back to article Defiant Microsoft pushes ahead with controversial Recall – tho as an opt-in

Microsoft is not giving up on its controversial Windows Recall, though says it will give customers an option to opt in instead of having it on by default, and will beef up the security of any data the software stores. Recall, for those who missed the dumpster fire, was announced on May 20 as a "feature" on forthcoming Copilot …

  1. StrangerHereMyself Silver badge

    Camel and straw

    This [1] interesting article postulates that Microsoft has lost the trust of its users and could see an erosion of its user base because of this. I've been saying for years that Microsoft doesn't care about what Windows users want and is only interested in adding features that pump-up its bottom line. This Recall thing merely throws it up into everyone's face and has led to people thinking about fleeing the platform for...Linux Mint.

    [1]: https://www.windowscentral.com/software-apps/windows-11/microsoft-has-lost-trust-with-its-users-windows-recall-is-the-last-straw

    1. Like a badger

      Re: Camel and straw

      I wish it would be so. But corporate users (a) can probably use policies, standard builds and third party tools to cut out the cancer that is Recall, and (b) even if they can't, don't have the courage to go Linux for the desktop.

      Imagine a suit stamping on a human face forever. That's Microsoft.

      1. StrangerHereMyself Silver badge

        Re: Camel and straw

        Even if only non-corporate users leave Windows for Linux Mint that would be a death-blow to the platform. You're talking about at least 50% of the total PC market, if not more.

        I believe Microsoft only has interns working on Windows and placed its senior developers on more strategic projects like AI and Cloud. Features are added lethargically and updates are often screwed up because the interns have no idea what they're doing.

      2. Jou (Mxyzptlk) Silver badge

        Re: Camel and straw

        > corporate users can probably use policies

        Translation: Pushing again unnecessary cost on companies.

      3. user555

        Re: Camel and straw

        Corporates will be using this to monitor employees. There'll be more "managers" than ever!

        1. bazza Silver badge

          Re: Camel and straw

          That can get a bit tricksy with various privacy laws in various jurisdictions. Personal stuff is still personal, even if its on a corporate machine (like, salary level). Having such data potentially rounded up, with guestimated archival categorisation by an AI and improperly segregated within the company IT system could get a company into a lot of trouble...

          1. Jou (Mxyzptlk) Silver badge

            Re: Camel and straw

            > Personal stuff is still personal, even if its on a corporate machine (like, salary level).

            No. All those company agreements are clear that everything on the corporate machine is considered corporate data, and no private data whatsoever is to be stored there. I know NO company doing anything else in their official regulations, 'cause it would be a loophole regarding data security which cannot be left open.

            As for your salary example, which probably applies to Germany since we are a bit different than other countries in that regard: It has to be clearly defined who can access everything on that machine, and those with that right have to sign an agreement regarding that detail for obvious reasons.

          2. Anonymous Coward
            Anonymous Coward

            @bazza - Re: Camel and straw

            Your salary on your employer's corporate PC is confidential information, it's between you and your employer. It's definitely not personal information. Besides, your employer already has that information.

        2. big_D

          Re: Camel and straw

          That would be illegal, over here. It could cost the company 25M€ or more, if they were caught doing something like that.

    2. Throatwarbler Mangrove Silver badge
      Windows

      Re: Camel and straw

      Wow, that article really struggles to find positive elements of Recall while downplaying the privacy and security concerns that people have about it, and it still has to admit that Microsoft has scored an impressive series of own goals. Using user data to train AI models and direct advertising is only the tip of the iceberg. There are so many ways that Recall can be abused, not just by Redmond but by a variety of actors, that it boggles the mind. It basically enables total surveillance of your PC usage, and the probability that someone will want that information and resort to nefarious means to get it is basically 100%.

      1. StrangerHereMyself Silver badge

        Re: Camel and straw

        I think that this is what many fear: that governments will abuse this and eventually mandate its use for total policing of people's computer activities. This doesn't sound so far fetched when you hear that the EU has recently proposed legislation where every user should opt-in to be monitored all the time or lose the ability to upload and share photo's and video's.

        I'm actually beginning to think that computer users in China don't have it so bad.

        1. Alumoi Silver badge
          Joke

          Re: Camel and straw

          Fear?!?

          People expect goverments will use this "feature". After all, if you have nothing to hide...

        2. JessicaRabbit

          Re: Camel and straw

          Got a link to the proposed legislation? I had a look on DDG but couldn't find anything.

      2. Roland6 Silver badge

        Re: Camel and straw

        > There are so many ways that Recall can be abused, not just by Redmond but by a variety of actors

        I’m thinking how Recall could be of benefit to advertisers. Recall would show them those users who were running ad blockers (webpage displays differently).

        The question now is whether the Recall database can be overwritten with a BSOD image say.

      3. icesenshi

        Re: Camel and straw

        So true. Saying over and over that the only people worried about about recall are those who don't know how it works. I can just see that smug writer smirking at how they're so smart, 'If they were all as smart as me, they wouldn't be saying it's a privacy nightmare.' What a shill.

    3. ThatOne Silver badge
      Unhappy

      Re: Camel and straw

      > has led to people thinking about fleeing the platform for...Linux Mint

      Unfortunately this won't happen. First of all, all new computers come with Windows, and people are lazy: They will just use whatever they are given, without questioning it. Also, people have an incredible capacity to endure abuse without complaining. Microsoft has done worse in the past (Win8 for instance) and yet people (the general masses, not a tiny yet vocal group of techies) stayed with it and soldiered on.

      Those who were intellectually able to leave Windows have done it already, mostly since the Win8 "everything is a tablet" fiasco. The rest will stay whatever you do to them, and Microsoft knows it.

      (Note I'm speaking about private or home office users, in the corporate world things are quite different and Microsoft much more accommodating.)

      1. StrangerHereMyself Silver badge

        Re: Camel and straw

        People are lazy, but not stupid. Word gets around.

        If people's privacy is threatened they'll start to move. Look at the uproar when Apple planned to scan people's photos on their own devices. Some blatantly left the platform before the feature was even introduced. This scared the hell out of Apple, I can assure you. They did a complete turnaround for fear of losing a sizeable number of users.

        Linux Mint is free and full-featured, much more secure and respects your privacy to the fullest. You can do whatever you want with it and if you're capable you can even modify it to your own needs. It never gets outdated.

        1. Steve Davies 3 Silver badge

          Re: Linux Mint is free and full-featured

          Are you saying that other Linux distros are not full-featured?

          IMHO, other free and full featured Linux distro's are available for download. While Mint has its fans, underneath, the influence of Canonical is there.

          I try to avoid anything from MS and Canonical.

        2. big_D

          Re: Camel and straw

          Their privacy has been threatened for years, but they still use Windows, Google Search, Facebook, Instagram, TikTok etc... I

          Most people want it cheap, convenient, easy to use and cheap. Many are perfectly willing to put up with the abuse of their personal data, if it means they can get things easily and it is cheap, or better still, free...

        3. Michael Wojcik Silver badge

          Re: Camel and straw

          People are lazy, but not stupid.

          Well, that's a hot take. All the empirical data I can find suggests that in general people often are stupid, often very much so.

          More importantly, people are willfully ignorant when it comes to security issues, because of cognitive load, negative affective response (security issues are unpleasant), availability heuristic, and other cognitive biases.

          Only about 20% of US consumers take basic precautions such as freezing their credit reports, for example [cited in Krebs 2018]. We've had FACTA for two decades, but it appears that only a bit more than half of US consumers check their credit reports at least annually, and that proportion seems to be pretty stable. A recent Bitwarden study found only about 30% of surveyed users use a password manager, and around 65% reuse passwords across multiple domains.

          People don't like to think about security. They don't like to adopt security practices. Those things are costly to individuals — they cost mental effort, time, and convenience. And they introduce new failure modes, and many interfere with existing use cases such as shared accounts.

          And that's the simple stuff. Switching OSes? That's a big jump.

          1. ThatOne Silver badge
            Thumb Up

            Re: Camel and straw

            > People don't like to think about security.

            Fixed it for you... (Agree with everything, wish I could upvote more than once.)

    4. neverending

      Re: Camel and straw

      Recall was the final straw for me. I had been dual booting Windows11 with ZorinOS to familiarise myself with Linux.

      Zorin now occupies the entire ssd.

    5. Yukkuri

      Re: Camel and straw

      That is exactly what happened in my case. Been 20+ years since I ran Linux on my daily driver, but this is just a bridge too far.

      1. Antron Argaiv Silver badge

        Re: Camel and straw

        You'll be impressed with the change. Even WINE is much, much better.

        Mint user ever since Ubuntu went Unity/tiled (yes, I know they've gone back, but I now like Mint)

        1. Yukkuri

          Re: Camel and straw

          Yes I have been! Things have definitely matured a bunch since then

      2. Michael Wojcik Silver badge

        Re: Camel and straw

        On my personal machines I've typically kept the preinstalled Windows as the host OS, because 1) there are applications like TurboTax which historically required it, and 2) it's just easier. I'd heavily customize Windows (settings, security policy, group policy), throw Cygwin and LibreOffice on, and use Pale Moon as the browser (though I'm gradually using Vivaldi more and more), and then run Linux under a VM for any serious work.

        But it may well be time to switch the host OS to Linux and just have Windows as a guest for the rare occasions where it's needed. Or maybe it isn't; maybe my last few Windows-only applications have viable alternatives, or will run under WINE, or whatever. I'll just have to find some spare time to make the switch. (And decide on a distro. OpenSUSE, maybe.)

    6. Baximelter

      Re: Camel and straw

      Windows users will accept anything and everything Microsoft throws at them. In their vast ignorance they believe that Windows is "what a computer is." They may dislike some aspect of their computer but have no idea there are alternatives.

      1. Jou (Mxyzptlk) Silver badge

        Re: Camel and straw

        Aw, that is a kinda religious type opinion. If you go below the GUI a lot of things were done in the right way around 1992/1993, when the base NT decisions were made. You can run Windows NT 3.51 programs directly on Windows 11, IF they are actually programmed for NT 3.51. You can copy calc.exe pbrush.exe and so on right from NT 3.51 and they work in Window 11.

        The GUI and what their marketing propaganda department are currently throwing at us it an impertinence worse than ever before though. And instead of taking the hint to dial back that bothersome behaviour they dial it up to 11 so even the US government comes to action. They should concentrate more on the core, and the tiny things which can be improved to make using it more bearable.

    7. jglathe

      Re: Camel and straw

      Pop!-OS

  2. kend1
    Childcatcher

    Won't someone think of the conspiracy theories?

    Where did the idea for Recall come from? Follow the money...

    https://www.theregister.com/2024/06/04/pentagon_doubling_down_on_microsoft/

    "The Department of Defense is one of the largest purchasers of cybersecurity services," Wyden and Schmitt wrote. "Through its buying power, DoD's strategies and standards have the power to shape corporate strategies that result in more resilient cybersecurity services."

  3. Dan 55 Silver badge
    Black Helicopters

    Bait and switch

    There's no way to retro fit file encryption and TPM and Hello integration into Recall and QA that between now and its launch in two weeks. None.

    Even assuming they started three weeks ago on the same day that everyone's criticism first started, the chances are still none.

    I get the feeling we have been played.

    1. Benegesserict Cumbersomberbatch Silver badge

      Re: Bait and switch

      I share your scepticism.

      Speaking as someone for whom confidentiality is a professional necessity as well as a workplace-cultural norm, the idea of working on a machine where even the threat of a bug like this being installed is anathema.

      As a workplace user without admin privileges I have no way of knowing if the backend is installed, waiting to be silently activated by outside malice, managerial paranoia, "updates" or dumb chance. Unless this misfeature is hard coded to give a visual warning every time it takes a screen shot regardless of configuration, I won't run that risk.

      I will not use Win11.

      1. A.P. Veening Silver badge

        Re: Bait and switch

        Unless this misfeature is hard coded to give a visual warning every time it takes a screen shot regardless of configuration

        Please add an audible warning as well.

      2. This post has been deleted by its author

    2. Doctor Syntax Silver badge

      Re: Bait and switch

      "There's no way to retro fit file encryption and TPM and Hello integration into Recall and QA that between now and its launch in two weeks. None."

      Speed it up by leaving out the QA. That's the Microsoft way.

    3. ThatOne Silver badge
      Devil

      Re: Bait and switch

      > There's no way to retro fit file encryption and TPM and Hello integration into Recall

      What a stroke of luck they never intended to do that in the first place!

      I mean, why spend money when your intent is to make some? It would be silly, wouldn't it.

    4. big_D

      Re: Bait and switch

      They always said that it required Pluton and Hello ESS, that isn't new to the equation, and nobody has yet had a chance to test it on such a platform.

      The question is, what exactly does Pluton and Hello ESS bring to the equation? Without it, it is a complete dog's dinner and about a secure as a collander. The question is, are they simply talking about Bitlocker being enabled, or are the jpeg files and the database encrypted until the user identifies themselves directly to Recall itself? That last part means that the hypothesis will need to be tested again, once actual hardware is available to test it on, whether it really is still the nightmare we see today, or whether Microsoft can pull some miracle from up their sleeve...

  4. Throatwarbler Mangrove Silver badge
    Linux

    The year of Linux on the desktop (TM)

    My main PC is about due for a refresh, and it looks like this will be the year that I just suck it up and move to Mint. Every other issue I've had with Windows has been superficial, but Windows Panopticon Edition is bullshit.

    1. Rick594

      Re: The year of Linux on the desktop (TM)

      I've moved most of our computers to Mint, it's and excellent Distro and a good replacement to Windows.

    2. big_D

      Re: The year of Linux on the desktop (TM)

      My work laptop died last year, jus before Microsoft were due to announce the Ultra chips, so I managed to get an old laptop out of the spares cupboard at work (a MacBook Air M1) and set that up as an interim solution. Then Qualcomm announced the Snapdragon X Elite and then Intel the Ultra and the Elite sounded much better, so I decided to wait for that, now there is Lunar Lake coming as well, but then we had the Recall fiasco and, to be honest, the MBA does everything I currently need, and silently, that I'm not really in a hurry to get that replacement Windows laptop at the moment.

      1. Evil Scot Bronze badge

        Re: The year of Linux on the desktop (TM)

        Same here.

        Replaced a failing athalon with a two slice pizza box M2.

  5. Blackjack Silver badge

    Be careful of what you say

    Be careful in every way

    Be careful of what you do

    Big Blue is watching you

    Be circumspect and discrete

    Stay light on your mental feet

    One slip and you know you're through

    Big Blue is watching you

    Conform with all directives

    Remember obedience pays

    And when you use that PC be clean

    Remember it works both ways

    You'll disappear in a wink

    Unless you can double think

    You'll vanish into the blue

    Big Blue is watching you

    Big Blue is watching you

    Big Blue is watching you

    Conform with all directives

    Remember obedience pays

    And when you use that PC be clean

    Remember it works both ways

    You'll disappear in a wink

    Unless you can double think

    You'll vanish into the blue

    Big Blue is watching you

    Big Blue is watching you

    Big Blue is watching you

    Big Blue is watching you

  6. Bartholomew
    Coat

    Total Recall the film has the tag line "How would you know if someone stole your mind?"

    There is already a tool available to dump your database in case you forget that username and password that you viewed onscreen once, at the wrong time. https://github.com/xaitax/TotalRecall

    1. Benegesserict Cumbersomberbatch Silver badge

      Re: Total Recall the film has the tag line "How would you know if someone stole your mind?"

      And Total Recall was based on a Phillip K. Dick novel, We Can Remember It For You Wholesale.

      About a corporation engaged in false-memory implantation.

      1. ravenviz Silver badge

        Re: Total Recall the film has the tag line "How would you know if someone stole your mind?"

        I have friends telling me how brilliant it is that they can go onto Google Maps for years in the past and see their entire whereabouts at any given moment, it even plots it out for you! People seem to like it!

  7. Strong as Taishan Mountains

    For now

    Anyone want to bet in 4 months someone finds they've quietly re enabled it as part of an update?

    As another poaster noted, follow the money. Microsoft has gigantic defense contracts, and they also may make more from selling data than any individual Windows license gets them.

    But, following the handbook of Western Corps today the answer is to double down. After all, f$ck the customer, your money comes from the government.

    1. Steve Davies 3 Silver badge

      Re: they've quietly re enabled it as part of an update?

      And made it almost impossible to disable for the average punter.

      SOP for MS these days.

    2. Chet Mannly

      Re: For now

      Or we find out that opting out doesn't disable it entirely, and there's still some subsystem hoovering up data like there's no tomorrow - just not screenshots etc

  8. DS999 Silver badge

    How does this idea make it past all the layers and be formally announced?

    There have been botched rollouts of questionable things before, where maybe if something was framed differently it wouldn't have received as much blowback. Corporations do that all the time, and it might hit the news for a day or a week and then be mostly forgotten.

    But this is such a genuinely terrible idea no matter how it is presented, I can't understand how layer after layer of Microsoft management, and employees from the engineers who coded it to the marketers who came up with the name could have not realized how bad it was. Or were people alerting again and again, but it was a demand from up on high that this will be done and either the people speaking out against it are being alarmists, or Microsoft will be able to foist it on the public regardless of its issues?

    What really makes me think that everyone in Microsoft must have been OK with it is that it wasn't even designed to be secure. All modern Windows PCs (and therefore all AI PCs) will have a TPM, so it would be simple to encrypt this data using a key stowed away in the TPM so barring a TPM level exploit no way for malware to get at it (at least until it is copied to the cloud but that's a whole other issue)

    That such a simple step wasn't taken tells me everyone at Microsoft was absolutely fine with this, and somehow caught off guard by the backlash. How out of touch does their corporate culture have to be for that to be the case? At least when other corporations like Boeing are doing really awful things there are whistleblowers. Where is the Microsoft Recall whistleblower??

    1. Joe W Silver badge

      Re: How does this idea make it past all the layers and be formally announced?

      Big Man Shiny Beads Syndrome.

      Boss likes the idea, so it will happen. Any opposition will be ignored (and.... removed, though in this case not as drastically as in some places).

  9. zimzam

    Edgy

    Opt-in in the same way Edge is, with constant badgering warnings to turn it back on? They'll find some angle to claim that leaving it off is a security or data risk.

  10. Mike Pellatt

    Hardly the first time, is it?

    Hands up everyone who remembers ActiveX.

    Everyone with the slightest bit of security knowledge, when MS announced it: "Don't do this, it's a security disaster"

    Microsoft: "But our users are demanding it"

    A few short years later, guess what had become a major malware infection vector on Windows. And users weren't demanding it quite as much.

    1. Cruachan Bronze badge

      Re: Hardly the first time, is it?

      To this day every time we roll out new security policies or new versions of Office (or whatever MS call it this week) the beancounters start screaming about their macros. I'm still yet to see a company push back on them and say no, no more macros in all my years as a contractor.

      1. Jou (Mxyzptlk) Silver badge

        Re: Hardly the first time, is it?

        > beancounters start screaming about their macros

        That is because simple functions, like cloning a cell format from another sheet depending on the cell content, don't exist in excel. And even worse: There is no "allow these known good functions, disallow this known bad" setting, only on/off. Of course you could argue that VBA has no known good functions :D, and I hate using it, but for some things there is no other way. Though I would prefer powershell-in-excel with its better syntax.

  11. Roland6 Silver badge

    ICO

    According the the BBC “ The Information Commissioner's Office (ICO), the UK's data watchdog, had told the BBC it was "making enquiries" with Microsoft about the tool after concerns were raised.”

    [ https://www.bbc.co.uk/news/articles/cd11rje1mrro ]

    It seems there might be a case for more people to report privacy concerns in public “beta” software to the ICO (or their local equivalent); as it seems if sufficient report concerns, they start to ask questions. Whilst I don’t expect major changes, with an increased level of engagement with the ICO, companies like MS might begin to take piracy mo seriously.

    1. Steve Davies 3 Silver badge

      Re: ICO

      Has about as much teeth as US Senator Tommy Tubberville on a good day.

  12. Doctor Syntax Silver badge

    "Recall snapshots will only be decrypted and accessible when the user authenticates."

    That's no protection at all if TPTB can demand your password.

    1. ThatOne Silver badge
      Unhappy

      Besides, that's what they say, and we all know how proficient they are in security matters. In reality you will most likely be able to easily bypass all authentication and get to the data without the user's consent (or even knowledge).

  13. Anonymous Coward
    Anonymous Coward

    Main use for Microsoft:

    Secure access to current user data for any future AI training. Hovering it all up now would be too costly and troublesome. Only using select user information for training only current ML is considered a waste. So they'll make sure that from now they can Recall TM everything the user did and input to train and retrain all current and future ML software with the user data. Use as much as possible the local client paid data storage and Microsoft enforced client paid AI processor and client paid electricity for training or at least pre-training of the ML data.

    The distinction between computer criminal gangs and giant software companies begins to become harder and harder to define.

  14. Jou (Mxyzptlk) Silver badge

    OptIn without dark pattern?

    Like the Windows 11 pro setup: You can opt out of cloud account during setup and create a local one, but only after entering "x@x.x" with password "x" or other tricks.

    I doubt it will be different. And of course it will be a big pop-up full screen preventing you to WORK until you've completed the four "Really not?" questions like Edge...

  15. ThatOne Silver badge
    Unhappy

    > Windows maker acknowledges 'clear signal' from everyone, then mostly ignores it

    That's the Microsoft way since around the start of the century, isn't it.

    "Don't you tire your pretty little head about this, your Uncle Microsoft knows what you need: Bend over."

  16. Boolian

    Keep the Red Flag Flying.

    Hmm, I have to ask the obviously not so obvious question: how are Microsoft and Anti-Virus/ Malware companies colluding?

    Even the worst security product should flag 'Recall' as a blunt keylogger at the very least; so what mechanism does Microsoft, Windows, or Recall utilise, which enables it to escape detection as a 'PUP', or whitelists it from being flagged?

    Answers on a one-time pad...

    1. Richard 12 Silver badge

      Re: Keep the Red Flag Flying.

      Microsoft Defender has a near monopoly in that market, they've crushed everything else by being 'free' or bundled.

  17. aizuchi
    Big Brother

    For opt-ins, a Premium wireless device will be available to stuff into your shorts.

  18. b1k3rdude

    Opt-in means it can be force-disabled and or removed from the iso, good.

  19. Anonymous Coward
    Anonymous Coward

    Image this ...

    Big Banks, Airlines, and Nuclear stations use Citrix or some other remote login client to let their employees log into their Virtual Cloud clients over VPN so they can control what their employees do and prevent things like data leaks.

    However, the employee's BYOD has been compromised by bad actors who have gained access to Recall and now can not only see what goes on since breaking in but can Recall all the past screens/data of that computer, including the work they do for the bank, airline, or nuclear station. They see not only customer data but also gain knowledge of how those systems work and find more vulnerabilities way down the architecture chain. They see what other users may also have access to and then target their BYOD as well. And so on it goes, going right throughout an organisation without anyone knowing (as they have not used any of that information ... yet).

    Now, when they hit these places, the companies react, but due to the internal people who fire-fight, these situations are also very much compromised as well (that's the clever part of the bad actors), which actually opens up more of the organisation to the bad actors. Essentially, Recall has given them way too many vectors to attack an org, and it just keeps giving more and more.

    This whole approach is a massive security risk. I suspect they think the AI will prevent all this, but it won't as the bad actors will target that first as the best way to stay in once they are in.

    At the end of the day, we need humans to make the decisions and store the key information in their heads. The simple reason is that while both Humans and Computers can be compromised, it's harder to keep Humans comprised in that way than Computers. As Humans make mistakes and can get found out, therefore their state of being completely compromised changes from that to a lesser one; they find it hard to break other Humans as well, and eventually and usually soon, they get discovered. Once computers get broken, then they are broken; they are then used to break into more, and you may not discover it until it's too late!

  20. druck Silver badge

    Who is going to trust a Microsoft "opt-in"?

    Let's just see their previous form in opt-ins:-

    * The opt-in for Windows 10 upgrades, where even the close button in the window title bar goes ahead and does upgrades anyway.

    * The opt-in for the default browser choice where whatever browser you select, Microsoft opens everything in Edge anyway.

    * The opt-in to telemetry, where you have a choice between surrendering all data to Microsoft, or slightly less than all data to Microsoft.

    With Recall it will record everything anyway for use by Microsoft, the opt-in will control whether or not you get to see it.

  21. Anonymous Coward
    Anonymous Coward

    Is Opting In good enough to calm my nerves .... I don't quite recall ... but assume *NO* !!!

    As I posted 2 days ago, Breaking Recall is coming real soon now !!!.

    "Wait carefully while someone shows how to do it in the next 3-6 months ... or possibly less !!!"

    I was wrong ..... I should of said 3-6 HOURS !!!

    See https://github.com/xaitax/TotalRecall?is=de8f99f633779c48394560419ed2ff46c36627f60fd2bd92d66c65518957cfdd

    MS ... do you still think this is a good idea & secure !!!

    This is just the 1st attempt at accessing 'Recall' data .... it will get more sophisicated and stealthy !!!

    :)

    1. Jou (Mxyzptlk) Silver badge

      Re: Is Opting In good enough to calm my nerves .... I don't quite recall ... but assume *NO* !!!

      > See https://github.com/xaitax/TotalRecall?is=de8f99f633779c48394560419ed2ff46c36627f60fd2bd92d66c65518957cfdd

      Flagged as "could be harmful, do you want to keep" by Edge :D.

      1. Boolian

        Re: Is Opting In good enough to calm my nerves .... I don't quite recall ... but assume *NO* !!!

        Flagged by Edge eh? Ha! I was wondering why I hadn't seen reports of any other 'Security software' flagging it as a PUP - that's a first.

        As @Richard12 pointed out to me, that's probably because of the ubiquitous use of 'Microsoft Defender' (which I assume ignores Recall) if so, it seems Edge hasn't got the memo to whitelist it... yet.

        It appears everyone else and their dog got the memo though. Curiouser and curiouser.

  22. Cmdr Bugbear

    Will Recall record audio also (of course it will) ?

    Assuming audio is also recorded, that means I will be very uncomfortable using my non-windows computer to make an audo or video call with a windows computer. Camera off, no screen sharing and single word answers I suppose...

    1. Anonymous Coward
      Anonymous Coward

      Re: Will Recall record audio also (of course it will) ?

      Simple solution to maintain security ... !!! :<jk>

      Two cameras on separate PC's, each covering *one* of the two semaphore Flags you are using.

      Recipient has two screens showing *each* flag, appropriately aligned next to each other.

      Simples !!!

      :)

      P.S. Aldis lamp version is coming real soon !!! ...

      (Just need to ensure the brightness is high enough to saturate [White-out] the picture(s) captured)

  23. bazza Silver badge

    This is Not a Good Idea

    Though I can see how it's come about.

    AI is all the rage, and there seems to be developers all over who are under a lot of pressure to AI-ify their company's products. We're getting AI tooth brushes, washing machine, etc. Windows is clearly not immune to that. And a common way of seeing if a feature will land is to JFDI and see. In this case, the bleedin obvious is becoming, well, obvious.

    The developers don't have much choice in this, they basically have to implement crazy features and secure that public backlash in order to get their bosses to "back the **** off". Though it is disappointing that MS has failed to predict the backlash, I'd have hoped that they with their history would at least be slightly wary of the security hazards associated with recording and processing literally everything a user sees and does.

    It also puts a massive problem into backup, cloud. If you're corporately backing up user data / machines, and that goes abroad but it contains records of everything the user has seen and done, some of that data may not be permitted to travel abroad. Data protection compliance sounds like a nightmare.

  24. 0laf Silver badge

    It's unlikely that the majority of Windows current users will switch to Linux, they are non-technical people who do not like to make changes so substantial to their own systems, the ease of the change or how good Mint might be is pretty much irrelevant. They will probaby either continue with Windows and Recall and simple be blissfully unaware of it (in the same what they do not know about 90% of the other features in a Windows OS) or they'll move to another product altogether like iPad or a Chromebook.

    1. navarac Silver badge

      <<It's unlikely that the majority of Windows current users....>>

      This is, unfortunately, true, although I question how many use Windows PCs rather than their smartphone! Most people who have them, treat a PC as a consumer device. It is up to the rest of us to educate them though, rather than let them drag all of us down with them. Microsoft is certainly not trustworthy enough to be let loose with Recall, or indeed a PC operating system. Their (lackadaisical) reputation for security goes before them.

  25. miken101
    WTF?

    Microsoft email

    I've been receiving this email for many months now, I did not realise it was coming from Microsoft.

    "Well, hello there, my perverted friend.

    I'll get right to the point.

    We've actually known each other for a while now, at least I've known you.

    You can call me Big Brother or the All-Seeing Eye.

    I'm a hacker who a few months ago gained access to your device, including your browser history and webcam."

  26. Ken Moorhouse Silver badge

    Opt In

    But we can prove that your mouse pointer hovered over the Opt In button, what's not to say you didn't press it?

  27. Bebu Silver badge
    Windows

    Doesn't sound all that clever...

    It takes a snapshot of whatever is on the user's screen every few seconds. These images are stored on-device and analyzed locally by an AI model, using OCR to extract text from the screen, to make past work searchable and more accessible.

    I would have thought hooking the Windows text rendering routines would be more reliable than trying OCR whatever was on the screen. If you were using a Blackletter (Gothic) typeface the AI/OCR might get confused. ;) Not to say traditional Chinese glyphs could be a challenge.

    In the days of yore stretched pig's bladder is said to have been used for windows and I imagine slightly more transparent than dealing with MS Windows but otherwise have much in common.

    Fortunately I only do windows with 30% ethanol/70% water and a drop of detergent. ;)

    There really is a ruthless competition between our IT megcorps to determine which is the genuine Sirius Cybernetics Corporation.

  28. prh99

    Give it a couple years, it will be a live feed

    of everything you do and see on your Windows computer, straight to Microsoft's datacenters.

  29. Cruachan Bronze badge

    I never opted-in to Copilot, and frequently change the settings to turn it off, yet mysteriously it seems to pop up regularly on my searches.

    (Yes, I use Bing for searching purely to get Game Pass for free via Microsoft Rewards. Most of my searching is done for work anyway looking up PowerShell command syntax and things like that.)

  30. Skiver

    Opt-in right up until they turn it on by default when nobody is looking.

  31. Rgen

    So when something goes wrong, Microsoft will say "I don't recall"

  32. Omidia

    This is a cool idea

    I dunno, I think this is a really cool idea.

    We just can't trust Microsoft, or our computers generally (and never will be able to), so it's a non starter.

    As a thought experiment it is a super cool idea.

    If they want a cool idea, stop mucking around and have a property backup built in, like apples time machine!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like