The first issue I have with this feature is: It's opt-out and not opt-in.
The second problem I have is that they tell me that neither the snapshots are send to Microsoft nor are they analyzed on Microsoft's servers, but I do NOT know what happens with the data once stuff got analyzed on an operating system that is phoning home all kinds of information all the time w/o me being able to tell what it is. Not even the enterprise version can disable all the "phone home features" there are and Microsoft doesn't make everything public that they transfer.
The third issue is that stuff is stored on my local drive with bitlocker encryption that can be easily circumvented even if they store the keys in a TPM. There is this universal, not well known, only documented in a single file, backdoor to Windows [1] that allows you to gain full control over the system even with secure boot enabled.
The possibilities of your boss spying on you will become endless. Not that they aren't already, but this opens a whole new can of worms.
What is in that docx file? What is this backdoor that will crack a personal Bitlocker drive encrypted with a PIN? There is (another) 'backdoor' that I know about which is only a backdoor because people don't generally know it exists, but if you use your Windows account to log in with Windows and decrypt the Bitlocker drive, it stores your key in the cloud so that you can unlock it by using the MS account as a 'password reset' feature. I am sure this exists because people don't understand that the question 'I encrypted my drive and forget the password, how do I fix it' is 'you can't', unless you make the encryption worthless by having the key somewhere other people can access. But MS really doesn't care because it also allows businesses to unlock their employee's machines, and a business's concerns are the only concerns MS cares about, and only partially and only sometimes.
This allows you to write a binary to the system's memory that is then read by Windows on startup, stored on the hard drive and executed with system privileges.
The sheer existance of the feature came to light when people began to wonder why Lenovo is able to install their install service every time after they did a clean installation. They went as far as changing the hard drive and the service still reappeared.
Asking Lenovo what was going on, Lenovo replied with the information about this and Microsoft had to come up with some documentation. Its existance was neither communicated to the public nor documented anywhere in Microsoft's documentation.
Just google the name and be surprised how you cannot find anything about it on Microsoft's pages besides this one document.
Yeah another reason why I don't like this. This isn't documented either I cannot verify if it's true and if it does what it's supposed to do.
The whole feature shouldn't be there in the first place and while WBPT has been documented since Windows 8, similar features have existed way before that and where never documented.
Bitlocker has never been marketed as a consumer solution for privacy, it has been marketed as a way for companies to lock down their data if an employee's laptop get stolen or they get fired and don't return it. Anyone that expects that Bitlocker would keep their data private in all cases where they do not personally unlock it is naive.
Why would you trust Secure Boot in the first place on a system where an attacker controls the firmware? And if they don't control the firmware and Secure Boot is enabled, how are they injecting ACPI tables?
While I'm no fan of WPBT, I don't see it as much of a security threat.
Well secure boot only means that the binaries that are executed have been signed and nothing has tainted the boot process. So a USB drive with some signed UEFI binary could just be loaded in the process and wouldn't taint anything.
And wait a little bit for "Recall" in windows for corporate.
Providing all the power of this recording to watch employees.
If anyone thinks that it is too extreme to be serious, you have to know that Microsoft offered (and is maybe still offering) to company creepy spy stats other employee activities through Office 365, like how long is spent on emails, active on the computer, chatting with other employees,...
I said this yesterday but I'll say it again in case Microsoft is listening: recall could come in handy as long as it has a "start record" and "stop record" button with an indicator like a red light when it is recording. Otherwise I won't use it.
Fair enough. I'll stop saying that. In my defense, saying "I believe Microsoft wouldn't violate my privacy because I'm not very interesting" isn't the same as saying "I believe Microsoft wouldn't viloate our privacy because no one is very interesting"
Apple lets you turn off many things privacy wise on their system. You can turn them all offf. And your system till phones home continuously (try little snitch).
Microsoft is objectively worse wrt privacy. Do you think a microsoft-programmed off button would work?
I was naive long ago when I worked with an ex-microsoft employee (90's). I was telling him about how some version of windows broke third-party software, and I said that engineers often don't know who is using their software etc.
He told me that I was naive. That microsoft had meetings about things like this, and they discussed their strategies and "how can we own this?"
As far as microsoft and privacy, they have shown again and again that they are not on the side of the individual. They collect amazing quantities of data, they keep on mixing things up to obfuscate things, and they show no signs of slowing down (just the opposite). As far as privacy is concerned, microsoft sets a very bad example, and others follow.
No problem. Thanks for the apology and the explanation. I read an article recently how people have widely diverging views of privacy and think that explains the confusion. I'm fine with Microsoft learning from data derived by my behavior online if it helps them improve the software. I volunteer to give them telemetry if it's an option. But I understand some people have a much stricter sense of privacy and 'recall' crosses that line for them. If Microsoft had a copy of my private journal that would be a red line for me. Some people feel that way about the very idea of 'recall' I take it.
Presumably the real feature here is for admins to query the machine and ask it "how many hours of work did joebob actually do this week", and "has joebob complied with the will of his manager at all times this week".
Calling it a minefield doesn't go far enough. Atrocity seems closer. Even if they're promising protections now, how long do you think it will take before they realize that profits are greater than privacy for this feature too?
This is going to be such a benefit to law enforcement. Being able to just scan the history of the machine to see if a suspect had a illegal file and then deleted it, or what they were doing before they wiped their browser history is going to cause a ton more successful court cases.
That said, it makes going to random websites from comment chains or user submitted stories much more dangerous. If they lead to illegal content, it's now stored ready to be used against you if law enforcement ever wants to take a close look at you.
Some days I think the Microsoft personal computing team is just a division of the Apple marketing department where their main charge is to help sell more Macs.
About 1x/year I get frustrated with the depth of my lock-in to the Apple Ecosystem and start looking for an alternative (thats not a science project).
After I go through the Windows offerings and do some reading I'm generally happy to go back to dealing with whatever bullshit Apple want's to cram down my throat this release. Now sure iCloud knows the depths of my soul but at least I voluntarily put things there. Thats a far cry from some AI screen capping me in the background and running some AI over it (to show me more relevant ads in the Start Menu).
I use a Mac every day, for work and personal stuff.
I have a Windows desktop PC, that I use almost exclusively for playing PC games with friends. I already had to use some obscure method to bypass signing in with my Microsoft account during installation. I boot it anywhere between once a month and a few times a week, and about 50% of the time some random configuration changes and I can’t do the one thing that I set out to do (play a game) without updating or downgrading some arbitrary driver.
Oh, and it nags me almost every boot to sign in with my Microsoft account for one reason or another. And this is an operating system with an MSRP of $200!
There are loads of things to critique about my Mac, but I can use it daily just fine, without the OS trying to trick me into signing into some service or other. The daily experience of using it feels much more consensual, as you describe.
If AI gets really good we may be on trouble. If such features become a necessity, to boost productivity we may realy forget about privacy. We may be forced to choose between productivity and privacy, and I suspect what many of us will choose
Honestly, I like the idea behind the feature. Sure, I could (and probably should!) be more proactive with my bookmarks, or otherwise saving content I find interesting.
But the fact is, I don't. If something like this (with negligible enough compute/storage impacts) could be implemented locally, I would probably buy into it. I'm sure it would be "better" with a larger model, but as a jumping-off point for finding something I saw or read about prior, I think a locally available model would suffice.
Trusting Microsoft (or Apple, OpenAI, etc.) with this information for a "better" AI model is not a trade-off I'd personally find acceptable.
The second problem I have is that they tell me that neither the snapshots are send to Microsoft nor are they analyzed on Microsoft's servers, but I do NOT know what happens with the data once stuff got analyzed on an operating system that is phoning home all kinds of information all the time w/o me being able to tell what it is. Not even the enterprise version can disable all the "phone home features" there are and Microsoft doesn't make everything public that they transfer.
The third issue is that stuff is stored on my local drive with bitlocker encryption that can be easily circumvented even if they store the keys in a TPM. There is this universal, not well known, only documented in a single file, backdoor to Windows [1] that allows you to gain full control over the system even with secure boot enabled.
The possibilities of your boss spying on you will become endless. Not that they aren't already, but this opens a whole new can of worms.
[1] - https://download.microsoft.com/download/8/a/2/8a2fb72d-9b96-...