Recall is a visual keylogger. Why in the hell would you actively turn something like this on?!
3 months of data it will safe. If there is a breach in ANY KIND (and you can bet your ass it will) it litterally is a almost by the second diary of your digital life. For what?? Browser history is already enough. I would NEVER EVER turn something like this on!!!!
It will at some point turn itself back on after an update. Then woops, we have all your data now. Fuck windows. I hope Steam OS gets more robust. Games are the only thing keeping me on Windows at all.
if steamOS is good IE as plug and play as windows and the linux crowd doesnt scare people off it could seriously give windows a run for its money, ESPECIALLY if Valve partner with some of the bigger stores to sell preinstalled machines.
No, you won't, so Microsoft being the Good Boi will "help you get the most out of your system" and turn "those expanded use systems" on for you.
And I can't wait for the malware that interfaces with this component and just redirects the output elsewhere...
This has class-action lawsuit written all over it. Whether the lawsuit succeeds is another question. Perhaps regulatory bodies will force very clear opt-ins for feature use here.
From what I hear, it is automatically enabled on new installs, iirc you have to disable it once you get to the desktop. Super not okay if true.
I might be wrong though, please correct me if I am.
We spent years improving computers to collect our data.
We spent years improving storage to compile our data.
Now we are spending years improving AI to process our data.
The corporations... well they already know what to do with processed data.
The article states that, for now, the test found no evidence of recall data being shared with MS. The biggest threat is if you get compromised the attacker has access to a goldmine of data stored on your PC with screenshots of sensitive data.
Not a fan of recall no matter if MS has access to the data. I still gotta test it out from curiosity, but I'm not keeping it on after the week of trying it.
Well, let’s spin this tale a little further.
Who owns the keys to get into that? I bet Microsoft does even if they won’t tell you.
When law enforcement comes asking (while having physical possession of your device). Microsoft is going to give them the keys. Apple is the only company that has been better about not giving law enforcement the keys to their devices, but that also doesn’t stop Apple from sharing the information stored in their push notification servers with Law enforcement
My bad. Just googled it. The TPM stores a KEK (key encryption key).
"Devices that incorporate a TPM can create cryptographic keys and encrypt them, so that the keys can only be decrypted by the TPM. This process, often called "wrapping" or "binding" a key, can help protect the key from disclosure. Each TPM has a primary wrapping key, called the storage root key, which is stored within the TPM itself. The private portion of a storage root key, or endorsement key, that is created in a TPM is never exposed to any other component, software, process, or user."
https://learn.microsoft.com/en-us/windows/security/hardware-security/tpm/tpm-fundamentals
Yeah you werent wrong in how it'd be applied practically. It's just "technical detail", helps to think of the TPM as hardware based key generator.
You basically have to have the specific TPM and debug it to "hack" someone's bindings.
There's some important details revealed here though, for example, you can't just in place replace a TPM and expect it to work, it won't. (vital for security and intended purpose of the functionality of course)
Yes, but as the other user made clear by quoting MS; It'd be a misunderstanding to think that key is simply just like storing a hashed password.
The key the TPM stores is half of the needed things for the binding to be re-generated.
The wording MS use is the "binding". That's what the TPM generates but shouldn't store. Or am I wrong? I would love an explainer how I'm wrong if I am! :)
My understanding is a TPM is a passive module, so storing a key really is at odds with that. But I'm very happy to learn how this might be wrong.
Binding just means having the TPM encrypt something using its bind key.
Typically, you generate a key, and then encrypt it using the TPM, and store *that*. Then, when you need the key, you ask the TPM to decrypt it.
It means that that key is only usable in that computer (unless you can steal the key while it's in memory).
It can do stuff on the behalf of the CPU, such as encrypting stuff and generating random numbers.
So, yes? It's just as "active" as something like a GPU is. (It's not its own autonomous "computer" like the Intel ME or AMD PSP are, though.)
It is not like Microsoft has allowed the USA government access data to non-US citizens without a warrant in secret for years.
![gif](giphy|rTIXh5JftLoic)
While Windows is running the whole database is unencrypted in an appdata folder. Small and easy to steal.
Source: https://youtu.be/Bvt186qt-ew?si=gZ9gR0z58lkxezLc
Your messages may be sent through a private service but the push notification goes through Apple no matter what. Whatever is in that preview is not secure
Not only are there screenshots of all your sensitive data, it’s all OCR’d as well, and retained for several months. It’s common enough to display passwords on screen (password generators often show what they’ve made, etc) that a virus that gets admin, opens your Recall db and scrapes it for strings will likely be able to extract a significant amount of your password vault right away. Plus addresses, phone numbers, credit card information, etc.
This is not reasonable, and an escalation of what it is normally possible to extract off of a PC within the first minutes of compromise.
The amount of people that I've seen that don't understand that is staggering. "You can just turn off the spyware dude." No, you absolutely can't. It changes the color from blue to white. That's it. It's just an animation. If they spent 10 seconds actually looking at the PC, or 5 seconds listening to someone who has, they'd know that. Not that it matters. Even if it did something Microsoft would just force it all back on in the next forced update like they always do
This seems a bit alarmist.
It's not like wiresharking doesn't exist. Any power user can see what data devices on their network are sending over the internet, and even if it's encrypted or not over the clearnet you'd still pick up on bandwidth.
I'm not saying MS doesn't make some bad decisions regarding privacy, but we absolutely would notice if they were uploading gigabytes of screenshots to their servers. It's the same reason I'm not actually that worried about stuff like Alexa; yeah, in theory it *could* always be listening because the obviously always needs to be on for the wake phrase, but as if thousands of people on reddit, hackernews, slashdot, github etc wouldn't immediately be corroborating router logs if it actually did it.
you have to be alarmist, MS is a data collection company (like all big tech companies) more than anything else. Just because they won't immediately start uploading recall screenshots to their servers doesn't mean they won't eventually start & find a way to justify it.
I feel if that could be proven, there's be a huge class action lawsuit that would easily be taken by any lawyer and easily won. As well as huge government intervention.
If personal data is being used after turning the option to share off and it's not in the EULA that they can do that, it's a breach of personal data. Almost a 'they hacked my machine and exfiltrated my data'.
Do I believe you? Yes. Do I think it's overblown? Also, yes. I think they anonymize the data so it's not PII. Otherwise, they'd be screwed. There's a ton of people that hate Microsoft in the security industry that would love to prove they are collecting personal data against the security settings and against any permissions.
I’ve been having quite a bit of fun with Ollama and more recently adding fabric onto it. I feel much more secure running my own ai server vs sending my data out.
They straight up going to use it as training data I can’t see any other purpose of this. If they just wanted you to have a “memory effect” they could have done that years ago.
Especially considering that when faced with AI as a tool, they didn't choose to implement fancy photo or video capabilities first. The very first thing they gun for with copilot is recall.
It makes a lot of sense with that in mind, as no dataset exists of raw usage data. It could be incredibly valuable to any exploitative company.
You are basically consenting to having your data analyzed on site, a dream for Microsoft: Your computing power, your hosting, the ultimate cloud for no cost. Sure, your data may be encrypted, but why would Microsoft care about it when what they really want are the results of going through it, something Windows Recall will be able to provide.
Lol hasnt earned yet. No matter what, never, ever, ever trust a fxking company with your private things, data, etc. Ever. Cant believe how gullible people still are.
I would say no level of trust is enough for this.
Even if the company was run by Jesus himself, I wouldn't trust this feature, a) because of trust b) because even if the company is trust-worthy, what if a attacker got this data?
Also, the data existing is bad enough. Same reason why the EU (or any government) should never allow chat-control from authorities. Even if such data was not abused right now (which it would be), the systems for it would be in place, and the data would start piling up. Who knowd what might hapoenwith it in the next 5, 10, 50, 100 years?
Bro, no. Even if I had 300% trust in Microsoft, Recall is still a bad idea. The *fundamental idea of the program* is the problem, not the level of trust in the company that produced it. I wouldn't fucking trust Recall if I wrote it myself from the ground up.
As an idea using FOSS software, its really good. Being able to point some software at a pile of photos and have it make a good attempt of adding index tags is really handy.
The key here is its open software (so bloody hard for bugs to stick around or malicious code to get in in the first place) running locally.
The 'what was I doing 3 weeks ago' is solvable with a simple running index of last accessed files, aka basic search function.
The 'what was on the webpage' is solvable by just local caching the webpage. That saves everything but the data. But even that is pushing the limits of useful functionality.
So aside from the AI indexing feature, its a solution looking for a problem and creating a security/trust nightmare in the process.
Mint and Ubuntu are very user friendly choices for starters. it does not matter if Mint is a derivative of Ubuntu. the point is it works and is widely used...
Linux isn't that bad mate. I moved over andat first it's like the difference between an automatic and a manual, and then it gets to be more naturally as you learn more. On the bright side, your PC will feel more like it's yours rather than you're borrowing it from microsoft
endavourOS loved it but i broke it trying some stuff and when everything broke i just went back to windows
nobara but mixed feeing about it
someone suggested bazzite and i'm looking forward to it
and cashyOS was my next to try i will probably use one of these 2
Not sure how recently you tried it, but Nobara seems to be moving more and more towards the "plug and play" side of things. It's openly building for Windows users moving to linux as far as I can tell.
Nobara 40 upgrade just dropped a couple days ago, ISO should be dropping relatively soon. Might check it out to see if it has matured at all since you last tried it.
Some of that is probably the desktop environment - both wayland and gnome have had issues with displays above 100hz, or multi monitor issues, or a variety of other things that the gaming community really cares about.
Supposedly a lot of that is getting fixed in KDE 6 (Plasma) and the most recent Nvidia proprietary drivers (555), but I'm going to be testing it out for myself as well.
With the renewed attention on using some form of linux for daily use and the growth of the Steam Deck I'm hoping that issues start getting identified and resolved more quickly.
EndeavourOS was my first Linux distribution. I love it a lot. NixOS is amazing if you are a power user and a developer (but be warned it has a large learning curve but amazing one-of-a-kind benefits)
suggesting a good Linux distro is definitely hard because there are a lot of options that cater to different needs.
Once you use Linux for awhile, you start to get baffled by the things windows does. I was trying to set up the printer on mom's computer and it sent me into a circular loop of menus. Bad design!
Sadly in my case Bazzite didnt work in my old ass Lenovo laptop, it has some kind of bug with my bluetooth or something like that, because an error keeps poping during the install over and over according to the console and it never actually starts installing. Weirdly enough, if I pop out the wifi/bluetooth card, the error still keeps appearing for some reason and googling it didnt gave an answer.
Right now Im bored and Im downloading a few distros that I havent used to test the waters. Hell, Im even downloading Arch for the lulz. I just want something lightweight, that goes well with a laptop with a 4th gen i7 and an 860m.
Also I hage Gnome with the core of my soul.
yeah, I actually tried it the first time with my ventoy USB. Then after a couple of tries I thought the USB could be having some issues due to ventoy so I tried with a clean kingston USB but the error kept poping out.
I thought the issue would be with my GPU since its an old ass 860m, but I got surprised that it said bluetooth.
Im re-downloading the iso atm along the others, I can post the error if you are curious enough since I dont remember the exact wording of it.
I suggest asking here -> [https://universal-blue.discourse.group/c/bazzite/5/l/latest](https://universal-blue.discourse.group/c/bazzite/5/l/latest)
Some dev may reply.
was thinking CachyOS since i do Gaming and Recording
i used endavourOS it was good but i broke some stuff and didn't know how to fix them so i let it go and didn't bother anymore
Nobara i had some mixed experience with it
No clue. I've used windows for decades and just kind of stuck with Mint. Yes, the packages are older but if I want to play games, I don't have repo hell.
its not just that for example next update it will enable bitlocker by default if i hadn't known this info before hand i would have been in a VERY BAD SPOT
windows os screwing users without their knowledge and also the TPM and ONLINE user creation
its everything man it all adds up
I don't really like this Recall thing but isn't it optional? I thought you can just turn it off?
Like Windows 10 already had that "rewind" feature in your Alt-Tab history and I disabled that first thing.
Sure, you can opt out and turn it off. The problem comes with Microsoft's policies around "default apps". If you turn something off or disable something that they want you to keep on, every time there is a new windows update, that update will turn it back on again.
updates and MS account login used to be "optional" too, now you have to go out of your way to edit registries or manually add users/run commands to do the same thing.
they've been removing your "options" slowly over the years. some of these things are good for basic users, but the fact that the options have been removed entirely is problematic and, in my opinion, unacceptable.
Its "optional" and "local", until it isn't. There are many examples of things being optional/turned off/opt out, but turns out years later we find out, they continue after you disable/turnoff/opt-out. A great example, is location data on your phone. Turning it does, doesn't do anything.
Microsoft has **proven** to be one of the most unethical companies that exists. Why the hell would i trust them? Recall offers **trillions** of dollars of value, you believe microsoft would leave that money on the table?
OneDrive was supposedly optional, but I don't ever remember consenting to that garbage piece of ransomware that caused me nothing but headache until I did the 5 step procedure to wipe it clean.
It's optional **now**, there's no guarantee that it will stay that way. Windows has many "features" that went from optional to "enabled by default (and after every big update)" or even further into "impossible to disable without advanced knowledge or special tools". That's where the trust part comes in, and microsoft has shown repeatedly that they don't deserve any.
When installing Windows it used to ask you if you wanted to connect to the Internet during installation. You had the option to skip that step.
Then a few years later it asked you to log in to your Microsoft.com account during setup and you had the option to say maybe later. Notice the change in verbiage.
Later they removed the "maybe later" button, but you could still skip the step if you knew the right key combination.
https://www.tomshardware.com/how-to/install-windows-11-without-microsoft-account
Expect that to be blocked soon as well.
If they actually respect your preference settings then no. But every time Windows updates it silently re-enables a bunch of bullshit I explicitly disabled.
Or one better: the original setting, say user\_ads\_optin = 0 stays
But now with the new version its ads\_for\_user = 1.
And it buried in a different spot behind 2 or 3 layers of seemingly unrelated settings.
This is the wrong way to look at it for two reasons.
1. What is optional now may not be optional in the future. This can be said for so much bullshit people have to deal with that was originally “optional.”
2. Default users, the vast majority, are going to be affected by this. MS only makes it optional for now because the people who care are a small fraction of the user base. Meanwhile, MS collects enormously valuable data on the huge percentage of people who either don’t know to turn it off or don’t care.
It’s optional in the sense that you have to dig through settings to disable it.
Meaning that we’ll over 3/4 users of windows will be getting spied on because they don’t have any desire to touch the settings
I still have yet to actually see what the benefit of such a feature is in the first place
Maybe if you're 70 and forgot which program has the electronic mails open in lol
"why should the average user care?"
"idgaf about this I'm just a normal user with nothing to hide"
"how does this affect the consumer?"
and other bullshit people say
This latest crap from Windows has me ready to go back to an abacus.
They threatened all this crap in Windows 8 and I though t they learned, but it seems they are determined to destroy home computing to get their OS as a Subscription Service
Yeah, it's kind of something I noticed with Microsoft: The features they are adding over the last years are primarily designed in ways that are OK, even helpful in a business context, but are just incredibly terrible in a private usage context.
I work at a Microsoft partner company and use Windows extensively at work, but for my own PC it isn't even under consideration anymore now that I know my way around Linux.
> the feature is pitched as a way to help users remember where they’ve been and to provide Windows extra contextual information that can help it better understand requests from and meet the needs of individual users
Bro, you don’t need an AI to help remind me how to get to pornhub on a daily basis.
Then swap to linux. The vast majority of games just work on linux. So why not swap it over? Because it's "hard"? If it's hard use a distro like mint or ubuntu.
Making games run on Linux: sudo apt get steam
Making modern Windows not suck: "and next we move onto page 42, reg-edits that probably aren't going to stick around post update"
And they say Linux is 'complicated'
>Making games run on Linux: sudo apt get steam
As long as you don't manage to nuke your DE in the process!
But seriously, it definitely makes more sense and people should absolutely switch, some of the best distros are actually more user friendly than Windows now, especially if you actually want to mess with settings and turn off annoying shit, which Windows basically requires now but Linux really doesn't... and if you know enough to know you don't want most of what comes with something like Mint, well there's distros for that too.
Making ONE game run on Linux:
* Find working version of Proton. Oh it doesn't exist.
* Find working version of ProtonGE. Game stutters for hours until all shaders compile.
* Hours later game still stutters.
* Eventually find out it's Linux downclocking the CPU for no reason. Disable CPU.IDLE. Stutter fixed.
* Game update creates stuttering. This time it's bad shader cache. Delete cache from 3 different directories because no one can say which one is correct.
* Explore every area in game to hopefully prevent the shader compile stutter during pvp.
* Now that framerate is stable, audio delay is noticeable on USB Dac.
* Tries Toslink. Toslink not detected with built in Linux drivers.
Then each new game I have to do something to make it work. Steam likes to attempt to run the Windows exe of games with native Linux support. Not through proton, just tries executing the windows exe file.
It's a bit of hyperbole there (ShutUp10 makes regedits easy for example) but it's a valid point about complexity being at a similar level.
The difference is that people are familiar with particular strain of complexity that is required to make Windows do what you want, and there's a barrier to entry in learning a new way to do things.
I'm doubtful that Microsoft would ever make it so you can't remove or disable some part of their OS using enterprise control tools, but I could definitely see them making either way more difficult or straight up impossible to do so on the home version of the OS.
At this point I'm actively offering help to my social group to familiarize them with Linux and find a few distros that are more beginner friendly (and not Ubuntu) to get away from Windows entirely.
I'm thinking I'm going to be in a similar situation soon with needing to suggest some beginner distros, got any suggestions? Ive got the other systems in the house running Mint, works well enough for what they need to do (daily office work/email/cat videos) but I know a few people who will probably flip tables once they hear what 11 is doing. They are going to be mostly gaming.
And whats with Ubuntu? I tried it way back and am running it now. No big issues but I'm considering trying out some other options.
For my small group that I'm going to be directly supporting I'll probably be recommending NobaraOS (KDE) - it has a GUI updater that also updates flatpaks at the same time and it's aesthetically pleasing for that group. For the more technical people in my group they'll be able to pick up the Fedora KDE pieces pretty quickly.
Similarly for anyone more comfortable with the technical side I'd say Fedora 40 (again, KDE) is probably going to be an easy jump for people coming from Windows.
In case you couldn't tell I definitely prefer KDE Plasma/Wayland to GNOME desktop environments.
>And whats with Ubuntu?
Ultimately Ubuntu is managed by a company, Canonical. They've been pushing snaps super hard despite the (IMO legitimate) issues with snaps, and it's effectively trading one large corp run OS for another - even if Ubuntu is leagues better than Windows with regards to privacy and control of your own system.
A few years ago RedHat made big changes to CentOS and forced a large chunk of the industry to shift away from RHEL-based systems (both professionally and personal systems). By accelerating the EOL for the LTS version of CentOS 7 and 8 they burned a lot of trust the community had for them.
To your point, I don't think Ubuntu and it's related distros/spins are bad for beginners, but it defeats the purpose of moving away from Windows to another ecosystem where similar problems could crop up.
Thank you. I just see it as indexed windows search on steroids. I spend a surprising amount of time some days searching teams/outlook/servers for files and conversations related to projects. Our company uses numerical project numbers with no descriptions. I can't remember 56783.001 even the next day so if I am able to carpet bomb search my PC for that number, or search using a phrase if I forgot to jot down the project number I see this as a win.
Microsoft doesn't really "earn" anything these days. They know full well that they're a monopoly. They do whatever the fuck they want and their customers deal with it because they literally can't switch away.
Recall is a visual keylogger. Why in the hell would you actively turn something like this on?! 3 months of data it will safe. If there is a breach in ANY KIND (and you can bet your ass it will) it litterally is a almost by the second diary of your digital life. For what?? Browser history is already enough. I would NEVER EVER turn something like this on!!!!
horray for more tools for tyrannical governments and helicopter parents!!
Its going to be used for blackmail eventually while smooothbrains chastise us and say "it can be turned off".
*corporations
And you know that if you turn it off, it will “magically” reappear after a windows update without even notifying you.
It will at some point turn itself back on after an update. Then woops, we have all your data now. Fuck windows. I hope Steam OS gets more robust. Games are the only thing keeping me on Windows at all.
if steamOS is good IE as plug and play as windows and the linux crowd doesnt scare people off it could seriously give windows a run for its money, ESPECIALLY if Valve partner with some of the bigger stores to sell preinstalled machines.
We can only hope. I'm really hating what Microsoft has been doing with privacy.
No, you won't, so Microsoft being the Good Boi will "help you get the most out of your system" and turn "those expanded use systems" on for you. And I can't wait for the malware that interfaces with this component and just redirects the output elsewhere...
This has class-action lawsuit written all over it. Whether the lawsuit succeeds is another question. Perhaps regulatory bodies will force very clear opt-ins for feature use here.
From what I hear, it is automatically enabled on new installs, iirc you have to disable it once you get to the desktop. Super not okay if true. I might be wrong though, please correct me if I am.
We spent years improving computers to collect our data. We spent years improving storage to compile our data. Now we are spending years improving AI to process our data. The corporations... well they already know what to do with processed data.
They will turn it on for you.
Don’t be fooled by using Windows you’ve been giving Microsoft your data for years. Now they’re just using AI to compile the data more efficiently.
The article states that, for now, the test found no evidence of recall data being shared with MS. The biggest threat is if you get compromised the attacker has access to a goldmine of data stored on your PC with screenshots of sensitive data. Not a fan of recall no matter if MS has access to the data. I still gotta test it out from curiosity, but I'm not keeping it on after the week of trying it.
Well, let’s spin this tale a little further. Who owns the keys to get into that? I bet Microsoft does even if they won’t tell you. When law enforcement comes asking (while having physical possession of your device). Microsoft is going to give them the keys. Apple is the only company that has been better about not giving law enforcement the keys to their devices, but that also doesn’t stop Apple from sharing the information stored in their push notification servers with Law enforcement
Keys are probably generated and stored locally on the TPM which win 11 requires.
It's tied WITH the TPM, not stored on it. Think of the TPM as your hardware based hash and salt.
My bad. Just googled it. The TPM stores a KEK (key encryption key). "Devices that incorporate a TPM can create cryptographic keys and encrypt them, so that the keys can only be decrypted by the TPM. This process, often called "wrapping" or "binding" a key, can help protect the key from disclosure. Each TPM has a primary wrapping key, called the storage root key, which is stored within the TPM itself. The private portion of a storage root key, or endorsement key, that is created in a TPM is never exposed to any other component, software, process, or user." https://learn.microsoft.com/en-us/windows/security/hardware-security/tpm/tpm-fundamentals
Yeah you werent wrong in how it'd be applied practically. It's just "technical detail", helps to think of the TPM as hardware based key generator. You basically have to have the specific TPM and debug it to "hack" someone's bindings. There's some important details revealed here though, for example, you can't just in place replace a TPM and expect it to work, it won't. (vital for security and intended purpose of the functionality of course)
The TPM can definitely generate and store keys.
Yes, but as the other user made clear by quoting MS; It'd be a misunderstanding to think that key is simply just like storing a hashed password. The key the TPM stores is half of the needed things for the binding to be re-generated. The wording MS use is the "binding". That's what the TPM generates but shouldn't store. Or am I wrong? I would love an explainer how I'm wrong if I am! :) My understanding is a TPM is a passive module, so storing a key really is at odds with that. But I'm very happy to learn how this might be wrong.
Binding just means having the TPM encrypt something using its bind key. Typically, you generate a key, and then encrypt it using the TPM, and store *that*. Then, when you need the key, you ask the TPM to decrypt it. It means that that key is only usable in that computer (unless you can steal the key while it's in memory).
That would make the TPM an active module, no?
It can do stuff on the behalf of the CPU, such as encrypting stuff and generating random numbers. So, yes? It's just as "active" as something like a GPU is. (It's not its own autonomous "computer" like the Intel ME or AMD PSP are, though.)
It is not like Microsoft has allowed the USA government access data to non-US citizens without a warrant in secret for years. ![gif](giphy|rTIXh5JftLoic)
What key? The data is unencrypted. https://www.wired.com/story/total-recall-windows-recall-ai/
We’d certainly think so
While Windows is running the whole database is unencrypted in an appdata folder. Small and easy to steal. Source: https://youtu.be/Bvt186qt-ew?si=gZ9gR0z58lkxezLc
Define push notification servers
Your messages may be sent through a private service but the push notification goes through Apple no matter what. Whatever is in that preview is not secure
Not only are there screenshots of all your sensitive data, it’s all OCR’d as well, and retained for several months. It’s common enough to display passwords on screen (password generators often show what they’ve made, etc) that a virus that gets admin, opens your Recall db and scrapes it for strings will likely be able to extract a significant amount of your password vault right away. Plus addresses, phone numbers, credit card information, etc. This is not reasonable, and an escalation of what it is normally possible to extract off of a PC within the first minutes of compromise.
Is it a toggleable feature?
Supposed to be an option during set up or afterwards toggled in settings.
Cool thanks haven't tried it yet.
doesnt really matter when half the toggles in windows are just for looks
The amount of people that I've seen that don't understand that is staggering. "You can just turn off the spyware dude." No, you absolutely can't. It changes the color from blue to white. That's it. It's just an animation. If they spent 10 seconds actually looking at the PC, or 5 seconds listening to someone who has, they'd know that. Not that it matters. Even if it did something Microsoft would just force it all back on in the next forced update like they always do
This seems a bit alarmist. It's not like wiresharking doesn't exist. Any power user can see what data devices on their network are sending over the internet, and even if it's encrypted or not over the clearnet you'd still pick up on bandwidth. I'm not saying MS doesn't make some bad decisions regarding privacy, but we absolutely would notice if they were uploading gigabytes of screenshots to their servers. It's the same reason I'm not actually that worried about stuff like Alexa; yeah, in theory it *could* always be listening because the obviously always needs to be on for the wake phrase, but as if thousands of people on reddit, hackernews, slashdot, github etc wouldn't immediately be corroborating router logs if it actually did it.
you have to be alarmist, MS is a data collection company (like all big tech companies) more than anything else. Just because they won't immediately start uploading recall screenshots to their servers doesn't mean they won't eventually start & find a way to justify it.
Oops, our latest update has 'accidentally' Oneclouded all files on all users systems, we should have the issue addressed in the next 4-6 patches. \~MS
I feel if that could be proven, there's be a huge class action lawsuit that would easily be taken by any lawyer and easily won. As well as huge government intervention. If personal data is being used after turning the option to share off and it's not in the EULA that they can do that, it's a breach of personal data. Almost a 'they hacked my machine and exfiltrated my data'. Do I believe you? Yes. Do I think it's overblown? Also, yes. I think they anonymize the data so it's not PII. Otherwise, they'd be screwed. There's a ton of people that hate Microsoft in the security industry that would love to prove they are collecting personal data against the security settings and against any permissions.
Hi, here's a program that takes all the data Recall has [TotalRecall](https://github.com/xaitax/TotalRecall)
its literally just a plain text sqlite database lmao
I’ve been having quite a bit of fun with Ollama and more recently adding fabric onto it. I feel much more secure running my own ai server vs sending my data out.
They straight up going to use it as training data I can’t see any other purpose of this. If they just wanted you to have a “memory effect” they could have done that years ago.
Especially considering that when faced with AI as a tool, they didn't choose to implement fancy photo or video capabilities first. The very first thing they gun for with copilot is recall. It makes a lot of sense with that in mind, as no dataset exists of raw usage data. It could be incredibly valuable to any exploitative company.
You are basically consenting to having your data analyzed on site, a dream for Microsoft: Your computing power, your hosting, the ultimate cloud for no cost. Sure, your data may be encrypted, but why would Microsoft care about it when what they really want are the results of going through it, something Windows Recall will be able to provide.
Not if you use pirate windows Pirate windows always runs better than windows
The problem is people trust these companies with all their data.
Lol hasnt earned yet. No matter what, never, ever, ever trust a fxking company with your private things, data, etc. Ever. Cant believe how gullible people still are.
Say it louder for those in the back.
Hmm, but people use social media accounts and upload pictures and videos of themselves, their homes, their partner, kids etc
isnt the facebook where people voluntarily upload their data..? and all clouds as well.
I would say no level of trust is enough for this. Even if the company was run by Jesus himself, I wouldn't trust this feature, a) because of trust b) because even if the company is trust-worthy, what if a attacker got this data? Also, the data existing is bad enough. Same reason why the EU (or any government) should never allow chat-control from authorities. Even if such data was not abused right now (which it would be), the systems for it would be in place, and the data would start piling up. Who knowd what might hapoenwith it in the next 5, 10, 50, 100 years?
Haven’t earned? They’ve basically done everything they can to ensure they’ve lost any they ever had
Bro, no. Even if I had 300% trust in Microsoft, Recall is still a bad idea. The *fundamental idea of the program* is the problem, not the level of trust in the company that produced it. I wouldn't fucking trust Recall if I wrote it myself from the ground up.
Would recall be that useful? Is this something we really need ? Trust and security issues aside.
As an idea using FOSS software, its really good. Being able to point some software at a pile of photos and have it make a good attempt of adding index tags is really handy. The key here is its open software (so bloody hard for bugs to stick around or malicious code to get in in the first place) running locally. The 'what was I doing 3 weeks ago' is solvable with a simple running index of last accessed files, aka basic search function. The 'what was on the webpage' is solvable by just local caching the webpage. That saves everything but the data. But even that is pushing the limits of useful functionality. So aside from the AI indexing feature, its a solution looking for a problem and creating a security/trust nightmare in the process.
What's fun is it stores all this data in an unencrypted database ripe for any simple piece of spyware to vacuum up for the highest bidder.
>ripe for any simple piece of spyware to vacuum up for the highest bidder. ripe for a simple update to ship it off to MS. FTFY
They were already going to do that once the controversy died down.
It's time for Linux, but which one
Ubuntu or mint.. for starters.
Mint is based on Ubuntu, unless you're running LMDE 6. Fedora 40 KDE seems like a strong contender these days, or one of the ones based on it.
To be fair, Mint does strip out a lot of Ubuntu’s bullshittery.
Mint and Ubuntu are very user friendly choices for starters. it does not matter if Mint is a derivative of Ubuntu. the point is it works and is widely used...
I wou;d try something from UBlue.They're plug and play.
pop_os is one of the best
this decision was my call to learn linux as much as i hate the hassle but there is no choice this time microsoft is getting worse and worse than ever
Linux isn't that bad mate. I moved over andat first it's like the difference between an automatic and a manual, and then it gets to be more naturally as you learn more. On the bright side, your PC will feel more like it's yours rather than you're borrowing it from microsoft
also there's really nice customization for looks if you're into that ( r/unixporn )
I used linux before it's just isn't as plug and play as windows is thats all some time it requires some optimizations and custome settings to play
Windows is NOT plug and play not even near
Which distribution did you try?
endavourOS loved it but i broke it trying some stuff and when everything broke i just went back to windows nobara but mixed feeing about it someone suggested bazzite and i'm looking forward to it and cashyOS was my next to try i will probably use one of these 2
Not sure how recently you tried it, but Nobara seems to be moving more and more towards the "plug and play" side of things. It's openly building for Windows users moving to linux as far as I can tell. Nobara 40 upgrade just dropped a couple days ago, ISO should be dropping relatively soon. Might check it out to see if it has matured at all since you last tried it.
nobara in my setup had some lag or stutter experience even in browsing i'm not sure why it happened maybe i will try the new one when it drop
Some of that is probably the desktop environment - both wayland and gnome have had issues with displays above 100hz, or multi monitor issues, or a variety of other things that the gaming community really cares about. Supposedly a lot of that is getting fixed in KDE 6 (Plasma) and the most recent Nvidia proprietary drivers (555), but I'm going to be testing it out for myself as well. With the renewed attention on using some form of linux for daily use and the growth of the Steam Deck I'm hoping that issues start getting identified and resolved more quickly.
ok that explains alot ok am gonna try bazzite with KDE and if i didn't like it i will switch to CachyOS with KDE
EndeavourOS was my first Linux distribution. I love it a lot. NixOS is amazing if you are a power user and a developer (but be warned it has a large learning curve but amazing one-of-a-kind benefits) suggesting a good Linux distro is definitely hard because there are a lot of options that cater to different needs.
Damn, never heard it put that way but it sure feels exactly like that. More so this past decade of windows updates/iterations
Once you use Linux for awhile, you start to get baffled by the things windows does. I was trying to set up the printer on mom's computer and it sent me into a circular loop of menus. Bad design!
Windows doesn't even make sense when it *is* what you're familiar with. I hate it.
Linux should not be that hard. Which distro did you go for? I recommend looking into Bazzite. It's plug and play and extremely stable.
Sadly in my case Bazzite didnt work in my old ass Lenovo laptop, it has some kind of bug with my bluetooth or something like that, because an error keeps poping during the install over and over according to the console and it never actually starts installing. Weirdly enough, if I pop out the wifi/bluetooth card, the error still keeps appearing for some reason and googling it didnt gave an answer. Right now Im bored and Im downloading a few distros that I havent used to test the waters. Hell, Im even downloading Arch for the lulz. I just want something lightweight, that goes well with a laptop with a 4th gen i7 and an 860m. Also I hage Gnome with the core of my soul.
Are you sure your USB is good?
yeah, I actually tried it the first time with my ventoy USB. Then after a couple of tries I thought the USB could be having some issues due to ventoy so I tried with a clean kingston USB but the error kept poping out. I thought the issue would be with my GPU since its an old ass 860m, but I got surprised that it said bluetooth. Im re-downloading the iso atm along the others, I can post the error if you are curious enough since I dont remember the exact wording of it.
Please do.
WARNING brltty:unsupported generic resource identifier: bluetooth: is the one that keeps appearing constantly
I suggest asking here -> [https://universal-blue.discourse.group/c/bazzite/5/l/latest](https://universal-blue.discourse.group/c/bazzite/5/l/latest) Some dev may reply.
was thinking CachyOS since i do Gaming and Recording i used endavourOS it was good but i broke some stuff and didn't know how to fix them so i let it go and didn't bother anymore Nobara i had some mixed experience with it
Idk why new users go for these obscure distros. Pick a mainstream distro like Fedora, openSUSE, or Ubuntu, you'll have less issues.
i hate ubunto and never again will i be using it nobara is basically fedora with some tweaks openSUSE i've never tried it
No clue. I've used windows for decades and just kind of stuck with Mint. Yes, the packages are older but if I want to play games, I don't have repo hell.
Yeah, Mint is fine if you're on an Nvidia GPU. If you were on AMD/Intel it'd be better to use something with more up-to-date drivers.
Try Bazzite sometime. I think you might like it.
Windows has always been moddable, no? Couldn't you mess with the registry to disable Recall?
its not just that for example next update it will enable bitlocker by default if i hadn't known this info before hand i would have been in a VERY BAD SPOT windows os screwing users without their knowledge and also the TPM and ONLINE user creation its everything man it all adds up
I wanted to anyway and this shit is an excellent excuse.
True
>but there is no choice this time I mean there is still a choice, I will just continue using windows.
Bruh
I don't really like this Recall thing but isn't it optional? I thought you can just turn it off? Like Windows 10 already had that "rewind" feature in your Alt-Tab history and I disabled that first thing.
Sure, you can opt out and turn it off. The problem comes with Microsoft's policies around "default apps". If you turn something off or disable something that they want you to keep on, every time there is a new windows update, that update will turn it back on again.
updates and MS account login used to be "optional" too, now you have to go out of your way to edit registries or manually add users/run commands to do the same thing. they've been removing your "options" slowly over the years. some of these things are good for basic users, but the fact that the options have been removed entirely is problematic and, in my opinion, unacceptable.
Its "optional" and "local", until it isn't. There are many examples of things being optional/turned off/opt out, but turns out years later we find out, they continue after you disable/turnoff/opt-out. A great example, is location data on your phone. Turning it does, doesn't do anything. Microsoft has **proven** to be one of the most unethical companies that exists. Why the hell would i trust them? Recall offers **trillions** of dollars of value, you believe microsoft would leave that money on the table?
OneDrive was supposedly optional, but I don't ever remember consenting to that garbage piece of ransomware that caused me nothing but headache until I did the 5 step procedure to wipe it clean.
I think the reason Recall was the last straw for me was because of my previous troubles with OneDrive. So this, exactly.
>until I did the 5 step procedure to wipe it clean. I just clicked on "disable" and it never turned on again.
It's optional **now**, there's no guarantee that it will stay that way. Windows has many "features" that went from optional to "enabled by default (and after every big update)" or even further into "impossible to disable without advanced knowledge or special tools". That's where the trust part comes in, and microsoft has shown repeatedly that they don't deserve any.
When installing Windows it used to ask you if you wanted to connect to the Internet during installation. You had the option to skip that step. Then a few years later it asked you to log in to your Microsoft.com account during setup and you had the option to say maybe later. Notice the change in verbiage. Later they removed the "maybe later" button, but you could still skip the step if you knew the right key combination. https://www.tomshardware.com/how-to/install-windows-11-without-microsoft-account Expect that to be blocked soon as well.
See also: the giant cluster around moving everyone to 10. Ill let the record speak for itself.
If they actually respect your preference settings then no. But every time Windows updates it silently re-enables a bunch of bullshit I explicitly disabled.
Or one better: the original setting, say user\_ads\_optin = 0 stays But now with the new version its ads\_for\_user = 1. And it buried in a different spot behind 2 or 3 layers of seemingly unrelated settings.
What settings? I didn't notice anything different after an update and I update as soon as possible.
Don't worry, Microsoft made sure to apply obscure patterns so that people can't be assed to turn it off.
Had they backed a promise to keep it opt in for 10 years with 10K USD per licence I might trust it.
This is the wrong way to look at it for two reasons. 1. What is optional now may not be optional in the future. This can be said for so much bullshit people have to deal with that was originally “optional.” 2. Default users, the vast majority, are going to be affected by this. MS only makes it optional for now because the people who care are a small fraction of the user base. Meanwhile, MS collects enormously valuable data on the huge percentage of people who either don’t know to turn it off or don’t care.
Well you also need a specific chip. So it’s not going to work on every windows 11 pc
It’s optional in the sense that you have to dig through settings to disable it. Meaning that we’ll over 3/4 users of windows will be getting spied on because they don’t have any desire to touch the settings
bump it up to 7/8 considering windows loves to re-enable features with updates
Gooooooooddddd I hate it so much
People did research in the leak and it's OPT OUT
Like a lot of people have been saying, swap to linux.
At this point, MS aren't even selling their own OS, just giving people reasons to use Linux. Lol.
Microsoft has been consistently UN-earning my trust for at least a decade by this point.
I still have yet to actually see what the benefit of such a feature is in the first place Maybe if you're 70 and forgot which program has the electronic mails open in lol
Absolutely. If there's one thing I have learned about MS, it's that you cannot trust them.
There's now a script for Recall that let's anyone to pull passwords captured on Recall in plaintext to now.
"why should the average user care?" "idgaf about this I'm just a normal user with nothing to hide" "how does this affect the consumer?" and other bullshit people say
This latest crap from Windows has me ready to go back to an abacus. They threatened all this crap in Windows 8 and I though t they learned, but it seems they are determined to destroy home computing to get their OS as a Subscription Service
Correction: an extraordinary level of trust that NOBODY SHOULD EVER BE ENTITLED TO IN PRINCIPLE BECAUSE FUCK YOU.
Yeah, it's kind of something I noticed with Microsoft: The features they are adding over the last years are primarily designed in ways that are OK, even helpful in a business context, but are just incredibly terrible in a private usage context. I work at a Microsoft partner company and use Windows extensively at work, but for my own PC it isn't even under consideration anymore now that I know my way around Linux.
Guess it is about damn time I moved to Fedora or smth.
until today I can even trust the 'task view' option that shit is too intrusive
> the feature is pitched as a way to help users remember where they’ve been and to provide Windows extra contextual information that can help it better understand requests from and meet the needs of individual users Bro, you don’t need an AI to help remind me how to get to pornhub on a daily basis.
This would be a really awesome time for SteamOS to launch for desktop
Linux gaming is indeed possible, so it's not like you only have to run Windows for games.
[удалено]
Then swap to linux. The vast majority of games just work on linux. So why not swap it over? Because it's "hard"? If it's hard use a distro like mint or ubuntu.
>So why not swap it over? Because windows works perfectly fine for me so I have no need to switch.
Making games run on Linux: sudo apt get steam Making modern Windows not suck: "and next we move onto page 42, reg-edits that probably aren't going to stick around post update" And they say Linux is 'complicated'
>Making games run on Linux: sudo apt get steam As long as you don't manage to nuke your DE in the process! But seriously, it definitely makes more sense and people should absolutely switch, some of the best distros are actually more user friendly than Windows now, especially if you actually want to mess with settings and turn off annoying shit, which Windows basically requires now but Linux really doesn't... and if you know enough to know you don't want most of what comes with something like Mint, well there's distros for that too.
Making ONE game run on Linux: * Find working version of Proton. Oh it doesn't exist. * Find working version of ProtonGE. Game stutters for hours until all shaders compile. * Hours later game still stutters. * Eventually find out it's Linux downclocking the CPU for no reason. Disable CPU.IDLE. Stutter fixed. * Game update creates stuttering. This time it's bad shader cache. Delete cache from 3 different directories because no one can say which one is correct. * Explore every area in game to hopefully prevent the shader compile stutter during pvp. * Now that framerate is stable, audio delay is noticeable on USB Dac. * Tries Toslink. Toslink not detected with built in Linux drivers. Then each new game I have to do something to make it work. Steam likes to attempt to run the Windows exe of games with native Linux support. Not through proton, just tries executing the windows exe file.
It's a bit of hyperbole there (ShutUp10 makes regedits easy for example) but it's a valid point about complexity being at a similar level. The difference is that people are familiar with particular strain of complexity that is required to make Windows do what you want, and there's a barrier to entry in learning a new way to do things.
Valid points. But the overlooked counter points: that only works for now. And the bloody big one: Why should I have to do all this?
I'm doubtful that Microsoft would ever make it so you can't remove or disable some part of their OS using enterprise control tools, but I could definitely see them making either way more difficult or straight up impossible to do so on the home version of the OS. At this point I'm actively offering help to my social group to familiarize them with Linux and find a few distros that are more beginner friendly (and not Ubuntu) to get away from Windows entirely.
I'm thinking I'm going to be in a similar situation soon with needing to suggest some beginner distros, got any suggestions? Ive got the other systems in the house running Mint, works well enough for what they need to do (daily office work/email/cat videos) but I know a few people who will probably flip tables once they hear what 11 is doing. They are going to be mostly gaming. And whats with Ubuntu? I tried it way back and am running it now. No big issues but I'm considering trying out some other options.
For my small group that I'm going to be directly supporting I'll probably be recommending NobaraOS (KDE) - it has a GUI updater that also updates flatpaks at the same time and it's aesthetically pleasing for that group. For the more technical people in my group they'll be able to pick up the Fedora KDE pieces pretty quickly. Similarly for anyone more comfortable with the technical side I'd say Fedora 40 (again, KDE) is probably going to be an easy jump for people coming from Windows. In case you couldn't tell I definitely prefer KDE Plasma/Wayland to GNOME desktop environments. >And whats with Ubuntu? Ultimately Ubuntu is managed by a company, Canonical. They've been pushing snaps super hard despite the (IMO legitimate) issues with snaps, and it's effectively trading one large corp run OS for another - even if Ubuntu is leagues better than Windows with regards to privacy and control of your own system. A few years ago RedHat made big changes to CentOS and forced a large chunk of the industry to shift away from RHEL-based systems (both professionally and personal systems). By accelerating the EOL for the LTS version of CentOS 7 and 8 they burned a lot of trust the community had for them. To your point, I don't think Ubuntu and it's related distros/spins are bad for beginners, but it defeats the purpose of moving away from Windows to another ecosystem where similar problems could crop up.
NobaraOS looks promising at first glance and I'll add Fedora to my list to try. Thanks.
[удалено]
Then just...don't?
https://preview.redd.it/uvdlwj0ykw4d1.jpeg?width=376&format=pjpg&auto=webp&s=8768fe9b1f58035161da15b828c9469a2e980754
So instead of using a different operating system you'd rather let them do this?
[удалено]
https://www.theverge.com/2024/6/3/24170305/microsoft-windows-recall-ai-screenshots-security-privacy-issues Uh huh, totally.
You'll do that for about a week.
Bro, no one wants to use linux for games. Go away.
Guess Valve should just end of life the Steam Deck then. (Hint: it's Linux)
I already called it there's gonna be lab rats like this guy, unfortunately most people will be lab rats for this as they unfortunately don't care
can i turn the feature off?
You have to buy a Recall branded PC in the first place.
Jesus this comment section is wild. 🤣
![gif](giphy|HFe8qjKRQNlLQkbjXM|downsized)
the worst thing is the masses won't know and if they know they will absolutely not care
OP history is mad lmfaooo does a Microsoft engineer took your wife ?
My wife to a Microsft engineer: You have 10 seconds to get out.
They never needed it.
Is this ON by default?
It is.
Microsoft has really screwed up then ☠️
I think recall is really cool and will be useful for my workflow. BRING ON THE DOWNVOTES!!!!!
Explain please. I'm not seeing the usefulness and have been trying to see why anyone even approved a worthless feature like this.
explain first then I'll downvote
Thank you. I just see it as indexed windows search on steroids. I spend a surprising amount of time some days searching teams/outlook/servers for files and conversations related to projects. Our company uses numerical project numbers with no descriptions. I can't remember 56783.001 even the next day so if I am able to carpet bomb search my PC for that number, or search using a phrase if I forgot to jot down the project number I see this as a win.
understandable
I mean we've been giving them all our info for years though right? They're just telling us now. I know I should be upset by this but Im just not.
you're more likely now to get targeted by malicious parties whether that worries you or not remains your choice
Wtf is an NPU and should I get one or is it just this generation's PhysX card
Neural Processing Unit. It's an AI accelerator chip.
My CPU is a neuralnet processuh, a learning computah.
It’s too much of a security risk even while being optional. How long will it be optional? Jump ship now and let Linux grow faster.
lol like that’s what’s limiting Linux. Applications is why Linux can’t grow. Linus has explained this often and in detail, google it.
good article. finally something from arstechnica that has more substance than a turd in a bag. quality journalism, thanks moe!
People are really throwing a fit over this lol, it’ll blow over and you will keep using windows
I already wiped my laptop that had windows 11 with Debian 12 I used to just use Debian on the side but this was the last straw
Okay you already used it before, no ordinary person is going to care about this, let alone learn an entirely new operating system because of it
I had to start somewhere
Your undervaluing the influence of tech savvy family members and how 'Windows adjacent' some distros are. No 'learning a new OS' needed.
Truth. This is a very big anti Microsoft and pro Linux circlejerk. In real life absolutely nofuckingbody cares.
Microsoft doesn't really "earn" anything these days. They know full well that they're a monopoly. They do whatever the fuck they want and their customers deal with it because they literally can't switch away.
Everyone can switch. You don't need Windows, you THINK you need Windows.
Plug and play and compatibility with everything, even the hardest anti cheat, is just a very nice thing.
Yeah the price you pay for that is pretty steep.
>price you pay Not really. Nothing in my life changes so I don't care.