only is it stored in some security-free database on the user's machine, it's stored in plain text. Which means that the first target for any malicious hacker on that machine is now that database, and once they have a copy of it they have easy access to pretty much every piece of data about that person that's ever existed on their computer. It might be convenient for a user to have a searchable database of everything they've ever done on a machine, but it's gonna be a true nightmare for them once that falls into someone else's hands.
Even if this wasn’t a complete shit-storm of an idea, I’m struggling to think of any use or value for it. What am I going to do with a zillion pictures of the desktop taken over the last day/week/whatever? Apart from delete all the pictures because I’ve run out of disk space? It’s a totally useless “feature”
You aren't just presented with a cache of screenshots. The point is that the screenshots are analysed by the machine so that you can ask vaguely-worded questions about stuff you were doing last week/month/whatever and the computer will guide you to the right place to pick up on it - this is why it is only available on machines equipped with a decently chunky NPU.
It sounds to me typically Microsoft - a rather brilliant idea, implemented with absolutely no regard to the unintended consequences. I'll be evaluating it *extremely* carefully, and then probably disabling it until a more secure v2 is rolled out.
For the record, by the way, this is really already v2. There was a brief appearance of a feature called Timeline, which gathered all your recent file accesses into a single easily-navigated reference list. It was occasionally very useful, and I was always puzzled why it appeared and then disappeared so quickly. Given the timeline for developing Recall, I guess we know the answer to that now.
GJC
<shrug>
You don't like it, don't use it. I don't think I'll be adding it into my daily working patterns, precisely because I am normally pretty well organised and self-sufficient, but on those occasions where it can solve a problem, I suspect it will be invaluable. And for this sort of free-ranging discussion, where I might want to reference a website article I saw in passing three weeks ago, I think it will prove to be brilliant.
I'm also not sure about your assertion that it's an old idea, either. Can you point me at any system that has done this in the past?
GJC
When was the last time any normal user said 'gee, I want to look at my screen from 6 days ago' *and* known whatever key terms from that screen would find it?
For previous documents or content, there's the recent docs list, or, you now, sort-by-date in documents.
For web sites there are favourites, and typically you want the current state of a website anyway.
Plus usually you are going to want to *use* what you are searching for, which a screenshot does not help with.
Storing the computer's output state every few seconds as text is madness and a sledgehammer to crack a non-existent nut.
The only use cases I can see are:
i. Slurping the data for AI training by Redmond, which they allege they won't do.
ii. Letting employers snoop on employees, for which a depressing amount of software already exists
iii. Ensuring everyone has some form of compromising activity recorded somewhere, to help criminals blackmail you
iv. Ensuring everyone has some form of compromising activity recorded somewhere, to help 'law enforcement' 'manage' undesired minorities / the poor / democratic dissent / smear victims of police brutality / enforce whatever form of compliance an authoritarian government wants, including helping them to become an authoritarian government in the first place
But on the plus side, you get a search function you've never needed before!!
It looks like you're about to install a cracked game.
Would you like some advice on how this is bad?
It looks like you're looking at external female anatomy.
Would you like me to collate a highlights gallery for your wife?
It looks like you're making a bank transaction.
How is my non-interference worth to you?
Recall, to me, feels like something designed to sell new PCs rather than provide something really useful for the user.
As I understand, this is designed to help the user to find what they were working on at a given time. Windows already has a reasonable search facility, and the recent files section, Most appplications have something similar, and any messaging/email apps have their own search.
Based on what I have rea and seen, this doesn't really add much to that from the user point of view.. It does add security problems though. Even if you trust Microsoft not to slurp your data, it's still too easy for bad actors to copy your private data..
And no, I do not trust Microsoft. They don't seem to be slurpring data at the moment, but that doesn't mean they won't..
I got notified that “work” claims ownership of everything I do or create or access on the work computer.
That’s fine, as far as that goes.
Then I found out I can get a 2nd hand iphone of my own for one-time purchase of $50, plus network access.
Now I don’t use the work computer practically at all anymore!
I don’t know how they intend to steal all my ideas contacts correspondence and information anymore. As a matter of fact the cellphone kinda serves as a fairly decent spy camera which I can use to steal work information, if I so chose.
How clueless must they have been to not see this coming?
At what point in their internal sanctioning committees did they take a moment to pause? Or was this a case of some intern's idea just done because it was there with no control?
And while the headlines are covering this screwup; what is NOT being covered and snuck in instead? Because the only plausible theory I can come up with is the classic one of "announce dumb policies to cover up what it is you're actually doing".
Police in Red states and abusive husbands everywhere are absolutely gonna love it...
Live in Alabama and had a look through VPN at some out of state abortion clinics on a website, then deleted your browser history just to be sure? Free jail time up to six months later!
Did you iMessage to your faraway sister about your abusive husband, then deleted the convo just to be sure? Free beatings up to six months later!
and on and on...
As opposed to police in Blue states trying to figure out who is buying 80% lower gun parts and offering free jail time. Sheesh, whatever!
When are we going to get it through our minds that BOTH the Red & Blue teams are seeking to monitor and control all our activities? I don't want to be oppressed by either of them!
The main issue here is bandwidth. If you want a picture of all the Windows users' desktop every second, Microsoft will probably need a lot of incoming bandwidth. And even if they don't want to use it, there will always be some who decide to put in on the Onedrive. I think the famous abbreviations in the US would like a copy too, because of, eh, terrorism. No? Childporn then.
I wonder what would have happened if instead of baking Recall into the OS, Microsoft had offered it as a paid-for application, sort of like Microsoft Office. Maybe it would have gotten some users and positive vibes? For that matter, what if Co-pilot were a separate application you could purchase--or not.