back to article Recall the Recall recall? Microsoft thinks it can make that Windows feature palatable

Microsoft has revised the Recall feature for its Copilot+ PCs and insists that the self-surveillance system is secure. "Recall," as Microsoft describes it, "is designed to help you instantly and securely find what you’ve seen on your PC." You may not recall what you were doing on your PC but rest assured that Microsoft's …

  1. Anonymous Coward
    Anonymous Coward

    I recall. Windows was that short period between my BBC B micro and a proper operating system (anything BUT Windows) including OS/2, Linux, Unix, OSX & z/OS

    1. Blazde Silver badge

      Pointing .bash_history to /dev/null is opt-in. Assuming you have some say in such matters. I've used systems in the past where I didn't and, I recall it being creepy enough just wondering if I might be judged for over-using ls every other command.

      But okay, the Windows version is next level.

      1. SteveK

        I might be judged for over-using ls every other command.

        I have a tendency to create a new directory, cd into it and immediately 'ls'. Quite what I am expecting to find in a newly created directory, I'm not sure? And when I don't find anything I often 'ls -a' just to be sure. I know I'm doing it, but my fingers just seem to have it as muscle memory.

        1. collinsl Silver badge

          Better to check than to fail to check and get something wrong

  2. Howard Sway Silver badge

    tries to prevent passwords, national ID numbers, and credit card numbers from being recorded

    Loving that "tries to". As if that's any kind of reliable security guarantee at all.

    1. zuckzuckgo

      Re: tries to prevent passwords, national ID numbers, and credit card numbers from being recorded

      And even if Microsoft is successful at filtering out sensitive data, they have still created the software infrastructure that a hacker can exploit to reliably collect that data. So now some simple compact malware may be all that's needed do the job.

      At least they are making someone's job easier.

      1. Woodnag

        Re: tries to prevent passwords, national ID numbers, and credit card numbers from being recorded

        Yes. So opt-out isn't enough. Opting out should mean that the code isn't there at all, so can't be quietly enabled by some hack attack through a hole that hasn't been spotted yet.

    2. Anonymous Coward
      Anonymous Coward

      Best you are going to get

      Keyword detection is and will be plagued by false positive and negative errors, and heavily biased to a few nations version of PMI.

      The opt-in is also a lie. They wills steal as much data as they can, but they are willing to give up the personal computing activity of those who control their machines and can actially consent themselves. Anyone that is a student, employee, or member of the paranoid forces will of course not be able choose for themselves. M$ will probably and predictably allow HR to order IT to turn in on without asking the meat behind the keyboard, blowing off a toe on the other foot with this mighty hand cannon of a Footgun. They will then add a disclosure pop-up as ordered in the next lawsuit that is coming.

      Even without M$ active enabling of non-consensual surveillance and data use, 3rd parties will step in and there will be a new option in your Fortinet or Crowdstrike console to silently enforce the settings and bleed information out of the enclave using the organizations access.

    3. Guy de Loimbard Bronze badge

      Re: tries to prevent passwords, national ID numbers, and credit card numbers from being recorded

      It's a good a hope being part of your security plan!

  3. cornetman Silver badge

    So you say it's secure? How about you make it not extremely creepy?

    1. cyberdemon Silver badge
      Big Brother

      And I did not stand up, because I had nothing to hide

      And then they came for me.

      Seriously creepy. Microsoft does a LOT of 'government work' in many different jurisdictions, and I bet they are being pushed very hard to get this through.

    2. Plest Silver badge
      Facepalm

      We all know perfectly well what it's for, it's for companies to spy on employees to make sure you're working your 8 hours solid and not doing stupid things like taking breaks for coffee, lunch and going for a wotnot, all those activities that companies classify as wasting time rather than working 100% of the contracted 7-8 hours a day.

      1. Anonymous Coward
        Anonymous Coward

        Yes and

        They can do that already of course, but what it is collecting isn't really a good fit for that or their claimed first use case. Which isn't to say that it won't be usable to allow a search of recent activity or in an attempt to track worker drones "output". Sadly they have worked hard to break local search increasingly badly with each major update, and intentionally broke their online search to sling more ads and links to bogus sites and content farmed.

        So they have much grander ambitions to this then just workplace surveillance, which is why after giving the initial bleeding a chance to stop they have reached for the footgun again.

        This is the on ramp for them to use activity data to try to drive "automation". The first wave of that will be sold to users as a way to make their life easier in exchange for their last vestiges of privacy. The next wave will sold to your manager with a pitch that is expensive but still cheaper than you, and unlike you, they can issue bug fixes. The third wave will be sold to the board to make most of the remaining employees redundant, and the last will be sold to large shareholders as a way to remove inefficient board-members that aren't doing everything possible to maximize quarterly profits.

        1. Not Yb Bronze badge

          Re: Yes and

          "You appearing to be trying to write a letter, here are 9 examples of letters AI generated from your previous one, which one looks closest to the letter you wish to send?" -- Neo-Clippy

    3. ThatOne Silver badge
      WTF?

      Creepy and useless. I still wonder who would ever need this "feature". Besides stalkers and criminals, of course.

  4. Boris the Cockroach Silver badge
    Facepalm

    Who are you?

    1. Up and coming politician

    2. CEO of a major company.

    3. Military commander somewhere

    4. Researcher at a drugs company.

    5. Medical doctor.

    6. High school teacher.

    I could think of lots more professions that recall should be no where near, as microsoft's 'security' promises have repeatedly proved to be not worth anything as recall will be THE prime target for any hackers breaking into your system, and besides, I bet recall will be sent to onedrive by default anyway, with the security implications that brings....

    1. Anonymous Coward
      Anonymous Coward

      Re: Who are you?

      > I could think of lots more professions that recall should be no where near

      That's the mistake: all of the "enterprise" versions of Windows, joined to an AD domain, have group policies to turn this sh!t off! ;-D

      This is only for the peasants. As much money as they've thrust into AI, and this their only "product" to show for it, open up, so they can start shoving--!

      1. Anonymous Coward
        Anonymous Coward

        Re: Who are you?

        "That's the mistake: all of the "enterprise" versions of Windows, joined to an AD domain, have group policies to turn this sh!t off! ;-D"

        Or group policies to turn it *ON*, where the enterprise decides it wants to have a way to keep an eye on employees and/or contractors.

        I'm sure there are GDPR-related issues with such a scenario...

        1. John Brown (no body) Silver badge

          Re: Who are you?

          Yes, there will be managers or companies salivating at the thought of the staff "metrics" they can gather from this. The sensible ones will be throwing their hands up in horror and making sure the policies turn it all off. And then there will be the whistle-blowers pointing to employers who have it turned on in violation of all sorts of security agreements, including GDPR, anyone processing card payments or just dealing with anything government/secret/security related.

          I predict the first casualty will be a local government org somewhere where the elected officials refuse to listen to the IT people, mainly because elected officials rarely remember anything and will think this is a huge boon to them personally since they will think they can save money by doing away with assistants.

    2. Anonymous Coward
      Anonymous Coward

      Re: Who are you?

      7. Exorcist.

      1. cyberdemon Silver badge
        Trollface

        Re: Exorcist

        I think the modern term for that is CISO

    3. M.V. Lipvig Silver badge

      Re: Who are you?

      "I bet recall will be sent to onedrive by default anyway, with the security implications that brings...."

      Well, duh, how else is M$ to parse their, I mean, your data in peace? They'll need it under their control in case you do something offensive like shut your machine off.

    4. Jedit Silver badge
      Thumb Up

      "I could think of lots more professions that recall should be no where near"

      So can I, and it's a shorter list than yours because it's "all of them".

  5. PB90210 Bronze badge

    You've trod in something, thought you've scraped it off, but the smell tells you you were mistaken!

    BBC's version of the story notes that <cough> 'diagnostic data' may be sent back to the mothership unless you find the off switch in the bottom of a filing cabinet in a disused toilet in the basement with the 'beware of the leopard' sign on the door

  6. PCScreenOnly

    No windows hello - no recall

    My W11 devices that I have are all local accounts hopefully that would be enough to do it

    1. cyberdemon Silver badge
      Joke

      Re: No windows hello - no recall

      You forgot your icon - I hope

    2. Roopee Silver badge
      Facepalm

      Re: No windows hello - no recall

      So would mine if I had one.

      Oh I forgot, there’s my WFH PC, supplied by work, controlled by work...

      1. CrazyOldCatMan Silver badge

        Re: No windows hello - no recall

        Oh I forgot, there’s my WFH PC, supplied by work, controlled by work...

        I'm very happy that I use (several) Macs for WFH..

        (Yes, the Intel one does have a company-build VM running under Parallels but I only fire it up when I have to do stull where there's no application for it on the Mac).

  7. Throatwarbler Mangrove Silver badge
    Windows

    Ugh

    I keep booting Windows back up because there are some games and a few other applications that just resolutely will not run on Linux, and so I was considering throwing in the towel on the Linux experiment, but this crap reminds me why to keep plugging away at it or at least to keep anything sensitive on Linux.

    The fact that Microsoft have somewhat latterly decided to bolt on security rather than considering the privacy implications from the inception of Recall says a lot about the development philosophy behind the feature.

    1. M.V. Lipvig Silver badge

      Re: Ugh

      The whole point of the software is to grab your data every few seconds for their examination. You do not need security. I mean, you act like it's your data or something.

      1. Plest Silver badge

        Re: Ugh

        No, it's to sell the spy-as-a-service to companies needing to check we plebs are working 8 hours a day, especially WFH is more prevalent now, 'cos companies see all those coffee and toilet breaks as a wasting company time and money, with Recall they have proof you wasted 47.6 secs going for a pee and grabbing a biccie when things got busy!

    2. Someone Else Silver badge

      Re: Ugh

      The fact that Microsoft have somewhat latterly decided to bolt on security rather than considering the privacy implications from the inception of Recall says a lot about the development philosophy behind the feature everything they have ever created since the beginning of the Windows era.

      There, FTFY

      1. Not Yb Bronze badge

        Re: Ugh

        Pretty much. NT was probably their first attempt to even consider security as more than something to be controlled by a locked door.

  8. bryces666

    not secure

    "for its Copilot+ PCs and insists that the self-surveillance system is secure."

    ... until is is not, which will happen sooner or later!

    1. DJV Silver badge

      Re: "until is is not, which will happen sooner or later!"

      ... until is is not, which will happen sooner!

      FTFY

  9. Captain Hogwash Silver badge

    The problem with Recall

    is not that the screenshots might be stolen or sent to the mothership. It is that the mothership will send queries to the AI which will then return the results. These queries may be made by Microsoft for its own benefit or on behalf of TLAs or whomsoever pays enough. If it can be removed from my corporate laptop then it will be removed.

    1. The Man Who Fell To Earth Silver badge
      FAIL

      Re: The problem with Recall

      Notice the whole subject of Legal Discovery wasn't addressed. One should presume that Recall still presents a huge problem there for anyone foolish enough to allow it to run.

    2. ThatOne Silver badge
      Devil

      Re: The problem with Recall

      > If it can be removed from my corporate laptop then it will be removed.

      Again, and again, and again...

  10. Sleep deprived

    Targeting users with Alzheimer?

    That's the only proper use case I can envision. Microsoft is getting ready for an aging population.

    1. Bebu
      Coat

      Re: Targeting users with Alzheimer?

      That intersected with a thought just before I read that. :)

      With moderate short term memory loss the idea might not be so odd. As it is I suspect many of us already use google/bing/duck as an auxiliary memory.

      The thought that struck me was if I depended on a device for pretty much the entirety of my memory (short,medium,long term) I would pretty much have ceased to be [me] but just some coprocessor for the device to "experience" those memories - real or hallucinatory. Even the experience of the normal passing of time would vanish - if the device replayed the memories in reverse order you would not be any the wiser.

      Even if MS do permit users to turn off the recall feature I would be concerned to what extent the base Windows [11?] has been instrumented to allow recall to work and whether those hooks could be hijacked by other clandestine surveillance software.

      Goes without saying that I don't use Windows (or have any need to) but if recall gets any traction I can see desktop Linux distros offering something similar - another addition to systemd's already vast estate? :(

      1. Richard 12 Silver badge

        Re: Targeting users with Alzheimer?

        It's presumably just hitting Print Screen every time. Screen recorders can do the same, but are asked to show onscreen indicators while running.

        If literally anything else was doing that continuously without live indication Microsoft would be screaming, but it's fine if they're the ones exfiltrating the data.

        1. Doctor Syntax Silver badge

          Re: Targeting users with Alzheimer?

          It's not just screenshotting. It's OCRing any text on screen and indexing it running it all through its AI.

          1. John Brown (no body) Silver badge

            Re: Targeting users with Alzheimer?

            I wonder how long it will take to fill the local SSD? And when running Disk Cleanup, which files will be suggested at the top of the list for deletion? The spooky data capture archive or your music collection?

            1. Jellied Eel Silver badge

              Re: Targeting users with Alzheimer?

              I wonder how long it will take to fill the local SSD?

              It'll be fine. It'll automatically pop up an advert inviting you to buy more. Or just automatically upgrade you to the next tier of One Drive storage.

              But there will be related issues, like SSD wear or just the amount of memory and CPU it'll suck up. But you wanted to upgrade all your PCs, didn't you? It'll be like the dark days of MS's search/index processes continually running and still never being able to find what you're looking for.

              The whole thing is just nucking futs. So I have 3x4K monitors on this box. They may variously have games, videos, documents, compilers, web pages open at the same time. Some of which might contain copyright content, so MS can't, and I can't authorise MS to make copies of that content. I just can't think of any reason why I'd need or want MS to take screenshots, process and store any of that stuff every few seconds. I guess it might give MS valuable marketing data, like the most common activity being users trying to find ways to terminate any and all 'AI' processes with extreme prejudice.

              Which is the first thing I asked Copilot to find for me. As is often the case with 'AI', I didn't get any good answer.

        2. Roopee Silver badge
          FAIL

          Re: Targeting users with Alzheimer?

          Just think how useful it could be - if you had Recall you could go back and (re)read the article properly! Or maybe ask the AI to fact-check as you type.

          1. Jimmy2Cows Silver badge

            Re: Targeting users with Alzheimer?

            What makes you think AI, with its tendency to make shit up just so it "answers" the prompt, is remotely suitable for fact checking?

  11. Anonymous Coward
    Anonymous Coward

    How about just having Windows installation just giving you the operating system plus a simple web browser with a gateway to - say - The MS Crudstore, where you can get all the accessories, and maybe a free fone number where you can order a DVD or two with it on.

    Then you can install all that stuff you so badly want, like XBox, Edge, Copilot, Recall, Orifice 365 teasers, etc to your hearts content.. Or just ignore 99% or it.

    1. Plest Silver badge
      Happy

      How would MS make any money? The days where you bought software and it did exactly what it promised on the box, those days disappeared back around 1999 my friend. Software is for data gathering first and foremost, any productivity you experience with software is purely incidental these days!

      1. Anonymous Coward
        Anonymous Coward

        Maybe I missed it but as far as I know Microsoft has never been able to produce software that did as proclaimed on the box. Hardware, yes, but software has forever been a mess.

        I may have missed something, of course, I've only had MS software forced on me by various places since MS-DOS 3.2 so maybe before then that made something that wasn't bloat and only vaguely did what it promised on the box, but the fact that XENIX is no more suggests it didn't make enough profit with Operating Systems built on a reasonable solid foundation.

  12. mijj

    It's secure - trust me!

    1. Plest Silver badge
      Happy

      I hear the rest of that statement...."Would I lie to you?"

      1. khjohansen
        Happy

        Oh Yeah!!

        Charles & Eddie flashback ...

  13. Chasxith
    Stop

    warm fuzzy feeling

    It's okay guys, Uncle Microsoft is here to save the day with AI and totally isn't interested in your data, no siree. Surprised they bothered supporting any browser other than edge, given how it would be additional leverage to swap to the hell-browser....

    It feels that with every Windows install I do, ~70% of the time isn't so much installing the OS as uninstalling all the crap it comes with.

  14. jokerscrowbar

    Vista doesn't seem so bad now does it?

  15. Doctor Syntax Silver badge

    "Recall is designed with security and privacy in mind,"

    In that case how was it that they had created "unique security challenges" and that few if any of these claimed security features were originally present? Does that mean that in a few months they've completely redesigned and reimplemented it or have they just bolted Sellotaped on as an afterthought as much as they could come up with in a brain-storming session?

    1. Evil Auditor Silver badge
      Thumb Up

      Well said. Then again, if security and privacy were in Microsoft's mind at any time, Recall wouldn't have been designed in the first place. The existence of Recall nullifies their statement ("Recall is designed with security and privacy in mind") and everything deduced from it.

    2. Plest Silver badge
      Happy

      Hey, it'll likely have SSL on the line when it sends the data back to the mothership! There you go, security and privacy taken care of!

  16. TimTechDude
    Big Brother

    Ridiculous!

    What idiot came up with Recall? Cleary it's a huge privacy issue and will certainly be abused.

    Plus, I don't want the CPU, Memory and Storage used by something I don't even want. My PC is supposed to do what I want and nothing else.

    1. Steve Davies 3 Silver badge
      Childcatcher

      Re: My PC is supposed

      Sorry, but you clearly didn't read the 1pt white or white text of the MS License where it states that by allowing Windows to run on the PC, ownership of said PC/Laptop transfers to MS while Windows is installed.

      1. John Brown (no body) Silver badge

        Re: My PC is supposed

        Based on recent news stories re Disney and Uber Ts&Cs for minor interactions with then removing your right to sue them at all, for anything, in the USA, I'd not be surprised if that sort of term was actually in the MS licence and that the US legal system would uphold it as valid and legal.

        1. Steve Davies 3 Silver badge

          Re: no rights to sue

          Are right there in many other things. In some countries, that clause is illegal. That does not stop the likes of Trump and his $100,000 watch. Delivery? Sometime never but sorry sucker, you can't sue.

          FSCK all companies who try to remove our rights to sue for breach of contract.

        2. Roland6 Silver badge

          Re: My PC is supposed

          >Based on recent news stories re Disney and Uber Ts&Cs

          But these were in part about history, so you might need to dig out that Windows Phone agreement (or even WfWg EULA) to see if it can be linked to you and to discover if it contains any terms and conditions that MS may wish to deem are part of your current agreement with them. Obviously, you are unable to do similar and demand that W10+ has been sold to you under the MS-DOS EULA...

    2. Plest Silver badge

      Re: Ridiculous!

      Selling the spying service to employees on corp laptops and desktops! I cannot think of any other purpose than as a service for enterprise customers and paranoid PHBs to spy on staff.

  17. navarac Silver badge

    Bye-bye Microsoft.

    Thank goodness I dumped Microsoft (Windows) at the start of the Pandemic, when I had time to immerse myself in Linux. Who's to say an update to Windows won't "accidentally" turn on this crap? It has happened multiple times before. Apart from that, it is a massive Malware target that even at this minute, Nefarious State Actors and Script kiddies are working out how to monetise it. No OS is totally immune, but Windows is a really leaky bucket.

    1. NewModelArmy

      Re: Bye-bye Microsoft.

      What i find quite worrying is that there is absolutely no uproar about Microsoft coming out with this product called Recall.

      The slow migration of surveillance of all the people, which started online, and now on the very PC you own, without any general public reaction, is perplexing.

      This is not about whether you have something to hide, but about peoples privacy and security.

      If North Korea was reported to have this capability on their only allowed OS, then it would be expected and discussed with great derision of the totalitarian state.

      The difference here is that the west (Microsoft) is saying it is for your benefit, and the pariah states are accepting that it is for their benefit.

      Microsoft is acting like an abusive partner, telling you that they have your best interests at heart, whilst having the ability to track everything you do.

      1. werdsmith Silver badge

        Re: Bye-bye Microsoft.

        Works on CoPilot+ PCs. PCs with an NPU.

        This is what is known as a unique deterrent point (UDP) for Copilot+ PCs. Businesses will seek out PCs without NPU.

        Most people are not Register reading nurds who shit themselves over every Microsoft move.

        1. bofh1961

          Re: Bye-bye Microsoft.

          I suspect that altogether too many businesses will see Recall as a good thing. You know, all those corporates that like to lock down their users as completely as possible with group policies will now have built-in spyware at their disposal too. The hardware manufacturers will love it because they'll be hoping it's the killer app for local AI that they really need to sell that shit.

          1. Plest Silver badge

            Re: Bye-bye Microsoft.

            Precisely! No need to buy corp spy software, you can no get it as part of the Windows enterprise license, baked into the system and I'll bet that within a year there'll be a console you can install ready to tap any laptop or desktop's Recall cache, perfect tool for paranoid PHBs to check we plebs are earning our daily scheckles and not wasting time going to the toilet or eating lunch!

        2. John Brown (no body) Silver badge

          Re: Bye-bye Microsoft.

          "Businesses will seek out PCs without NPU."

          You are assuming that that will still be possible in a couple of years time. When did you last try to buy a "smart" tv? Or new car that is not "connected" in some way? Consumer "choice" is limited by what is actually available. You can have any colour you want so long as it is black.

  18. Brave Coward

    Recall the Recall recall?

    No, I don't, sorry.

    But wait! Let me just ask Recall...

  19. Steve Davies 3 Silver badge

    MS is trying to make Big Brother redundant

    This this POS.

    I hope that MS dies a horrible death. This is way to invasive.

    I'm so glad that I don't use any MS product. Come back Balmer, all is forgotten. This shower are 1000000 times worse.

  20. ComicalEngineer

    Trust Micro$oft?

    I'd rather stick my head into the mouth of a hungry lion.

  21. Anonymous Coward
    Anonymous Coward

    Opt-in

    For now, anyway.

    1. Evil Scot Bronze badge
      Flame

      Re: Opt-in

      It can be un installed.

      JFC

      FFS

      If I installed key logging and screen capture software without the owners permission.

      I would be locked up under the computer misuse act.

      1. ThatOne Silver badge
        Devil

        Re: Opt-in

        But Microsoft has your explicit permission to do whatever they like on your their computer - It's part of their terms and conditions.

  22. Pascal Monett Silver badge
    FAIL

    "Microsoft [..] insists that the self-surveillance system is secure"

    Please excuse me if that insistance doesn't really impress me one bit.

    1. Someone Else Silver badge

      Re: "Microsoft [..] insists that the self-surveillance system is secure"

      No excuse necessary.

  23. Tron Silver badge

    This is going to be interesting.

    quote: Access requires the user's Windows Hello Enhanced Sign-in Security identity...

    Or a court order. Just like dashcams and doorbell cams.

    Companies will implement it so they can spy on their employees 24/7. You are using a company machine after all. And then it will get hacked or subpoenaed.

    You can turn it off, but if it is there, someone may find a way of covertly turning it on. It saves spooks and hackers from going to all the trouble of installing their own version on your system.

    With this, AI, subscriptions, cloud back-ups, and lock ins, it really is time for a new basic retail system that works without all this crud. We need to go back to the future, with hindsight. Or work offline on a retro system and just use a tablet for online stuff.

    In the meantime, Microsoft's endless conveyor belt of toxic gimmicks just yells 'switch to Linux'. Not because Linux is great, or because you want to, but because it isn't what the Windows ecosystem has become.

    1. Roland6 Silver badge

      Re: This is going to be interesting.

      >someone may find a way of covertly turning it on.

      That functionality will be built in, by request of one or more US three-letter agencies.

      Naturally, MS are, due to gagging orders, unable to tell you this or deny the functionality exists.

      I suspect whilst we may not have the great firewall (like China), the agencies are implementing the snooping and data gathering it requires.

  24. Mickey Porkpies

    someone has been watching to many old Arnie films - MS have to reinvent themselves losing the desktop, losing the cloud wars but what a target no chance this is ever going to be exploited nahhh

  25. Mickey Porkpies
    Thumb Down

    trying to re-invent themselves since 1982

    no honest gov nobody will every be able to use this as a back door your safe honest just turn it off. Like your webcam

  26. mpi Silver badge

    The only recall my box is gonna have...

    ...is the fond recall of the time I uninstalled windows for the last time, and have since used Linux as my daily driver.

  27. Anonymous Coward
    Anonymous Coward

    For Marketing and legal purposes

    by using:

    Gmail, you give them permission to read all of it, for marketing purposes, same with chrome browser

    FB, you give them same,

    MS is moving to the free model - where yep, you are the product too.

    If QC ran on linux natively, I would drop windows completely. Come on Id Software, do it.

  28. Bilby

    Consent. You are doing it wrong.

    "No" means "No". It does not mean "Try harder", nor does it mean "see if you can work back around to it slowly, so they don't notice you doing it the next time".

    It does not mean "Keep trying to talk them into it, but let them choose each time whether or not to opt in, at least to begin with".

    The creeping enshitification of everything is an inevitable consequence, when a bad idea being shot down in flames, instead of making the originator say "Oh, perhaps that was a bad idea", makes them say "Oh, perhaps I should find a way to introduce this more gradually".

    We don't object to your bad idea because it's a great idea that you tried to impose too fast; We object because it's a bad idea.

    We said "No". The appropriate response is to drop the whole stupid and unwanted idea. The appropriate response is NOT to try to boil us more slowly, like a bunch of frogs.

    1. anonymous boring coward Silver badge

      Re: Consent. You are doing it wrong.

      Frogs don't actually fall for that trick. It's a myth. People, on the other hand...

      1. Not Yb Bronze badge

        Re: Consent. You are doing it wrong.

        They do if the pot's deep enough.

  29. Groo The Wanderer Silver badge

    Ubuntu 22.04.1 LTS awaits Microsoft deployment of this nightmare.

    Just say "NO!" to Microsoft "1984".

  30. Anonymous Coward
    Anonymous Coward

    It'll be a good idea when hell freezes over

    Or when there's real legal protection for data stored on your computer. i.e. it's simply forbidden to use the data by law, even then it's dubious because govt. agencies have long track records of ignoring privacy laws.

    My money is that Hell will freeze over sooner.

  31. harrys

    in future .... hey u want indemnity insurance ....

    1) 50% off if youve got recall installed across your fleet

    or

    2) sorry no recall no insurance

    oh ok .... bugger, just sign me up then

    when not if .....

  32. ITMA Silver badge

    Like hell!

    "Recall the Recall recall? Microsoft thinks it can make that Windows feature palatable"

    The phrase "polishing a turd" comes to minfd along with the closely related "gift wrapping a turd".

    Either way, it is still a turd.

    1. cyberdemon Silver badge

      Re: Like hell!

      You can't polish a turd, but you can roll it in glitter!

      1. Anonymous Coward
        Anonymous Coward

        Re: Like hell!

        "You can't polish a turd, but you can roll it in glitter!"

        That depends on how "solid" it is, it may not roll easily lol

        and yes you can "polish" a turd - by using spray laquer, at which point you could add all the glitter that you desire...

        1. Evil Scot Bronze badge

          Re: Like hell!

          To quote Adam savage "I reject your reality..."

        2. cyberdemon Silver badge
          Coat

          Re: Like hell!

          > That depends on how "solid" it is, it may not roll easily lol

          Well, I would argue that anything above a "4" on the Bristol Stool Chart is not a "Turd", but a "squit".

          And to keep "on topic", I await the next "release" from the "bowels" of Microsoft, to see if it can be polished and/or glittered, without the aid of spray lacquer..

  33. Anonymous Coward
    Facepalm

    This will go very, very, very wrong.

    See title.

    Because Microsoft is to security what Donald Trump is to morality.

    The company I work for (or at least log in to) for has a CIO who absolutely loves Microsoft, god knows why, and wants us to run everything in Azure with lashings of AI, come what may. I believe even she would think this is a small step too far.

  34. Anonymous Coward
    Anonymous Coward

    Optional extra?

    Add the feature as an optional stand alone extra via windows update. They'll soon learn how many people actually want this dross.

    But we all know it'll be fully integrated into a major windows update. 25H2 would be my guess.

    1. anonymous boring coward Silver badge

      Re: Optional extra?

      It will be "accidentally" installed because a toggle was "accidentally" moved by another update, and the user "forgot" to reset it to NO. (I.e. was completely unaware.)

    2. Roland6 Silver badge

      Re: Optional extra?

      Would not be surprised to see a "beta" in 24H2 for W10 & W11; just to put extra load on those "ancient" systems people are using instead of buying new shiny "AI" systems...

  35. TReko Silver badge

    Another problem

    Even if the training data - the screenshots are completely encrypted and secured, there is another way in: The middle layer weights of the trained neural network will contain transformed versions of the sensitive training data which can be accessed simply by dumping the memory.

  36. Lee D Silver badge

    "Optional"

    You can do what you want.... as a standalone, optional, download-it-yourself-from-the-Windows-Store app, with no advertising in the OS to try to get you to click on the thing by mistake.

    If it's so brilliant, millions of people will download it and use it and then you have a case for including it in the OS (disabled by default, obviously).

    If it's not... meh. Well. There ya go. You offended, hurt, inconvenienced, compromised nobody.

    When you have to force your products / options / changes down people's throats, it just tells me that nobody would choose to use them of their own free will.

    See Active Desktop, Copilot, Internet Explorer, Edge, etc.

  37. CowHorseFrog Silver badge

    How does MS get this passed the US military and other secure installs ?

    1. Lee D Silver badge

      They have versions of Windows for governments that doesn't have this nonsense.

      1. CowHorseFrog Silver badge

        My understanding is there is only one binary for windows, and the serial number turns bits on and off. Pretty sure that was true in the past for say home and server windows, not really sure about today.

        WHat im trying to say is while the special gov versions might have recall "off" the recall code is still there.

        There are several stories from MS about an equivalent problem with some older version of XL where there was a flight sim an d pinball game "inside". Im guessing these same US GOV agencies complained about torjans like these games being inside XL and MS was forced to remove all traces.

  38. CowHorseFrog Silver badge

    It will be funny if one day recall will be used to find some kiddie porn or something like that for a microsoft exec in a court case.

    1. anonymous boring coward Silver badge

      Hopefully the one that promoted this crap.

  39. anonymous boring coward Silver badge

    More features no end user ever asked for?

    Christ...

  40. Locomotion69 Bronze badge

    Unbelievable...

    M$ is moving he responsibility to the "user".

    The vast amount of M$ users I know do care about the settings in their OS - they hit "allow" once and never look back.

    They do not know that they can, or should, do so. Or know how.

    We, El Reg readers, are "safe" for the time being as we know how to avoid this stuff. But the ignorant majority is not.

    Somebody should stand up and protect the masses from being sucked out by companies doing this sh*t.

    Really.

  41. David Hicklin Bronze badge

    Recall meet RIPA

    title says it all....

  42. Zio_Acido

    Seriously?

    So let me get this straight...

    MS, who has yet to release a secure operating system, or learn how to patch without breaking more than they fix... Who is trying to move everyone over to Win 11 from Win 10, when in reality Win 11 IS nothing more than Win 10 with a half-breed interface and more invasive telemetry, now thinks they're going to make the migration more attractive by including surveillance-ware that records every thing you do. They're claiming opt-outs..etc.. but we all know that won't last long... As there's absolutely no end-user call for this type of functionality, it suggests to me that it's being done at the behest of other parties who want a literal recording of all you do/say/view. This isn't even well disguised surveillance... it's rather blatant.. and all the polishing of the turd by the marketing bods isn't going to change that..

  43. ProperDave

    Well there goes my Reg reading time in a day

    I'm a software developer, and I'll sit having a quick skim through El Reg whilst waiting the 10 minutes or so for my code to build or the database models the application runs on to publish as I'm working.

    The company's been getting really quite ridiculously paranoid recently about security and work effort from people across the business, to the point where as devs, we've lost local admin access to our machines [making it harder to test the windows services or full-blown IIS sites that make up the company application]. As a business as a whole, we're having heavy security monitoring of things we do online now, so I can totally see that at some point in the near future the company will be using Recall to monitor our actual screen time on if we're actually working, or ... in my case reading The Reg.

    I can't see any real user value for Recall, but I can totally get the stalkery business value for it. A native online presence feature that avoids covering the camera or mic with tape, and could easily spot mouse jiggers.

    1. GenericLeftieWhackjob

      Re: Well there goes my Reg reading time in a day

      The main thing our business leaders learned from the failure of communism was that any bureaucracy past its sell-by can be propped up by surveilling all the proles for dissent.

    2. Anonymous Coward
      Anonymous Coward

      Re: Well there goes my Reg reading time in a day

      "As a business as a whole, we're having heavy security monitoring of things we do online now, so I can totally see that at some point in the near future the company will be using Recall to monitor our actual screen time on if we're actually working, or ... in my case reading The Reg."

      If they start blocking access to StackOverflow then I guess all "development" activity (i.e. cut-n-pasting "random" bits of code from there) will cease...

  44. Snowy Silver badge
    Coat

    Opt-in

    As long as it stay opt-in then it is fine, just would not be happy if it went opt-out.

  45. revdjenk

    Calendar Recall?

    ...and with the Project 2025 fervor of control, how about their gaining access to your calendar info - listing air travel, certain doctor appointments, scheduled attendance at political events, etc..

  46. Tubz Silver badge

    Only when Microsoft puts down on paper in a legal document, certified as being loophole free, that it's all secure and any breach or abuse by a 3rd party, Microsoft agrees to pay $1M per document breached for each user

  47. Andrew Scott Bronze badge

    recall

    Does everyone over at microsoft have alzheimer's? are they struggling to remember the last button press on their mice or the last sentence they deleted in word or the last email they sent? Certainly sounds like it. it could explain a lot.

  48. standbythree

    Microsoft misses the point on legal concerns

    Even if you accept that the encryption and authentication mechanism is perfect, and that the authorized person can access it... that doesn't help at all if the company is on the receiving end of a discovery request in a lawsuit.

  49. Stuart Castle Silver badge

    It's good that Microsoft have expended all this effort in an attempt to make this data slurp feature secure, but they still fail to provide a good reason why it is necessary to store all this data because the best thing for user security is to not store that data at all. As far as I can see, the "advantage" this system has is that you can search the stuff you've done. But, Windows, Mac OS and (presumably) Linux can already do this without reading everything that appears on screen.

  50. fronty

    Don't care, don't want it

    Don't care, don't want it, so long as it's off by default that's fine by me. The sooner MS remembers that most people just want to do a bit of Word, Excel, Outlook and web browsing, and don't care about all the bloat they keep adding to Windows, the better!

  51. JT_3K

    For years I've seen the "nOW Is tEh WiNTeR oF LinUX, sHeEpLe" posts after every major Microsoft offering, major system change or hiccup. For years I've scoffed and rebuked the idea.

    This is different. This is the first time I see Microsoft OS being something I'd be wholly unwilling to deploy in a corporate environment. I've dealt with the other idiocy, removed Game Bar and Candy Crush from desktop instances, slogged through ME, Vista, 8.0 and the disastrous patronising launch event for the latter. I've swallowed outages, missing configs and the ever-moving settings that no longer marry their own guidance & help.

    If Recall gets pushed through, this is where I draw the line. Microsoft should note, it's not just OS. I pull the OS and back out of Office, obviously. That pulls my OneDrive too, and I need no SharePoint integration so 365 drops. Without 365 I'm not beholden to Teams so my Teams Phone moves to 8x8 or similar. No Office/OS means no Defender and I pull MS Project and Visio because why not. If I've got no Microsoft Stack, and having witnessed how much Dynamics hates anything other than Edge, that ERP project I'm starting in 12-18mths excludes Dynamics F&O, and I start to look at how I can get off Dynamics Sales. If I'm not running those, I'm not beholden to that SQL instance in Azure, so that goes, as does the rest of that estate as I don't need Entra now.

    This gets costly for them, really, really quickly.

  52. Swedish Chef

    "Recall is always opt-in"

    It's probably only because I'm just too much of a cynical bastard that this conjures images of a fullscreen 'user choice' screen every time you boot, with a giant "YES ENABLE RECALL" button in the centre and a 5px text link "No, but ask me again next time" in the lower left corner.

    And there definitely won't be an unfortunate bug that causes the 'no' link to have a text colour identical to the background and be placed in a random position.

  53. Spanners
    Big Brother

    That sounds like malware to me

    Put some unverified images on your PC that claim to be screenshots.

    Take a few pictures of you doing confidential stuff.

    Act all surprised when these images are sent to third parties.

    Perhaps they would like to encrypt your data files too?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like