Microsoft Research chief scientist has no issue with Windows Recall Asked to explore the data privacy issues arising from Microsoft Recall, the Windows maker's poorly received self-surveillance tool, Jaime Teevan, chief scientist and technical fellow at Microsoft Research, brushed aside concerns. Teevan was speaking on Wednesday with Erik Brynjolfsson, director of the Stanford Digital Economy …
It may be that the US government are forcing MS to implement this so when they want to monitor someone using a backdoor, they can check back through their past activity more easily.
Or MS have seen what Google can get away with via the browser, and Meta via Social Media, and have decided it is their turn with the desktop.
Just avoid using any system which is running it.
Just avoid using any system which is running it.
And how are we supposed to avoid all businesses and government agencies which themselves may be running Win 11, and entering, or querying data about us, short of becoming cave-dwelling hermits?!
See how far saying, "Oh, I'm not filing my taxes this year because Inland Revenue is using, or, may in the future use, Windows 11" gets you.
You'll also be avoiding all banking services, all insurance services, all medical services, all telecom/Internet services, all police and fire services, and employment other than mowing lawns and handyman work, paid in cash under the table, because 99.99999% of western-world companies pay ONLY via direct deposit to a bank account or via check (for which you need banking services to extract the value from).
Yes, some grocery stores provide payroll check-cashing services. But they'll want your name and address, as verified by government-issued photo ID, and a phone number.
Sheesh.
"short of becoming cave-dwelling hermits?!"
Honestly, that is becoming more and more appealing as time go on!
"You'll also be avoiding all banking services"
I remember the day, in 2010, when I walked up to an ATM and saw the system had crashed and rebooted into the Windows 95 boot screen! Needless to say, I walked away from that ATM, never to return!
So not only are older but perfectly usable PCs are needing to be replaced, but all those 256Gb SSDs will need to be replaced for larger drives to store all your future years of porn activity.
Just how green is Microsoft? Seems to be turning more brown each day
...we have important data,...there's an opportunity to start thinking about what it means to be able to capture and use that.
See, she said it out loud.
MS says that they have no interest in the data that Recall is capturing but how long before the temptation gets too great and MS starts siphoning off all your activities and starts selling them to the highest bidder?
Is that data yours or Microsoft's?
"MS says that they have no interest in the data that Recall is capturing"
And I've got no interest in that data...
Programs that need it generally have 'undo' functions... others probably don't have it/need it for a reason... the only people that need that extra function are mainly classified as 'bay guys'
I'm sure they have some weasel worded version of what they mean by "data". So no they won't ever up load those screengrabs, that picture "data" will always stay local (assuming you have the minimum 2Tb SSD installed; available from these MS partner resellers sign up here here for your special 5% discount code)....but the meta data mined from the images by the MS mandated copilot AI, weeeell, that's not "data", that's "metadata" and in pages 478, and 1165 of your EULA you agree to give MS access and rights to your "Metadata".
Or some such bullshittery to justify whatever the profit making angle is from this.
They don't really care about corporate data; they know corporate IT will shut this monstrosity off. Their real target was personal data, knowing that the plebes are to stupid to even care to learn turn it off!
Luckily the backlash has forces them to make it explicitly opt-in now. (If you trust them, I do not!)
>I suppose that it's only appropriate that Teevan replies in Newspeak when asked a question in English.
“This topic has been recurrently broached throughout the forenoon – data holds paramount importance. The ongoing AI paradigm shift fundamentally alters our perception of data ..” bla bla bla /s
Chief Scientist but can she write code :\
> Chief Scientist but can she write code :\
She has a computer science degree, and published over 100 papers at international conferences and journals and received many awards for her papers.
She's a slimy executive, but encouraging sexist attitudes towards female computer scientists harms women in technology in general.
If you have the knowledge that successful AI development is dependent on good data, you would understand that she was talking about building machine learning training data from users.
If a woman's statements about new technology sound confusing, it doesn't mean she's doesn't know what she's talking about. It could just mean you don't know what she's talking about, because of your own limited technical knowledge and experiences.
And how does this fit withing retention policies. We have a hard enough time stopping employees copying data out of locations that are subject to retention policies. Now we have to have processes to retain this data for the requisite period and remove it when expires?
Is that even possible?
""And as individuals too, we have important data, the data that we interact with all the time, and there's an opportunity to start thinking about how to do that and to start thinking about what it means to be able to capture and use that. But of course we are rethinking what data means and how we use it, how we value it, how it gets used.""
There's enough cheap flannel there to make an entire three piece suit (but not a high quality one).
Microsoft can't back down and scrap Recall now, because they have come up with exactly fsck all other reasons as to why you need a shiny shiny new PC with NPU and so if their one idea is shelved then what is the selling point for the Copilot+AI PC?
Although saying that you can run recall on an none AI PC anyway with just a standard ARM CPU without an NPU according to articles on Tom's Hardware. So even the need for a new Copilot+AI computer is irrelevant should you be bonkers enough that you do want to have a database on your PC with everything you have done stored in it, go ahead an enable with your old Surface laptop hardware.
Okay, I can see helpdesk staff rejoicing at an answer to one of the common problems in an office biz - "The computer ate my stuff! Hours of work gone even days! How are you going to get it back?" - but the biz is likely to take a dim view of all this proprietary info sloshing around on desktops and laptops with minimal control. It's entirely outside whatever document management system they'll have installed.
I suspect that the Recall system going wild and trying to fill up the hard disk is a potential new problem for the helpdesk too.
>>They'll probably randomly activate it with every update too.
And change the reg key used to diasble it without telling anyone, so you can't set a GPO and forget it, you have to keep updating the GPO and waiting for it to propagate... which, interestingly, means you will probably be liable for any GDPR breach caused by Recall for the time between the old Reg key being superceeded and New reg key taking effect.
Sigh... why does this always happen on a Thursday?
If "stuff getting eaten" was a real worry, a backup utility like Time Machine[1] that does regular, and transparent to the user incremental backups and easy rollback or recovery of files would actually be useful rather than this hot steaming pile. Or any reasonable system for syncing designated folders, and the contents thereof with versioning.[2] And at least any decent backup system wouldn't leave a database easily accessible by anyone with juicy private information just waiting to be stolen, and can use encrypted drives.
Further, any decent browser can reopen recently closed tabs. So *what*, if not at least sending metadata to the mothership, is the purpose of this thing?!
[1] Although, its default behaviour itself (1x/hour) is unnecessary overhead. Of *course* there's no option in the GUI to change it, so actual scheduling has to be done with a command-line invocation in the crontab.
[2] Do that one too. One reason is to be able to mirror the critical stuff to my Linux boxen, and another is that after having dealt with catastrophic data loss, albeit self-inflicted, having multiple systems keeping copies of the important stuff somewhere safe is critical.
“[1] Although, its default behaviour itself (1x/hour) is unnecessary overhead. Of *course* there's no option in the GUI to change it, so actual scheduling has to be done with a command-line invocation in the crontab.”
They finally fixed this! I was so happy to be able to change it to 1/day right there in the settings.
Just force all files to be saved in either One Drive or SharePoint online. Then it'll automatically be saved every few seconds and backed up, so even if they do accidentally delete the file, it can still be recovered. At least that's what most companies I've worked for over the last few years are doing, nothing is to be saved locally.
I'm the sort who uses both, especially since the online storage for the critical stuff works for "off-site".[1] Paying Tresorit works well enough for sync, and works pretty transparently across Mac/i(Pad)OS and Linux so all my bases are covered there. I had at one point set up a NextCloud server on a Raspi, but the *extremely* limited upload speeds for residential service here in the US made accessing anything the sort of suffering that, were I wanting to torture myself, would be better inflicted by someone who looks good in a corset, so paid service it is. A lot cheaper than buying an old Mac Mini, throwing Linux on it and paying for a co-lo.
For local backups, yes, Time Machine really does suit my needs once proper scheduling is in place, and has saved my arse dozens of times. I really don't see the point of Recall at all except as a punching bag.And the egregious security flaws in what is already an Orwellian concept make it unfit for other purposes. Any decent browser already shows history and can restore a tab closed on accident, there are a ton of backup and sync solutions out there that are totally transparent to the user, and so on.
[1] A few friends and I have all talked about getting external drives, and being custodians of full encrypted backups for one another, swapping drives every month or so by sneakernet for that purpose, but none of us has yet done that so online it is.
This post has been deleted by its author
Remember, folks, never go back to an abusive partner. Never forget the pain they have caused.
If that doesn't work then:
Psychotherapy: This is also known as “talk therapy”. It can help the person understand and cope with their feelings
Medication: In some cases, medication may be needed, especially if the person is dealing with other mental health issues like depression or anxiety
Support Network: Encourage the person to lean on friends, family, or support groups. They can provide emotional support and help the person feel less alone
Education: Learning more about Stockholm Syndrome can help the person understand what they’re going through
Professional Help: It’s important to seek help from a mental health professional. They can provide the necessary support and treatment
So. Recall collects user-data and bundles it into SQLite tables. When something wants to mine this data (note: I didn't say when the user wants to...), Recall then queries its model built from this pool. Forgive me but I thought if you're using LLM for this kind of thing then you can't add to the model incrementally: doesn't one have to rebuild it from source data again? If so, this will take proportionally longer each time and one could view this as the mother of all forced upgrades: give it two years and my PC is running like a dog and the drive(s) are filling up. No amount of defrag or clean-up will help because it's busy building its latest model and consuming ever more resources to do so. My only option is to replace said machine with new shiny, replete with a new license for the OS, naturally.
You can use fine tuning to add new data but it does have the forgetting risk that is plaguing ChatGPT4 at the moment where the new data causes the old data to be lost. It is a massive problem and there isnt really a fix for it. To make matters worse, that which it replaces is often not the correct data to be replaced so it goes off and modifies some other part for some still unknown reason. This is why ChatGPT has got worse and worse over time.
I cant wait to see this in action. There is no way they will get this to work given the current solutions to catastrophic forgetting that plagues fine tuning. Progressive Neural Networks are still struggling to get going properly despite the fact Google released the paper for it in 2016. Nearly 10 years and not much development and no real signs on the horizon. The computers are way too slow.
What Microsoft will probably have to do is a bunch of scripts to give the impression of AI - the "Wizard of Oz" effect being dragged out of early development and late testing to be applied across the whole model.
We have plateaued with LLMs. We need more horsepower - the age-old AI excuse.
It's about 150 lines of simple Python. It connects to the unsecured database, which is a single file, then does this :
SELECT c1, c2
FROM WindowCaptureTextIndex_content
WHERE c1 LIKE '%{search_term}%' OR c2 LIKE '%{search_term}%'
That is literally all it takes to search for anything that has been extracted using OCR from all the screenshots taken on a machine. All your passwords, bank account details, emails, trade secrets, the lot. I know the desire for $ has overridden security concerns for far too long at MS, but not being able to see the shitshow that is coming down the road for them when this rolls out is pretty spectacular.
As its a sql lite file then it should be possible to open the database change the schema to make the image field too small or add an extra column which doesn't allow nulls and has no default value set.
I use Windows in VM so on VM shutdown I could just have a script in Linux which mangles that file completely and clears the images assuming those are just image files on the file system. If it ends up being saved to the cloud after all it should be possible to block that on the VM's host
It looks like in future firms like Huawei will be providing better security and productivity than the behemouth Microsoft.
When it comes to handling my data, Microsoft has long been the thorn in my side.
Maybe all this internal data storing is the only way Microshite can get anyone to use it's software applications, as no one would be using them by choice. basically because they are so shit compared to other software manufacturers current products. Oh, and they are getting even shitier with every iteration and their replacement of previously working software. (Notepad and Paint)
In Windows 10, it became apparent that I am no longer in control of my own desktop PC.
Along with many other background tweaks, we are now unable to switch off RPC. After that, I no longer trust any Windose boxen to be secure. Then it appeared that I am unable to work without Microsoft Defender using my resources in the background and bringing the other apps I do use - to their fucking knees. I am talking about playing locally stored audio files using VLC etc. I can now forget altogether the years I have spent editing and producing Videos. It also appeared that Defender had borked Sophos, something which I pay for.
Looks like Microsoft shot them selves in both feet good time. Roll on Linux desktop or <joke> even Huawei if I want security, </joke>
Sure fine. But its what not said.
I'm sure there will be at some point in time, AI inferencing of information based on your local data.
Then its technically still true they don't take any recall data, and it is stored locally. What they then learn from it is happily shipped out and off to who ever has the brownest envelope.
Then he should keep it for himself and his family and share everything like bank account with every hacker on the planet, as soon as this shit gets implemented i will switch to Linux. The most important thing an operating system must do is manage data and run programs and these functions are crap in win 11, maybe first fix this instead of implementing crap no one really needs
> "...as soon as this shit gets implemented I will switch to Linux."
Why wait? Or is this like here in the U.S. when someone says "If so and so is elected, I'm moving to Canada." ? Everyone, including the speaker, knows it's an empty threat.
I'm a happy long-time Linux user. Come on in, the water is fine!
on what she shares online. wiki:
" Teevan also received a Ph.D. and S.M. from MIT where she helped pioneer the field of Personal Information Management.[2][3][4]
Teevan spent a number of years as a researcher at Microsoft Research, where she has studied various aspects of human-computer interaction, information retrieval, and computer-supported cooperative work. Her work has focused on how to help people find, manage, and use information more effectively, especially in the context of time constraints, personal preferences, and collaborative settings."
She's a data miner.
Last week I tried to change the system tray clock on my work W11 machine to show seconds. The OS displayed a warning along the lines of "this will take a lot of processor time, don't do it". Yet they think it's OK to take processor time to do frequent screen grabs and even more processor time to perform OCR on said screen grab. <FAIL>
How will they deal with (mostly) graphical screen grabs? Will it be like some of the emails we see where there are text descriptions of logos added to the footer? Text descriptions created by an AI that hasn't been trained on anything like enough data... Or will we be providing the data to do the training?
It doesn't matter if you as an individual disable it and stop it from ever recording anything... you'll still get gobbled up by it.
Anyone who knows you, has interacted with you online, be it via an email or a post on a website... anything that may contain personal and identifiable information that you have never consented to be shared with anyone... ANYONE who interacts with you and has it enabled... will compromise you simply by opening an email with your details in it.
It's an unacceptable nightmare scenario and it needs to be eradicated before it can ever be implemented.
It's also another reason why Windows 10 will be my last MS OS... I'm learning linux.
I also have no direct issue with it, since Win7 was my last OS from M$. I still detest that things like this abomination are created.
Perhaps ask her if she uses any system thats been infected with this at all ?
(or if she is into exhibitionism of each and every kind).
It’s certainly not a feature that any business that has data storage policies will allow. So Enterprise is a no no. Do MS think this is for home users or small businesses who do a thing and then later think ‘I remember doing a thing, but can’t remember where the file/site lives (or it might be removed), but I know roughly when I was looking at it so I’ll replay my screen using the MS CCTV app’.
It seems like a nuclear bomb to crack a nut. It’s got so many problems - I assume it’ll be encrypted and access to recall will be at LEAST p/w protected, even if you are already logged in. Forget sensitive documents/data - It’s like making a copy of every document in your fancy safe, a leaving a copy of every document on your desk as well as in the safe, and hoping the office door will protect everything.
It’s just so obviously a data mining ploy - massive security risk for minimal personal utility. Very user hostile.
I don't think user utility is the end goal with this; if anything the "search your past" functionality is the closest thing to a semi-useful purpose for the end user they could come with on short notice. It seems purpose-built for maximum user behavioral tracking, and to monitor employees in a corporate environment so you can both build "productivity assessment" tools on top of it, and map out their daily tasks and workflows for future automation through AI.
None of it is good.
It is understandable the Microsoft's storage engineer has no problem with Recall, because it is not "his" bloody personal/private data that is exploited by Microsoft or any easy hack of this Windows OS functionality.
This brain-dead attitude and approach bespeaks the crassness exhibited by the company in scant importance given to myriad critical security weaknesses of not just Widows 10/11 but Windows and Exchange Servers, Outlook Messaging service, Azure Cloud and other mal-functioning products.
For more than twenty years, US tech media, US government and corporations have been consumed with complaints and grievances about Windows and other Microsoft software, but now have good options in year 2024 in choosing Linux as significantly superior OS platform on which to operate.
Much of Europe and Asia have moved on from this broken tech delimma of Microsoft.
This post has been deleted by its author
If you still have a PoS system with card data in the clear you are a moron and should be shut down. You are a cheapskate.
PCI/DSS, and chip and pin has been around 25 years and P2P encrypted traffic for card payment for a good chunk of that.
*that being said my local NY pizza joint still swipes cards and you sign a price of paper. That has been mandated out of use in Europe/UK/RoW Buchner banking/payments industry.
CRM data is catching up on this. Rapidly.
The corporate double talk and eventual terse non-response response strongly suggests validation that Recall is a joint corp-gov mass surveillance op being rolled out. I wonder if the other major tech companies will be offering very similar products soon with similar displays of thuggish opacity?
Will this feature be mandatory no opt out soon? Pretend to be surprised when they announce, "ha-ha we've been sucking it up all along".
Microsoft will disable this feature so data isn't stored in the cloid? I think not. Moreover, this concept cuts against OneDrive, where all you data is accessible on all platforms you use. Recall will be hosted in the cloud eventually and our wonderful governments will have access to it with the smallest request.
What they did to the Canadian truckers will seem trivial by comparison to what this will do to free speech and freedom of association. FU MS.
From the article:
"Is it stored locally?" he asked.
Maybe that is the wrong question. Wait 5 months after it's implemented by default on all Windows 11 PC's. Then ask her (or anyone not prepared for that question, so not on a forum where they have plenty of time to consider the consequences of their answer) the question:
"I like Windows Recall a lot. Last week my PC suddenly died and I was sloppy with doing backups. I can't recover the data on my disk. Could Recall help me with important data I lost?" and see what the answer is here. Popcorn needed.
When someone starts as answer with "Yeah, and so it's a great question..." be prepared to receive a long stream of bullshit like we see here.
The fact that they have deployed this with an unencrypted database shows their utter incompetence or their intent that this data WILL NOT be kept locally!
This worries me too - we are not in China or Russia, it shocks me that Microsoft would even think of this process.
After 46 years in Computing, I have made a real action to move to an alternate OS platform, away from MS and all its products, even with working with MS products since the 1990 with MSDOS & Win 1.0!,
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
