Hacker News new | past | comments | ask | show | jobs | submit login
Recall: Stealing everything you've ever typed or viewed on your own Windows PC (doublepulsar.com)
443 points by todsacerdoti 5 months ago | hide | past | favorite | 378 comments



Related threads:

"Giving Windows total recall of everything a user does is a privacy minefield", 41 comments, https://news.ycombinator.com/item?id=40470806

"AI PCs are the final nail in the coffin of open computing", 60 comments, https://news.ycombinator.com/item?id=40436975

"How the new Microsoft Recall feature fundamentally undermines Windows security", 50 comments, https://news.ycombinator.com/item?id=40433884

"Windows Recall sounds like a privacy nightmare", 298 comments, https://news.ycombinator.com/item?id=40443682


What a lot of people are missing in all this is that Microsoft is coming from one, dialing it up to eleven to then dial it back to 9.

By pushing this onto people in a hard way they open the door to come up with a mitigating solution that later is far beyond what we had before recall but not as bad as what they pushed onto people in the first place. So they will reach their goal, as it was never 11, it was always 9.


Deliberate manipulation of the Overton window is, unfortunately, nothing new.


maybe not 9, to avoid breaking compatibility...


Gnihihihihihihi


I understood this reference.


I didn’t… is because of Windows Nein?


back in the day there was a healthy blend of win95, 98, ME, XP, and vista in the wild. it was common for devs to check for older versions with something like `if str(os.version)[0] == 9`. according to legend enough (internal?) software kept breaking that the solution became "don't put a 9 in the version number".

iirc they officially stated it was because of how much people disliked win8.


This is exactly where my mind went. The version string.


Hand wavy fears about the 9th version poorly string matching with 95 or 98 I guess


I used to work on Windows at Microsoft, prior to Windows 10. I've always kept some Windows machines around because I felt that Windows was actually not that bad of an operating system, having personally reviewed a good amount of its source code and seen what the engineering culture was back at the time I was there.

I gave ChromeOS a try for some machines I might otherwise have run Windows on, but I kept the Windows machines around for gaming and for the occasional oddball proprietary software package that some family member just had to have. About the time Google dropped its unofficial motto "Don't Be Evil" I started moving away from ChromeOS and back to trusty old Debian.

I've recently purchased a Framework 16 with an AMD Radeon RX 7700S GPU and installed Arch Linux and Steam on it. All the games I care about playing at the moment, including Elden Ring and Baldur's Gate 3, run phenomenally well on it. It's 100% stable driving a 2560x1600 display at 60+fps with high graphics settings. I can plug in a PS5 controller and it "just works."

With that I now feel truly free of anything Microsoft, in the sense that I don't feel like I'm making any compromises at all with how I want to use my computers by using Linux rather than Windows. I'm going to be installing Arch or Debian Linux on my remaining Windows boxen over the summer.

So this is my final adieu, my old friend Microsoft. How far our paths have diverged since we first parted ways. Hit me up again when you've extricated your OS from your cloud and stopped showing ads and integrating privacy-hostile features. I won't be holding my breath though.


> I used to work on Windows at Microsoft, prior to Windows 10. I've always kept some Windows machines around because I felt that Windows was actually not that bad of an operating system, having personally reviewed a good amount of its source code and seen what the engineering culture was back at the time I was there.

I'm curious how the culture was though. I always get the vibe that Microsoft has never been "end user oriented" if that makes sense. They always seemed to be making a product for other businesses. To this day, Windows, Office, and especially stuff like MS Teams feel like they were designed from the ground up for a heavily managed business environment with heavy surveillance and tight controls.

Stuff like Telemetry and requiring MS accounts for logging into Windows 10+ seem more of a nod to employers. It's really amazing how much MS has been able to convince users to give controls of their own devices to MS/employers/others. Stuff like using Outlook on a personal phone giving the employer the ability to wipe the employee's phone.

Like I don't think they have ever, in their years, seen end users of their products as "customers". I think they see businesses, sometimes independent developers, and advertising firms as their real customers.


Since getting a steam deck and discovering for myself how well proton works, I think I'll be parting ways with windows on my next round of upgrades of computers at home. In fact I'm thinking of getting rid of my windows workstation tower and just using a docked steamdeck deck instead. The privacy and advertising nonsense is just ridiculous. I'm primarily work as a c# dev, but now that dotnet is properly supported on Linux the only reason for not leaving windows is full fat visual studio. I find vscode to be a bit shit in comparison.


If you're not averse to paying for an editor - Rider by JetBrains got me through my C# + Unity courses in university (using Linux), I still use visual studio to this day at work and I think I prefer Rider overall actually, but obviously it comes with a fair price tag.


My problem with rider is that most c# shops are visual studio. It is a time investment for me to learn and my current employer has made a cost cutting and ended our jetbrains resharper licenses, they won't pay for rider. This is pretty annoying. Vscode is free, so I can use it where ever. I don't like vscode, but it is proving useful to know due to the number things that it can be used for.


Interestingly enough, this does not track with experiences of most of my network - employers are usually happy (and sometimes mandate, which is not that good) to pay for Resharper, which carries over to Rider without issue.


> I'm curious how the culture was though. I always get the vibe that Microsoft has never been "end user oriented" if that makes sense. They always seemed to be making a product for other businesses.

I started on Windows XP and left on Windows 10 (skipping Vista and Win 8.0, and part of 8.1). Windows was always a tool to get things done. Buy a software license and you can be pretty sure you can run things indefinitely on it. Everything (almost?) was accessible by clicking, so ultimately discoverable. No need to learn arcane commands, just follow and imitate. And you mostly have to do the training once. Linux was an expert tool and macOS (I used it since Mojave) always felt like it's for people who compute, but mostly as a secondary activity (shiny and pleasant, but always lacking the remaining bit).

I've never thought of myself of being a Microsoft customer, just like you don't think of being a Dell customer or HP customer when using their monitors or printers. You need to get something done and Windows was the bedrock for that. Especially if you were hiring people to do it.

But now it's like seeing your workbench animating and contorting itself in new shapes every time you come close. Insulting your intelligence all the while.


The amount of times that Teams has gone down, or Teams broke, or Teams wouldn't let me do something literally every other chat program did because of policy or management or because Teams wasn't built that way for compliance reasons or lalalala.

You can't even search messages more than a certain age because they're gigantic Microsoft Exchange objects. Somehow Discord can give you instantaneous results but Teams is a giant piece of crap.

That's kinda what I was getting at. And don't even get me started with Windows file permissions, or Windows' way of doing symlinks, or Windows' way of doing keyboard hotkeys that no other OS on this planet does.


Clippy: I see you keep your #2 Phillips screwdriver in a dedicated slot on your workbench. We've replaced that slot with an ad and moved your screwdriver into a box in a drawer in a closet in the shed. Aren't we so helpful?


To be fair, MS has done an incredible amount of work to keep backwards compatibility. It may not 'show' to the end user, but they put in significant programming hours/effort $$$s for this. Now, this doesn't mean it was all for the 'end user' but they did benefit a bit from this.


> Everything a user has ever seen, ordered by application. Every bit of text the user has seen, with some minor exceptions (e.g. Microsoft Edge InPrivate mode is excluded, but Google Chrome isn’t).

Microsoft was the company that used to add bespoke code to Windows to maintain compatibility with old third party software, patch explorer.exe to stop third party customizations from crashing it, etc. While the whole Recall thing is a pretty bad idea for most users, the lack of care extended to the third party browser with overwhelming market share among their users is just sad. Are they counting on people switching to Edge because “PSA: you’ll be recorded if you watch pr0n in Chrome!”?


It was surely just schedule pressure. There's no system-visible API for "incognito mode" (nor should there be, obviously, as it would defeat the purpose) so they just skipped it.

I dunno, and I say this as someone who works for a competitor and has no love for MS... a lot of the responses here seem really uncharitable. This isn't bad faith, it's just a rushed product with some poor planning. If Apple had rolled this same feature out with glitz and a giant slideshow about privacy and explained how everything was encrypted and never left the device, we'd all be crowing about how great it is even if it too was screenshotting incognito windows.


I thought about it for a minute, and sure, given a chrome.exe HWND, I can't think of a way to tell if it's Incognito.[1] But companies work with important vendors on major features all the time. If they think it's important enough to exclude private windows in Edge, they surely could have worked with Google to figure out something.

> nor should there be, obviously, as it would defeat the purpose

No it doesn't. Incognito mode is about leaving no trace on disk, that's all. Recall is the one defeating that purpose right now, if TFA is accurate.

[1] Not saying it's impossible. Only that I can't think of a straightforward solution in a pinch with my limited Windows experience and hacking skills.


In Firefox, check for "Private Browsing" in the titlebar. In Tor Browser… default to "it's private". In stock Chromium, look for the string "Incognito" near the Chrome hamburger icon (e.g. via IAccessible2).

It's not hard to support this functionality in the major browsers: it'd take me all of 15 minutes.


What about localization? What if a release of the browser changes the string?


It seems contrary to their docs[0]:

> Recall won’t save any content from your private browsing activity when you’re using Microsoft Edge, Firefox, Opera, Google Chrome, or other Chromium-based browsers.

Without a system-level incognito mode feature I could see apps allowing users to denote their windows as DRM content to avoid Recall.

0: https://support.microsoft.com/en-us/windows/privacy-and-cont...


> apps allowing users to denote their windows as DRM content to avoid Recall

That would prevent user-initiated screen captures as well. Not a good idea for browsers at least.


> a lot of the responses here seem really uncharitable. This isn't bad faith, it's just a rushed product with some poor planning.

But it’s not the product people are criticizing, at all. Similar tools have existed for a long time and have not raised eyebrows except when it’s been forced by an employer or a school. It’s that it’s the OS putting an always on and enabled-by-default spyware on devices that are frequently shared by family members, when their average users who barely know what a web browser is and will just accept recommended defaults. Speaking of which, the whole spiel about Edge/IE is precisely their aggressive defaults. It’s the same here.

If you’re a startup building custom tools you can talk about rushed products and assume good intent. This software is built by a software company with some of the worlds best software engineers all the way up to the top. I mean, people trust them with everything from business secrets to payment details to mission critical services. This is clearly not a “rushed product oopsie”, it’s blatant disregard for privacy, and to a lesser extent, security.

I’m avoiding windows like the plague, but since seeing my mom get bombarded with “recommended Microsoft defaults” over the last decade or so, I’m convinced MS is deliberately exploiting uninformed users as much as they can get away with, while leaving hidden options for power users to disable the ads and the crapware so they don’t leave. This total recall debacle is probably a similar attempt at using their unknowing user base to train their new AI models, or similar. If it was a genuinely useful product it would not be enabled by default.


> It’s that it’s the OS putting an always on and enabled-by-default spyware on devices that are frequently shared

And I have to repeat: if Apple Computer had pushed the same product, but with a slide talking about how it was all locally encrypted and unextractable and tied to both the device and the user account, HN would be celebrating the attention to privacy even though macs too are "frequently shared". And the reasoning would be how strong the security engineering was around the process, because we love that stuff and we love macs.

MS doesn't get the same benefit of the doubt, and it leaks into the technical content of the argument, and that's wrong. And FWIW I'm mostly just handwaving the technical details. I mean, do we know for a fact that MS is *not* encrypting this with a TPM-managed key tied to the user account? I bet they are, honestly.


> if Apple Computer had pushed the same product, […], HN would be celebrating the attention to privacy

I don’t believe so, at least not if it’s enabled-by-default.

> MS doesn't get the same benefit of the doubt

Apple doesn’t rely on benefit of the doubt because they are very clear about how the privacy of new products work (say Touch and Face ID), and Microsoft is not. I mean just look at this very thread, it’s super unclear how it works and interacts with other windows feature (some of which are premium) like fde/bitlocker and whether there’s telemetry/training. That obviously contributes to the “harsh” response. As it should.


> I mean just look at this very thread, it’s super unclear how it works and interacts with other windows feature

I agree with you, but that’s not great evidence for your point. Bring up any random Apple feature and people will be quick to warn you about their misunderstandings of it. “Face ID means Apple has all our pictures now!” “Apple Keychain shares all your passwords with them!” Etc.


> bitlocker

Windows is actually pushing for bitlocker by default now. I believe new Windows 11 installs either are already or will soon start defaulting to enabling bitlocker across the board.

> telemetry/training

It's really just timer triggered screenshots + OCR + an SLM (small language model) running on device on a TPU/NPU, GPU, or other ONNX compatible device.

I'm generally super uncharitable about Microsoft since a lot of their stuff is a nasty black box with unclear security assumptions however with Recall, it seems like people are really jumping to conclusions without really even looking into what all it is.

This is a largely "unsophisticated" product made by bolting a bunch of more or less preassembled components and the bulk of which is open source.

- Screenshot + OCR is almost certainly Microsoft Powertoys Text Extractor (https://github.com/microsoft/PowerToys)

- The DB is sqlite but the system is probably just kernel-memory which is a local .NET application: https://github.com/microsoft/kernel-memory

- The SLM is Phi-3 which is open and designed primarily to run locally https://azure.microsoft.com/en-us/blog/introducing-phi-3-red...

- The actual underlying tech stack is DirectML (https://github.com/microsoft/DirectML) and ONNX (https://github.com/microsoft/onnxruntime).

----

So the data is intended to be encrypted at rest along with the rest of the OS, it's all run locally (which isn't a handwaivy thing, the tech is all very much capable of running locally) and if you don't have hardware capable of running it, it shouldn't be enabled in the first place.

My confusion with all of this is why Recall didn't start out as a PowerToys feature. It sounds like the exact type of internal "look at this cool little toy I built" thing that generally makes it into PowerToys but I'm assuming some exec ran with the opportunity and said "this is awesome, let's ship it with the OS and make it a highliner feature for our AI push" which is how we got here.


Absolutely not would I give Apple a free pass either. They can say all the nice things they want about protecting my privacy, but I do not trust any commercial entity will act in my best interest. Especially when they all have government requirements to hand over my data when a cop asks nicely.

We are speed running into a neuromancer dystopia where tech companies control every facet of our lives. Why would I be ok with them making it easier to monitor my every keystroke?


Spotlight already indexes all the text on your disk.


> a lot of the responses here seem really uncharitable.

It's Microsoft. There no reason to extend any charity whatsoever when talking about this company.


> we'd all be crowing about how great it is

Not all of us, no.


Thankfully it looks like they've already added support for Chrome, Firefox and a bunch of other browsers:

https://support.microsoft.com/en-us/windows/retrace-your-ste...


This is not something to be grateful for. They are normalizing spying by default.


I didn't say we should be grateful about that.

I'm saying that thankfully they are not using the threat of your guarded personal data being exposed because you want this feature but don't want to use Edge.


That's what they say in marketing materials, but TFA claims to have dumped their database and was speaking from experience dissecting that. Hard to say which should be trusted.


TFA is using a preview release of Windows modified to run on hardware that isn’t officially supported, I would lean towards trusting the marketing material on what will be supported at release.


"Thankful" for surveillance?


Thankful for not pushing Edge if you decide you want this feature. This feature is something the community has been independently creating for years.

Personally I don't think people should actually allow this type of feature. It's too much of a risk. But my point stands on its own, that at least they aren't creating an even more perverse incentive to use Edge, which they absolutely could have done, and seems the MO of the Microsoft today who would sacrifice all else to be able to say there's 1 or 2 more Edge or Bing users.


Presumably there's work needed from the app side for this integration, the OS component won't know what the app / user wants captured or not.


How would this system know chrome was running incognito?


Develop an API in Windows. Contribute to the Chromium codebase to use this API.


We already have "Launch as Administrator"

add "Launch in private mode"


So now the user has to remember to not only open a private window or tab in their browser, but also open the whole browser in private mode?


If you want to be really consumer focused, the OS could keep the browser (and other apps) honest about some of it's privacy guarantees by not affording it any persistent storage between sessions.


While they seem to be adding an API for it, if you wanted you could just add a "block screenshots" API.

This is already basically in place with DRM since the windows screenshot utility won't screencap most DRMed content on win apps like netflix or even on firefox nowadays.

What MS is adding on top of this is an API to check which tabs/web pages are visible and selectively black out web pages that are added to a given user level blacklist.


For one, OCR’ing the word Incognito from the screen?


So I just add a new custom toolbar to the bottom of the screen titled "Incognito" so that the text is always there, and suddenly nothing's being recorded anymore? :P

On one level that's convenient, but on the other hand I'm not sure it's a very robust design.


What if it’s fullscreen? What if the title bar of the window is off the screen?

A better solution would be to just pause the screen capture whenever incognito is open anywhere


That only works if you have the "New Incognito Tab" page active. Not when you're actually browsing something.


There's also the profile button at the top right, just to the left of the hamburger menu, that says "Incognito" on it.


Yeah I forgot about that.


Microsoft is still fighting the browser wars of the 90s. They're not going to give third-party browsers any quarter if they can avoid it.


Watching users flock to Apple's walled garden, to the point where it's a social issue to not have an iPhone, has left Microsoft (and many others) wondering why the fuck they have been so accommodating to user choices for all this time.


Outside of high school, where literally everything is a reason to ostracize people who are different, where is it a social issue to not have an iPhone?


I've been married for ages (so I can't speak to this first-hand), but my single friends in their late-20s to mid-30s say that NOT having an iPhone gets them rejected fairly often.


Seems to me like an effortless way for them to automatically filter out terrible, shallow partners from their lives before investing anything into a relationship. What a time-saver!


I think you are missing the first half the modern male reproductive lifecycle. What you are saying increasingly applies to 30's onward (when males are looking for long term family relationships) but for the 20 somethings many are looking for these shallow, vacuous women because they often can be convinced into meaningless sex. It's a pretty sad state but it appears to be this way now.


what the

I don't want to seem unduly cruel, but I strongly suggest examining whatever mislearnings led you to this point and get out and meet some people


You and I are in violent agreement on this, but... the younger generation seems more interested in 'smashing' these days than 'partner-seeking'. Can't say I was MUCH different, but I certainly wouldn't change the daily-driver tech I use just to peacock for a hot date.


Perhaps that’s more prevalent in the US and wealthier districts? I haven’t seen any of that in the UK (everyone here seems to use WhatsApp, Instagram, and Snapchat which I similarly dislike)


Sounds like your friends are dodging bullets without having to do anything. I say this as an iPhone user.


I’m in that age range and I’m married. A few years ago when I was still a single man, I experienced this firsthand at least a few times. My primary device wasn’t an iPhone and I had women tell me they “don’t like texting with green bubbles”…it was pretty bizarre, to say the least. In hindsight, I’m glad those women filtered themselves out, but it’s definitely really rough out there for our society’s young men.


Is there any possible steelman for this, or is it as shallow as it sounds?


Possible steelier arguments:

- "iPhone's are generally more expensive, Android phones are generally cheaper", so having an iPhone signals financial "goodness". Same argument can be applied to lots of other products.

- "iPhones are generally better, so if you have Android you're compromising for some reason", e.g. lack of money to buy one, "weird" political/social/other beliefs, etc.

- Messaging systems are like accents; some people might prefer dating someone who speaks their language in a more similar accent, and others might prefer dating people who use the messaging system they prefer.

Also, a lot depends on your definition of "shallow".


I'd thought of the money one, hadn't thought about the possible signaling of "weird" beliefs.

The third point seems a little silly at first, but reflecting on my own musings on whether to go full Signal-only or not I guess I can imagine someone being iMessage only same as some people are Signal-only.

Thanks!


maybe women don’t want their sms/mms/phone calls being leaked unencrypted over the antiquated, legacy telephony network?


Great point. I will use this as a greater point in my Android vs Apple arguments in the future.


As an Android user, I'd counter "Signal". Which I think would bring things back to what another comment mentioned about preferences in messaging platforms.


And maybe they prefer developing in Swift and/or prefer Xcode?


I would argue that not having an iPhone is behaving as a filter for likely incompatible pairings if not possessing a particular brand of phone is an issue to any prospective partner.


It can definitely be an issue on the dating apps to be a male looking for gf material if you’re using android. I think it’s because of the shallow tech knowledge of other people as to why android is as good as apple, but the heart wants what the heart wants. For those saying such people are “shallow”, it’s just as shallow to assume the same, as one data point does not tell the whole story in my experience.


Having an iPhone was reason for me not to date someone. I'm less bothered by it now but it used to be without fail that iPhone users were just not my people.


It seems to be an American thing, something to do with iMessage.

Here in the UK I've literally never encountered it.


On this side of the Atlantic, not having WhatsApp installed has been far more of an issue for me.


Never seen it in the US either. It’s always these third-hand stories.


I've been a serial date since 2001. Moved to Android after an iPhone 3S mishap. So at least a decade on android.

I have heard at least 10 women JOKE about my android. I'd say atleast 2 gfs in those years eventually made some snide remark.

Will you get dumped for having an android? No. Is it a small -1 mark for most women? I would say so.

And no these aren't totally brainless women. It's been doctors, MBA grads, women in tech, a writer.. I honestly think more regular woman are more sane about it actually and wouldn't care as much as 'fancier' women.


> if you don't use our browser we will spy on you

Good god how more obvious could it be?

Anyone still using this software is a lost cause.


Most people just don’t care that much about tech (they have other shit going on) and will use whatever is put in front of them.

I think the tech community is responsible for keeping companies like MS in check and pushing back against literal spyware being normalised in operating systems.


For a moment my perception of Microsoft was that it has become a cool company (github acquisition, Linux Sub-sytem). I was impressed by how Satya Nadella turned the company around (at least in terms of image).

Between Recall and the mandatory account login to install Windows 10 I am progressively reverting to how I felt about them.


> For a moment my perception of Microsoft was that it has become a cool company

I think that they've been trying very hard to give out that image without really changing who they are.

It's not the first time that they try hard to look like they've changed, and it won't be the last.


Yes. Marketing. In the end, they are working for decision makers who can spend money.

Typical IT guy (not head) cannot spend money without 3 approvals from different departments.


I think 'parts of' microsoft really did become cool.

In developers world, pushing open source, or in gaming - xbox game pass is just best value that there is.

But for every cool department, there also exists one that still behaves as a predatory corpo. And it seems to me like their main target are 'normie' users.


Microsoft is ultimately a for-profit publicly-owned company, and are motivated to increase shareholder value. Being perceived as cool by the open-source community might play into that in some ways, but ultimately there isn't any revenue there.


Tracking and ads integrated by default into the OS, who cares. But they did something with open source, they must have become nice!

And the linux subsystem, well, for me a textbook example of:

https://en.m.wikipedia.org/wiki/Embrace,_extend,_and_extingu...

So sorry, they were never cool to me. I still use them, but if I must switch to win 11 soon, I might take that as an opportunity to finally cut loose my last dependencies with windows.


More than 60% of Azure is run on Linux [1] and the writing was already on the wall when the Linux subsystem was conceived so I don't think it's a good example of EEE.

[1] https://azure.microsoft.com/en-us/products/virtual-machines/...


> I don't think it's a good example of EEE

Not yet, they're still on the "embrace" step.


With WSL they are absolutely at the "extend" step.


Notably, there are some passthrough APIs to extend the captive Linux with Windows features.


It's somewhat hard to find, so lest anyone thinks I'm making it up, here are two things I have heard of - DirectX passthrough and (probably related) DirectML passthrough

https://devblogs.microsoft.com/directx/directx-heart-linux/

https://learn.microsoft.com/en-us/windows/ai/directml/pytorc...


Ah, I didn't know about that. I stand corrected, WSL is at the "extend" stage.


> Tracking and ads integrated by default into the OS, who cares. But they did something with open source, they must have become nice!

> Be kind. Don't be snarky. Converse curiously; don't cross-examine. Edit out swipes.

https://news.ycombinator.com/newsguidelines.html


This is another nail in the coffin for me, as a life long Windows user. My next install is Linux single boot.


I said on HN just a few days ago:

“The only good thing about Recall is that it has been the definitive decider of moving away from Microsoft permanently because for them to create such a ‘feature’ shows a complete lack of care about people’s private data - they’ll be leaving a huge jackpot prize for anyone who breaks into a system.”

And only 4 days later, it is shown.


I've just installed and configured KDE Neon Plasma 6 and I'm really liking it a lot. Feels closer to Windows than my other Ubuntu and Xubuntu installs.

Just my 2p


Found a fellow Brit


^ probably one of the top 5 unsubstantial things fellow countrymen say to eachother on HN


the coffin is nothing but nails at this point.


good, it'll be more likely to sink when we all collectively chuck it in the lake


GitHub became the data source for OpenAI Codex and GitHub Copilot not long after it was acquired.

The #1 merit of Nadella is pushing for increased accessibility.


Microsoft desperately wants those sweet, sweet recurring revenue streams they can get from advertising and selling personal user data. Forcing login was step 1. Recall is step 2.


lol they never really sold me on it. WSL1 with its nano processes is neat, but Teams is a disgusting mess and MS has been rather consistent with treating their users like cattle.


I think the presence of WSL has made MSFT devs move to Linux for their own serious work, making Windows proper a somewhat abandoned platform.


Why is Recall something that would revert your opinion? It’s a feature that provides value to the customer first and foremost.


There was a movie about this exact thing. Antitrust (2001) was about a Microsoft-like company monitoring everyone’s computer and stealing code.

23 years later and here we are.


When I watched this film, I immediately thought during the finale of this film that the story of this film is so "wrong" because the public will barely care about the misdeeds of NURV (or rather: those who do care basically already "know").

From todays's perspective, considering for example the Snowden and Wikileaks revelations that caused exactly these barely-nil reactions in the public, I know that I was right regarding this feeling.


I wouldn't say they caused barely-nil reactions. Maybe to the general public and to a random bystander if asked, but they still had implications for the public's overall trust in the government. And for users in the affected spaces (tech, security, etc.) the reaction was stronger and longer lasting.


> but they still had implications for the public's overall trust in the government.

In my observation it really was as I described:

- those who already deeply distrusted the government continued to do so

- the others (the huge majority) simply did barely care or even attempted to justify the crimes

Concerning your point about tech and security sectors: those who form the inner core of the people working in these sectors basically already knew what was happening since at least the 90s.


Nobody votes for net neutrality or internet rights or privacy focused groups. I agree that there were almost no reactions. June 6th people will vote for European elections, lets see how many seats the pirate party gets.


>> considering for example the Snowden and Wikileaks revelations

Every time someone points at this and acts like it was a revlation I shake my head.

https://en.wikipedia.org/wiki/Room_641A

https://en.wikipedia.org/wiki/Joseph_Nacchio (Every one screams about conspiracy's but the only people who told the Bush II government no went to prison).

https://www.politico.com/blogs/politico-now/2008/02/senate-p...

They did it, out in public people wrote about it, everyone shrugged and went on with their lives. All Snowden did was give it a face, some (program) names, but any one with any sense stayed away already.

The American public has been warned twice, and did not care. It's gonna take something major leaking for them to do anything about it.


Klein said he is relieved another person -- Snowden -- could corroborate his story, but with actual government documents.

"When he first came out, I was delighted. It was, first of all, vindication for what I was saying," Klein said. "He also revealed the programs they were doing were vastly bigger than I ever understood at the time."

https://www.nbcbayarea.com/news/local/bay-area-whistleblower...


It depends on what you see as an appropriate reaction to wikileaks and Snowden. It was a structural problem, and no governing parties ever tried to stop it so voting it out for instance wasn't a solution.

Perhaps Trump's support could be a far reaction to it, with no clear direction but just a strong wish to screw it all. We see the same in other countries where people go to the extremes as discomfort rises with no actionable way.


That was an enjoyable movie, aside for the fact that the writers thought fiber optic cables are used for hidden cameras.


In 2001, image sensors and the electronics to drive them were far larger then they are today, an endoscope-style fibre optic isn't necessarily ridiculous if you only had a tiny hole to sneak through a thick obstruction.

Even today, a non-CIA-grade camera head is probably 2-3mm across and the optics on a fibre optic can be far narrower.

You can only have a pinhole spy cam if you have a void directly behind the pinhole.


Whats the spec on the CIA grade stuff then?


Well, I assume they can do better than a £10 USB endoscope from AliExpress!

But even if you have some ultratiny thing hot out of a classified lab, fibre optics also keep the active electronics further away and harder to detect.


They probably don’t even have to bother, just hack the targets phone, tv, iPad, laptop to get every bit of content they consume and conversation they have.



I think, roughly, having good access to information is a super power (good being a mix of mostly: quick, simple, easy, accurate, free). My personal information is most valuable to me, so having access to that is specially powerful.

The only way to make that happen is to store that information somewhere. The best way to do anything, that I just want the benefits of, is automatically.

And now we are here. It feels monstrous but, to me, the above still stands. How to connect the dots to get to a place that feels good, I do not know. I would not be shocked if it turned out to be mostly about adjusting ourselves to it over time.

But I am almost 100% positive we will all* want this super power, in some much better and much more complete form, in our future lives. And not being able to have it will feel absolutely silly, from there on out forever.


The tradeoff is security and privacy. Important things. If you click the eye icon next to a password, or paste a secret to an env var you are now exploitable. If you have something you want to keep private or shred this is another place to delete (or forget to do so). So there are plenty of anti-benefits to this superpower.


I understand. Nobody* will care.

People already have traded privacy and a comprehensive personality profile for silly streams of video, photos and text on social media for the past 20 years. Imagine what happens, when you get something immensely useful out of it.

Today, nobody will work with you, if you are unable to manage E-Mail. In the future, nobody will work with you, if you can't properly use the time information dimension that this technology enables. You will simply look demented by comparison.


If that is the case then like anything else let’s make it, well… good. And that includes making it safe, secure and privacy focused.

A good delineation is your work PC will be spied on (assume anyone in the org can see what you are doing, even before this tech).

Opting out of it on personal devices is fine. You wont look like an idiot or be refused work I am sure.


It’s only a superpower if you have full control over the data and no one else has access. If someone else has control and access, it’s THEIR superpower over you.


> How to connect the dots to get to a place that feels good, I do not know

With an eraser, entirely not interested.

I'm willing to make the bet on this FOMO that while people risk this, I'll still be just as employable by living like it's 1999

I provide the value, not what I did before


I prefer personal discipline and memory over this 'super power'.


That is the saddest truth I've read for some time


The privacy concerns here are real and massive, and I suspect this will get worse before it gets better.

However. This is the holy grail of computer usage. A good version of this could be the killer app for modern AI. Because of that, ripple are going to keep trying to make this feature happen. There’s already a popular implementation on macOS. I’m excited for the end-state, but apprehensive about getting there.


> However. This is the holy grail of computer usage

i’ve seen this often and i’m trying to understand the issue. i have never wanted to go back in history or have a comprehensive history of all my actions. the only exception is the terminal and for that ctrl+r/history is more than enough. i learn, apply and move on.

what’s the use case for this recall thing?


I often have 100 tabs open so that I can find things I was looking at again. I regularly browse my browser history to try to find things I saw previously. I often remember seeing something in a chat session somewhere, but can't remember which person/channel/room it was...

Being able to search everything I've seen on my screen would address all of these. I think it would fundamentally change how we interface with computers, if we could do it reliably. Silos between applications can start to break down when you have sufficient intelligence about what's on the screen too, and that's a huge opportunity.


interesting. thanks for the reply. i also used to have lots of tabs open till i realised i need to organise better. since then i keep a few tabs open at max and regularly close all my tabs. i also tend to open a tab, read what i need to and then close it. no more clutter this way.


As someone with ADHD, being able to have an assistant with perfect memory that I can ask extremely vague questions to about things I'm pretty sure I did some time between last week and 5 years ago sounds amazing. I'm skeptical Recall will actually be able to do that. I doubt its usefulness outweighs the legal and social concerns. But I can absolutely see the use.


Yes that’s exactly my situation and why I was looking forward to trying out for myself


Microsoft isn't the company to bring what you're picturing here into reality. Honestly what you really want is a journaling software like Obsidian.


This is honestly exactly why I'm (cautiously) optimistic about Recall.


You don't see how having perfect / idempotent memory of every single thing you've seen on your computer would be useful? Half my day on my computer revolves around trying to dig up info I've seen previously that I didn't save/categorize properly. Not even having to bother with the categorization bit in the first place would be an amazing productivity improvement.


>what’s the use case for this recall thing?

Surveillance, very obviously.

It'd be reasonable to see this as a waymark on a roadmap.

Which is why it makes little sense to users. Why it is counterintuitive in that it will drive people away instead of draw them to the product. And why it is being rammed out into the market regardless.

What's the waymark after this?


I would prefer if they get a simple search-in-local-text-files right first. That doesn't even need "AI", just some plain old 1970s-style coding.


I think I'll stay on Linux and let Windows users be the guinea pig for this particular experiment.


I wonder what kinda data they will get cause most people who code and do heavy stuff I think are on mac/Linux so I wonder how good the data they gather be you know? Mostly moms and dads using their computers wrong this is what I imagine my head is the data they gather, like maybe 50-60% of it lol and heavy users with good data are nowhere to be found


"moms and dads using their computers wrong"

What the hell is the "wrong" way to use a computer? Emails, social media and doing your banking?

And why attack "moms and dads"? Speaking as a grandfather, I find it insulting, having used and programmed computers since the 1970s.


> What the hell is the "wrong" way to use a computer?

Searching for your bank's website rather than bookmarking it, and entering your credentials into the phishing site that's the top result.

Installing Anydesk or something for the "nice gentleman who called me from Microsoft to tell me my warranty had expired and he needed gift cards to pay for it."

Those are the two most obvious ones I can think of. There's a multi-billion dollar "industry" separating especially older people from their money using computers.

Frankly if you've even been around computers for 50+ years and haven't encountered the many and varied ridiculous ways people can use them "wrong," I have to wonder whether you've ever had to deal with regular people using them in the real world at all.


Searching for your bank's website rather than bookmarking it, and entering your credentials into the phishing site that's the top result.

This isn’t wrong so much as a damning indictment of the tech industry’s inability to fix core issues despite having more money that god herself


Eh, I'm a pretty advanced user by any mean, and I still search for my banks website a non-trivial amount of time. I have a bookmark, but it's honestly just as fast to do it that way


Is not wrong because it is slower. It is wrong because it is a security problem. A typo in your search or a phisher who managed to SEO their results above the genuine one, and you end up on a malicious site identical except for a hard to spot detail in the URL. You enter your username and password, and probably even helpfully do the 2FA dance for them to let them drain your account.


If you set a bookmark, typing the bank's name into the browser bar should pull the bookmark up first.


A lot of those moms and dads are software engineers, data scientists etc.


Almost every millionaire and billionaire you've ever heard about is a parent.

Don't take so much joy out of the fact that youre currently the only member of your thousands of years old generic lineage that hasn't procreated.


"Holy grail of computer usage". Really...?


One of the most popular features ever used on every computer is the Undo button.

One of the most common questions every computer user has at any given moment is some variant of "What/Where was it?".

I agree it's a holy grail, but it's also a road paved with good intentions.


Recall isn't an undo button. It's just screenshots lol.


I'm somewhat with the parent on this. Getting this right will probably take a long time but can eventually bring us something like J.A.R.V.I.S, whereby an AI agent can reason about all activities you've performed on the computer in the past and give you advice or perform full tasks for you based on that. We can argue whether we want to give the AI that level of trust, but I'm very interested in the potential.


Snake oil salesman says: "Snakes Are Scary!"

Computers are the holy Grail of computers. Stop playing with fire. The tool is already here.


No. The holy grail of computing would be taking an instant snapshot as you do with emulators/vm's from anywhere, allowing you to rollback anytime, restoring the CPU and memory settings in the spot. With incremental snapshots, 'branches' and so on, switching back and forth seamlessly as you would do with save states under an emulator.

And with 'no time', with a delay of less than 5-10 seconds on creating/restoring a snapshot.

On search, as they stated, Recoll did it fine over 20 years.


Microsoft will probably encrypt that db or something to try to convince people it’s safe.


Doesn’t Windows already have a data store that’s encrypted with a key that doesn’t exist in RAM unless you’re logged on? And some kind of isolation of sensitive processes in a VM?

Malware can probably read most of the user’s data in RAM, but if OS components keep getting more isolated from each other, maybe that can be secure enough.


The Data Protection API makes this quite easy from a programming standpoint (it also makes relocating keys to another machine hard, but in this case this should count as another upside): https://en.wikipedia.org/wiki/Data_Protection_API


Please explain to me why an OS level signed and encrypted database isn’t secure


Why is a padlock with the key stuck right into it secure? The encrypted data and the decryption key is on the same physical device.

Sure, memory isolation techniques may serve as a deterrent with extreme care. But if Microsoft increases the attack surface by sloppily integrating that feature everywhere in Windows, the yet-to-be-implemented-if-at-all encryption is going to be ineffective. And that’s going to happen more likely than not.


Maybe the learning and inference can happen in a VM and the apps can only have access to a query API. (Take the equivalents if it's not all ML.)


That's exactly the kind of thing I was referring to when I wrote "memory isolation techniques." Even if you gate access with an API, you can still retrieve data from it and that's the problem.

Also, it should be clear by now that government agencies are going to demand access to this data once this becomes widespread. VMs aren't going to protect against further assault on our civil liberties.


How does that work? Can authorities compell Microsoft to surreptitiously have only my computer randomly unencrypt and submit stuff? If so, couldn't the authorities just tell MS to activate a tool like recall anyway?



Also, Windows Store apps seem to have an identity and limited permissions, so you can probably have some kind of smartphone OS-like isolation.


The same reason banks get occasionally robbed, despite all security cameras, delayed openings, biometrics, armed security, and everything else put in place.

When there is a will, there is eventually a way, for anyone with enough resources.


Researchers on Twitter are saying that it’s just a plaintext SQLite.


Because it needs to be decrypted at some point?


People made it, people will break it

Please explain to me how anything achieved infallible nature. Consider the natural vacuum is space.


When has windows ever been a safe or secure OS environment? Seems to me, many an exploit has been installed by the user while trying to get device drivers working


Further infantilization of the user, further resource requirements, enormous privacy concerns, and proprietary technology. It all seems bad to me.


I strongly feel that the "this is the holy grail of computer feature" take is tech-industry mindbubble. This line in the article hits very hard:

> A lot of Windows users just want their PCs so they can play games, watch porn, and live their lives as human beings who make mistakes

The vast, VAST majority of Windows users don't care about a feature like this. You might say "if we'd ask people what they'd wanted they'd have said a faster horse", but we've seen this play out time and time again since ~2014 where the tech industry believes some thing is going to be Next Big Huge, it doesn't stick, and Microsoft Office continues to make fifty billion dollars a year because, it turns out, we kinda solved PCs in the 90s and 78% of what We The Tech Industry has invented since then has a market 5% the size the hype would lead you to believe. Metaverse, VR, AR, Crypto, Decentralized Finance, AI, Voice assistants, tablets (what's a computer?), quantum computing, IoT (all consumers love our toasters connected to the internet, this is undeniable and people pay extra for this /s).

Sometimes people just want a faster horse; which in this case means "filesystem search that actually works". The techbro response to that is "well, you can have both" but there's fucking actually zero evidence of this, period, neither Microsoft nor Apple have demonstrated the capability to get the basics of their operating systems right anymore, We Their Customers should have zero faith in their ability to even get this right, as articles like this demonstrate.

> I used Microsoft Defender for Endpoint — which detected the off the shelve infostealer — but by the time the automated remediation kicked in (which took over ten minutes) my Recall data was already long gone.

This isn't a Microsoft problem; well, obviously it is, but its really an industry problem. Sorry for waxing abstractly here, but we've literally actually forgotten how to build software [1]. The smart & dedicated people have either left the industry or have been marginalized by MBAs, and the kids are rewriting the Windows Start menu in javascript [2].

[1] https://www.youtube.com/watch?v=ZSRHeXYDLko

[2] https://x.com/Zeko369/status/1791141890106290670


Recall needs to ship as a completely separate application. In fact Microsoft should also charge a nominal fee for it so no one accidentally installs it.

Still this is the worst spyware ever made. Have a telehealth appointment, lawyer conference, loan application, now Recall will store all that like it or not.

This made me decide to go with a non Snapdragon Laptop since I want nothing to do with this. Gonna dual boot with Fedora ( sorry Debain, but it looks like Stable is a bit behind what I need hardware support wise).

Microsoft is making a serious argument for going full Linux + maybe a PS5 for competitive gaming ( since anti cheat is Windows only by design).


Oddly enough I game on windows, and have been considering your last sentence, though I'm mostly waiting out Arm Linux for battery life considerationz.


I also use Windows for music.

I really really don't want to switch to OSX here since a 4TB drive is literally a 1200$ upgrade for Macs. Compared to 200$ when you can upgrade it yourself.

Music production isn't great on Linux.


There are always external drives with macbooks. I guess neither system is perfect.


> sorry Debain, but it looks like Stable is a bit behind what I need hardware support wise

bookworm-backports has kernel 6.6, which is the very latest LTS series. Is this not new enough?


I don't understand how to install backports.

I'm generally not a hardcore Linux person. Fedora seems to be more up to date out of the box.


https://backports.debian.org/Instructions/

  echo deb http://deb.debian.org/debian bookworm-backports main | sudo tee -a /etc/apt/sources.list.d/backports.list
  sudo apt-get update
  sudo apt-get install -t bookworm-backports linux-image-amd64
Season to taste, of course.

(and backports currently has kernel 6.7, not 6.6)


This is why I love Hacker news, you actually provided a solution to the problem. I'm probably going to think a bit on this, how about just using Debain Testing?


Probably not the best option for people unfamiliar with the Debian ecosystem. Debian testing is mostly fine (I've run it on my desktop for more than ten years), but apt WILL occasionally choose the wrong solution in the midst of mass package migrations and it requires vigilance from the user not to accept package upgrades/removals that could render parts of the system unusable.

There's about a year left in the Trixie development cycle so some mass migrations might still happen. If you choose to run testing anyway, make sure that all entries in sources.list refer explicitly to trixie and not testing -- because once trixie is released, testing will automatically point to the next Debian release and you'll get all the joys of the package transitions and mass migrations for trixie+1.

As they say, the greatest thing about Debian testing is that when it breaks you get to keep all the pieces.


Maybe I'll try this in a VM, ultimately I just want my OS to work, but I also run pretty new hardware so my options are somewhat limited.


> (and backports currently has kernel 6.7, not 6.6)

It does, but it also has 6.6. I don't recommend installing 6.7, which is EOL and out of support upstream.


2017: People are willingly buying a spy device to put into their homes.

2024: People are willingly activating a key logger.


2017: People are forced to swallow spy devices in order to continue to interact with their work/life communities

2024: People are forced to swallow keyloggers in order to continue to use their desktop PCs.

Most don't know what they're agreeing to, because most people don't have the time to be experts in tech despite it affecting every factor of their lives, much in the same way that tech people don't have the time to be be farming and agriculture experts in their free time despite it affecting every factor of their lives.


>Most don't know what they're agreeing to, because most people don't have the time to be experts in tech

I used to think this maybe 20 years ago, but I think it's about time we shift gears to the realization that the reality is people don't care about tech privacy and security.

We have to remember: The internet as most people know it (the World Wide Web) is 33 years old, personal computing is even older. The 30- and 40-years olds literally grew up with all this. The 10- and 20-years olds are living all this from the moment they were born. Even legislation like GDPR came into force. The result is still nobody cares.

Lack of awareness isn't a problem anymore. Everyone knows, nobody cares.

<Insert "Am I out of touch? No, it's the people who are wrong." The Simpsons meme here.>


That's a vast oversimplification. Try flipping it to anything outside your personal scope of skills and knowledge to see how wrong this position is.

Example: tap water quality (assuming you live where tap water is safe to drink). Do you know how it works? What steps are being taken? Could you fix that yourself for your house if things break down? And yet, you probably care.

Another example: car safety features. Could you add a crumple zone to an 80s car? A cage construction? Yet you probably care that any car you're in has those properly engineered and no part of your body will be crumpled in case of a collision.


> Lack of awareness isn't a problem anymore. Everyone knows, nobody cares.

I strongly doubt that based on what I've seen. People install random apps on their phone just because they wanted to crop a picture and frame it or trim a video and compress it is because they ultimately think that nothing will happen to them. Like you don't expect your fridge to blow just because you open the door.

Another issue is that people are trustful. They trust their government to have laws for that. And even if a few accidents happen, they shrug because for them, the system generally works. And they don't care, just like you don't care a business having security cameras while you're shopping. Because you trust they will be sensible with the recording.

Tech privacy and security is nebulous for people and we have hordes of companies marketing that it does not really matter and the government not doing anything. And most people don't feel the impact. Getting them to understand is hard. Because they think that when they click delete, it's gone. Or if they've not posted, only they have the only copy.


I question the usage of the word "willingly". People aren't really aware of the consequences of their actions.

The people of Troy didn't "willingly" bring in a huge wooden horse full of enemy soldiers. They "unknowingly" brought in a horse full of enemy soldiers.


I actually think that was 2023 with Rewind. At least with Rewind you’ve gotta download the app yourself and run it. The in-progress OOBE setup for Recall does not even have an opt-out. Instead, it offers to open the settings panel after you’re done with setup, rather than just giving you an off switch: https://x.com/tomwarren/status/1796681578984182066


2600 BCE: People are willingly writing their thoughts and experiences on papyrus


2600 AD: People are willingly writing their thoughts and experiences on papyrus


Right, and having your own kinda stopped being a thing right then and there. We had Ted Kaczynski I suppose but we didn't quite understand what he was on about.

Crass - Where Next Columbus? (1981)

https://www.youtube.com/watch?v=U8lZUxHX8e8


That was very well written and reasonable, neither minimizing the risks nor succumbing to hysteria.

The idea behind Recall, universal, machine-assisted search, is a good one but it's embarrassingly clear that in terms of implementation, this ain't it, chief. Microsoft should do what Google has done with Sky -- withdraw the product, take the hit, and hope that something can be salvaged from this debacle, both in terms of an improved product, and better company-wide testing and rollout practices.


I think the idea is a good one, I just have zero trust in Microsoft to have my interests in mind so it becomes a question of when, not if, it becomes abused, if not by them then some bad actor.


This is poorly written and completely nonsensical.

Also a clickbait: nobody is stealing anything.

If you get malware or you have other admins on your computer, they can already record anything you do at their will.

The data is NOT uploaded to M$.

The whole fuss is stupid and I am impressed 90% comments here seem to think otherwise.


If you get malware, these malware will only begin to record things once they are installed. They do not automatically get years of computer use history. Until Recall.

It seems like you live in the same kind of detached echo chambers as the people at Microsoft who approved this feature. No wonder you find this nonsensical. I bet the product managers responsible for this also find this article nonsensical.


Right, the malware will only able to get all the documents you wrote during the years of using the computer, all the emails you ever got or sent, all your chat conversations, your bank account details, photos and videos you made, complete browsing history, access to your work account(s).

Of course it is critical that it does not also know what porn you watched in incognito, or what you had in snapchat messages.

Wait, scratch the snapchat. I don't think they have desktop client.


You ignore this basic computer operation called delete


Majority of people only ever delete bad shots from a set of N identical photos or random stuff by accident or because they run out of space.


Why do you think it makes sense to only care about the majority?

Also, majority is using voice/video calls which aren't stored anywhere


Do I? How did you come to this conclusion?

If majority wants to use Ctrl+C to copy, and the rest want to use Alt+M or don't care either way, then the most sensible thing to do is have Ctrl+C copy by default, and make a setting for the rest, which is exactly what is done here.


Because you reference the behavior of the majority as a counter-argument.

So if 40% of people use delete for more than a dupe photo and thus would benefit from this even if they were hacked (vs Recall), how does the fact that the majority doesn't do that counter the benefit for this non-majority group? If you only care about the majority, this makes sense


Your reply reads like you completely ignored the previous comment, because it basically answers all questions/addresses points you posed in this one.


Your analogy is wrong in both characterizing the problem and offering a solution:

1. The majority doesn't want this just because they fail to protect their data properly

2. Defaults matter and having an option doesn't imply perfect awareness/disabling by that non-majority group

So at most you've somewhat reduced the affected group while still not addressing the original issue why you think it's ok to ignore the non-majority (It also doesn't address the video calls)

So no, your comment answered none of my points


1 basically contradicts the whole premise from 6 or so levels above that for majority this does not present any additional risks to their data, because they never delete it anyway.

2 addressed above

"ignoring" non-majirity addressed in Ctrl+C comment.


1. was about a different flaw in your argument, not 6 above. That one is also wrong, see X levels above re video calls which you don't need to explicitly delete for them to disappear from malware's view without Recall

2 addresses above, including Ctrl+C, so you need something new to address it


There are a number of things that do disappear. But when you put them in the line next to bank credentials, private pictures, passwords, and private documents, they pale in comparison.

Re: awareness. Are you saying the only MS problem is they are not marketing capabilities enough? Assuming the video calls point is addressed, your whole "feature is extremely bad" argument is that it is on by default, and one has to know to do something to turn it off if they don't want it?


What's this Google Sky that was withdrawn?


Sorry, my flub, I meant OpenAI's Sky of course!


> In practice, that audience’s needs are a very small (tiny, in fact) portion of Windows userbase — and frankly talking about screenshotting the things people in the real world, not executive world, is basically like punching customers in the face. The echo chamber effect inside Microsoft is real here, and oh boy… just oh boy. It’s a rare misfire, I think.

> I think it’s an interesting entirely, really optional feature with a niche initial user base that would require incredibly careful communication, cybersecurity, engineering and implementation. Copilot+ Recall doesn’t have these. The work hasn’t been done properly to package it together, clearly.

Definitely needed some copy editing however.


>Q. Are Microsoft a big, evil company?

>A. No, that’s insanely reductive. They’re super smart people, and sometimes super smart people make mistakes. What matters is what they do with knowledge of mistakes.

Never attribute to malice that which can be adequately explained by neglect, ignorance or incompetence.

But

>Q. Did Microsoft mislead the BBC about the security of Copilot

>A. Yes.

>Q. Have Microsoft mislead customers about the security of Copilot?

>A. Yes. For example, they describe it as an optional experience — but it is enabled by default and people can optionally disable it. That’s wordsmithing.

Maybe at some point we should reconsider.


Recall can't be disabled during the Windows setup. It has to be disabled manually in Windows settings.

https://x.com/tomwarren/status/1796681578984182066


Eventually they can just re-enable it as part of an "important update". They can even stop you from being able to disable it entirely. If you're using Windows, it's not really your computer. At least you aren't the administrator of that device. Microsoft can access any file, install any software, change any setting, or remove any access at any time for any reason with no notice or indication to you that it happened. They can even shutdown your computer. Any device which works like that is not one that's under your control.

Every internet connected windows computer is insecure by design and cannot be trusted to protect your privacy or security.


> Microsoft can access any file, install any software, change any setting, or remove any access at any time for any reason with no notice or indication to you that it happened. They can even just shutdown your device. Any device which works like that is not one under your control.

Having this power is inherent in making the OS. Whoever is the vendor of your particular Linux distribution has the same powers, it is just that you trust them not to use them (or, in a very small theoretical minority of cases, you’ve audited the code and binaries yourself).

So yes, you shouldn’t use an OS from a vendor you don’t trust, I agree completely.

I don’t understand why people are acting like this is earth shattering news though, this has always been the case since people started using software they didn’t write themselves.


> Having this power is inherent in making the OS.

No, it really isn't. For decades I owned computers with operating systems which didn't have that capability. Once installed and configured, the OS was consistent and (reasonably) stable. Someone would literally have to break into my house or office to modify my settings or install software against my wishes.

Even after I started connecting my devices to the internet the OS itself had no ability to do these things and couldn't gain that ability unless I explicitly chose to install updates that enabled that behavior. That's entirely different from the situation today where MS forces updates and restarts, installs unwanted software on our computers, and has files and folders that we (even using administrator accounts) don't have access to.

Linux too is very different. Linux is transparent about what it does, adds, or changes. You have the power to choose which updates to apply or not. You have the power to modify any part of your OS so that it does what you want. I can't speak to all distros out there, but I've never seen a linux system force a restart in the middle of the day, or reinstall applications users removed without notice. Can't say the same for Windows. Unlike Windows, linux typically respects its users and their wishes.

You really don't have to write your own software in order to have software that respects you and leaves you in control of your own devices. It's kind of crazy that you'd think there could be no other way.


> I can't speak to all distros out there, but I've never seen a linux system force a restart in the middle of the day.

My point is that there isn’t a technical reason that prevents Linus distros, or any other OS, from restarting your computer whenever it feels like it.

By definition the OS has control of the hardware and software and thus whoever writes the OS inherits that control.

I completely agree that there are good reasons to not trust Microsoft and people who don’t should not be using Windows.

I just dislike the framing of this issue as a recent development rather than an inherent problem of running software you didn’t write.


> My point is that there isn’t a technical reason that prevents Linus distros, or any other OS, from restarting your computer whenever it feels like it.

Go install MS-DOS 6.22 on a computer. You can leave that system up and wait your whole life and you'll never see it suddenly restart your computer without asking. The technical reason why it can't is because there is no code in that OS designed to check for and accept an order from someone at Microsoft to restart your machine without asking. It doesn't exist. You could choose to find or write and then install new software that gives that OS the capability to do it, but that capability just isn't there otherwise.

There's no rule that an OS has to include code to violate the rights and will of the people who install it on their devices. That's a choice that MS made. Far too many people have accepted that behavior from them so they keep pushing and pushing with new and increasingly user-hostile code and behavior but none of that is inevitable or unavoidable. That is what's a very recent development. For a very very long time no operating system would have dared to violate their users that way. None of them did.

Yes, at a certain level you have to be able to place some level your trust in your OS. Especially one with internet access. MS has shown themselves to be entirely untrustworthy, but they could still change all of that. They could strip out every line of code that allows them to remotely access your system without your explicit permission. They could be 100% transparent about what their updates will do to your computer if they are installed and they could give you the ability to not install any update you didn't like and revert to any previous state. They could give you full access to every file and directory and process and give you the ability to control every aspect of their OS. They could vow to never modify a setting after you've changed it. They just choose not to do those things, because they don't care about you or your privacy or your wishes, or your rights. As long as people continue to use windows, Microsoft stands to make a lot of money by ignoring those things.


Right. There is no technical reason why the OS vendor couldn’t attack you in the past, but software industry norms have changed over the years. What has changed is trust.

Today, you have to consider commercial OS vendors (and third party application developers) to be remote attackers in your threat model. More and more, they write their software to serve themselves rather than their users, and to make computers do what they want them to do, not what the users want them to do. This was not the case decades ago, even if the technical ability was there all along.


> More and more, they write their software to serve themselves rather than their users

Well said! I really miss when our products served us but I can't think of a recent purchase of anything internet capable that wasn't designed to work for someone else (and against me no less). I don't see "never own an internet capable product again" as a viable option here, and I'm not sure what else we can do to protest this besides push for government intervention. In the meantime, I try to firewall off whatever I can.


> My point is that there isn’t a technical reason that prevents Linus distros, or any other OS, from restarting your computer whenever it feels like it.

Wrong, the point of the operating system is to manage local state, hardware, etc.

The point of viruses, malware, and spyware is to exfiltrate data and control from a set of systems. This is getting to the point where Windows itself is a worse virus than just downloading the random shady program from the internet, with all anti-virus turned off...

And the technical distinction? You can turn off everything in linux, you can make it so the computer cannot update itself. The Operating System is unable to change itself in this configuration, the only way around this is for you to choose to update it.

This cannot be done with Windows, not without resorting to technical tricks that look at lot like what malware and viruses have to do. This a is pretty, and important technical distinction:

Operating Systems don't have built-in backdoors that you cannot turn off by design.

Malware and botnets, have built-in backdoors that you cannot turn off by design.


> Wrong, the point of the operating system is to manage local state, hardware, etc.

Yes, and to manage local state and hardware it needs to be able to control the hardware and other software.

You can build an OS that doesn’t take advantage of those capabilities but you can’t build an OS that doesn’t have them. Hence why the key is trusting your OS vendor.

> And the technical distinction? You can turn off everything in linux, you can make it so the computer cannot update itself. The Operating System is unable to change itself in this configuration, the only way around this is for you to choose to update it.

Sure you can do all that but what you can’t do is make it so your Linux based OS can’t control your hardware and software. At the end of the day, the key is still trust, either in your vendor or in your own audit.

You have presented a great many reasons why Linux is more trustworthy than Windows to many people but you cannot get around the problem of having to trust someone.


> but you cannot get around the problem of having to trust someone.

You still don't get it...

At the end of the day, I don't have to trust anyone with an OS that I fully control, with hardware that I fully control, because I can verify every bit of hardware, every bit of software, even stop the kernel from doing things if I want to (yes its possible, technically).

Sure, I can place some temporary trust in some components, but it doesn't matter really, because I can always swap/disable/remove audit/reaudit any component. You can choose to trust, as much or as little as you want. I don't have to use the kernel at all if I don't want to, I could swap in another one and still be good to go (more or less).

This is different from the case here, where by default, not of my choosing, actively and persistently nearly every aspect of a Windows computer is obfuscated, un-auditable, actively and without consent doing things that are not operating system things but spyware, bloatware, crapware, or just straight up malware. You can wave your hands around as much as you like waffling about "trusting someone" but there is a big big difference between someone acting reasonably, and choosing to allow them into your home, and "trusting" someone with a knife to your back not to shiv you.

One is reasonable, a choice, and low risk, the other is clearly none of those things. You don't have to "trust" low risk situations, they are just low risk, no trust involved.


There's still a big difference between "a surreptitious hack is technically possible with future development and getting you to accept a bad patch" versus "the company is actively using sketchy powers and trying to make them constant and socially normalized."

In one case, someone discovering sketchy secret backdoor code causes a huge flap and damage to the company's brand and stock price etc.

In the other, some corporate drone bafflegabs about it enabling superior customer satisfaction synergies, while pointing to a tiny clause in an enormous contract of adhesion to claim everybody knowingly agreed to it.


I don't think msft will give you the code for windows to review it if you ask nicely, unlike linux where it's already available.

if you're paranoid about the distribution of your pre-built distro you can compile everything by hand and some do that for fun.

so putting them on the same pedestal is weird mind gymnastics.


Yes, if you compile your own binaries, audit the source code, and for good measure audit your compiler and the system you are using to compile it, then there is a meaningful difference*.

Since 99% of users don’t actually do any of that, then in practice there isn’t actually a difference.

* I am aware that there are shades of grey between the scenario I describe and proprietary software - I am just being hyperbolic for rhetorical reasons.


> Since 99% of users don’t actually do any of that, then in practice there isn’t actually a difference.

I understand the hyperbole, but in practice we have strong evidence that MS is willing to intentionally use their OS against you, while we don't for your typical linux OS. That really means a lot.

When linux distros disrespect their users even a little (see for example https://www.pcworld.com/article/436097/ubuntus-unity-8-deskt...) users really don't put up with it and they can switch to another distro with very very little effort/change and even have the ability to modify the source and fork the OS. That helps to keep people a little more honest.

The backdoored compiler problem is a bit harder. We can write our own, but it's turtles all the way down. Increasingly we also have to put a lot of trust in our hardware. There are only a small number of companies making CPUs and wireless chips. I imagine they're under enormous pressure from governments to compromise the privacy and security of the people using that hardware and we have less trust in our own devices the more we have "trusted computing" forced on us.


Trust is earned.

Your partner always has the capability to screw you over, cheat on you, embezzle from the shared account, whatever.

Linux is like a nerdy guy who stays at home, plays with Warhammer figures and cooks you dinner.

Windows is an OnlyFans model who goes on vacations for weeks at a time and ignores your calls.


Yes. This is why they renamed "My Computer" to "This PC".

It's finally here. It's been fun, I love windows but this is the end IMO.


I know how you feel. I was a fan of DOS, Win89SE, Windows 2000 Pro, and Windows 7 Pro (until 7's updates started including Win10's invasive telemetry). The good news is that alternatives are better than ever and the few windows applications I still use can run using wine (or worst case a VM)


Yeah this is my problem with windows. I’ll delete or disable things that were added to my machine only to have windows update restart my computer and those things show up again. I’m using a legit copy of Windows 11 Pro and it’s absurd that I’ve had to delete or disable random shit like social media apps multiple times.


Windows victims (self included) are used to this. Setup takes an hour, configuring settings takes a week


When Steve Jobs said Microsoft had "no taste" to Bill Gates during an interview, I think one aspect of that is that Jobs had high EQ as well as high IQ. Jobs understood how people felt about products. Microsoft doesn't. When I worked at Microsoft I don't remember any conversations about how people would feel about a feature. That was awhile ago, but it looks like nothing has changed.


I think it's beyond the point when M$ makes "IQ choices" that are invasive. It's not a feeling, it's borderline rights violation, if not explicitly waived by EULA.


> I think one aspect of that is that Jobs had high EQ as well as high IQ.

Doubt. Jobs was a deadbeat dad for many years, refused to acknowledge his daughter or even admit that he named a computer after her, treated employees and cofounders like crap, etc. I think Jobs had a very low EQ, perhaps even a sociopath. He was just lucky, shrewd, and ruthless. Accounts of his last days indicate that even he regretted his behavior.


I was speaking to what Steve Jobs had that made him successful, not to his messy behvior and personal life. A lot of great artists were borderline or full on terrible people. We still appreciate their art.


Even professionally he doesn't seem "high EQ" to me. Often taking undeserved credit and shoving coworkers under buses when it was unnecessary, just for his own greed and ego. He may have even been emotionally manipulative.

> A lot of great artists were borderline or full on terrible people. We still appreciate their art.

Speak for yourself. Whenever I learn that an artist is a monster, I think appreciate their work much less. Thankfully much of Apple's success is due to the work of hundreds and thousands of others, not solely this "great man" whose worshipped among the faithful.


Steve Jobs led teams to innovate in several industries, such as computing, music distribution, film making, mobile computing etc... I don't worship him or Elon Musk but I recognize their talents. To do less would be to deprive myself of learning from their good qualities. I would like to emulate those. Of course I would trust myself to implement them in a better way that doesn't hurt other people.


What do you think made a wealthy person be a 'deadbeat dad' and not want to acknowledge the child?

Wondering you can imagine a scenario you'd be ok with.

I for one know of a guy that was told by his gf she was on birth control. Turns out she purposely wasn't so that that she could have a baby with him. This isn't someone's guess. This was told to my sister by her best friend.


Even if my GF lied and got pregnant then I wouldn't string her and the kid along for years, and put off a paternity test until just before I strike it filthy rich.


Not everyone is as accepting of fraud as you.

That is still not the same thing as a deadbeat dad, which is someone that knowingly created a child and then abandoned it.


I like how the people that downvote don't even reply. Apparently no matter what a woman does, what she lies about, what kind of fraud she commits, you must line up and be an accepting father due to her criminal acts.


> The overwhelmingly negative reaction has probably taken Microsoft leadership by surprise. For almost everybody else, it won’t have.

I sometimes (always) wonder which planet Microsoft leadership live on - it's certainly not the real world that you and I live on.


Meanwhile, features like "secure" boot will stop you from patching this spyware out when it inevitably becomes impossible to disable completely via ordinary means, and even if you manage to find an exploit to "jailbreak" through, remote attestation will ostracise your machine from all the services that will eventually use the "telemetry" gathered to grant or deny you access based on how "human" you are.


To anyone who thinks this sounds far fetched, check back in a couple of years. I can only think of one alternative future, in which things are not headed in this generally Orwellian direction, and the alternative may be even worse (complete or nearly-complete social collapse)


In a system where everyone breaks the law (because there are so many) and everyone is spied on (so you can prove anyone did some sort of “ crime”) you can now coerce anyone you like if you get to make the decision of who to charge (like governments do) which is useful for silencing descent or opposition.


I'm trying to square the claims in this article with what Microsoft says.

Article: "This database file has a record of everything you’ve ever viewed on your PC in plain text"

Microsoft: "Snapshots are encrypted by Device Encryption or BitLocker, which are enabled by default on Windows 11."

https://support.microsoft.com/en-us/windows/privacy-and-cont...

The article is a little bit hand-wavy about how exactly the database comes to be decrypted and remotely exfiltrated. The headline says it takes "two lines of code" but unless I'm missing it, I don't see those lines discussed in the article.


The database is not encrypted while the system is running. Microsoft's claim that it's encrypted is due to the machine being encrypted at rest with Bitlocker.

The databases are plain-text sqlite files within the current user's %appdata% folder.

So, literally anything that can grab those files and put them somewhere else can qualify as exfiltration. Any backup product worth its salt would be covering these databases.


BitLocker encrypts the hard drive contents at rest, but while the system is booted, the drive is transparently decrypted. So what Microsoft says is technically true, but doesn't necessarily present any kind of barrier to the database being exfiltrated by malware. It only protects against somebody stealing your hard drive.


Well bitlocker (ie device encryption) is only protecting you from offline attacks, ie when someone pulls your hard drive to examine it. Code running on the machine itself wouldn't be affected by it.


From the article:

  Q. Have you exfiltrated your own Recall database?
  A. Yes. I have automated exfiltration, and made a website where you can upload a database and instantly search it.

  I am deliberately holding back technical details until Microsoft ship the feature as I want to give them time to do something. I actually have a whole bunch of things to show and think the wider cyber community will have so much fun with this when generally available.. but I also think that’s really sad, as real world harm will ensue.


1. It is encrypted at rest, once you login its decrypted with the rest of the stuff running+on your drive. All this stops is someone with physical access and that's it.

2. The article says that they are not releasing PoC (my words not theirs) because this feature isn't out, and they want to give M$ a chance to fix it:

> I am deliberately holding back technical details until Microsoft ship the feature as I want to give them time to do something.


The real harm in Recall and I so much wish there was an authority who stepped in and slapped Microsoft into next week because of it: abusive relationships. Now your abuser can see everything you've done on your computer so if you try to get out your situation will worsen and also because of this you might not dare to seek help on said computer.


Threads on similar "apps":

"Show HN: Rem: Remember Everything (open source)", 196 comments, https://news.ycombinator.com/item?id=38787892

"I made an open source Windows app to rewind and search everything on screen", 166 comments, https://news.ycombinator.com/item?id=40105371

"Rewind: The Search Engine for Your Life", 92 comments, https://news.ycombinator.com/item?id=33421751


I thought this concept sounded familiar. I remember Rem being relatively well-received.

I guess people trust Microsoft a lot less.


Those third party apps are not enabled by default, won't modify their functionality without your permission, and two of the three are open source.

And for me it's not so much that I trust Microsoft less than any other company. It's that using their services require so much trust, yet they give so little trust in return.


It’s just a matter of time until they introduce an InTune feature to enforce this setting and send AI-written summaries of all employee behaviour to management.

https://x.com/AlexBlechman/status/1457842724128833538?lang=e...


I am trying not to be reactionary but I swear, my usual response to the announcement of a new Windows feature is often "... and how do I turn that off?"

Still, sqlite ... tempting. Sometimes, if I am missing something I read months or even years ago, the right query to the sqlite files Firefox keeps can give good results.


I had to make it through 3/4 of the article before realizing that "Copilot+" is not, in fact, Copilot, or an enhanced version of it, but a line of computers. The marketing department also has some work to do.


Am I missing something or is this as big of a disaster as I think? This is terrible news right?


Sort of but AI PCs are going to be more expensive than normal PCs so most users won't and will continue to not have a PC that does this. Pushing it out to existing machines would be a very different tier of problem.


If it works like any other electronics product I've bought in the last ten years, the "AI" version will soon be cheaper thanks to subsidies from advertisers, while the "normal PC" will be twice as expensive and the domain of tinkerers and cranks.


I just want to buy a screen guys.


I wonder if MS will then just make it a online processing version, so it just ships all your data "for free!!!!" to MS servers and then processed remotely for you!

I also wonder how "knowledge transfer" will happen when you get a new machine in the future? What about backups, do they sit in the cloud already? These all sounds like ways that this "local" AI PC will share data with the MS cloud in one form or another. With Apple doing similar things already on iPhones (I know there are differences, but its still analyzing your data etc), I wonder if Linux might actually become a more mainstream OS in the future.

Could also be that people stop using computers as much and just use tablets with docking stations + keyboard & monitors (again, there is work to be done, but its a possibility from a HW level). That would leave us with MacOS & Windows for business desktops (with some Chromebook & Linux sprinkled in there). Education would probably be more Tablet & Chromebook style compute, and gaming is already moving to the cloud (I guess the positive here is that we might finally be able to get rid of AntiCheat software:) ).


> I wonder if MS will then just make it a online processing version, so it just ships all your data "for free!!!!" to MS servers and then processed remotely for you!

> I also wonder how "knowledge transfer" will happen when you get a new machine in the future? What about backups, do they sit in the cloud already?

Honestly, I guess this will become very expensive for Microsoft, and they won't find a good business case what to do with the collected data. So Microsoft is wasting a huge load of money, and additionally their AI spyware causes a huge reputation damage for Microsoft: a lose-lose situation. :-(


> they won't find a good business case what to do with the collected data.

ads.

they've been clear about windows becoming more ads oriented.

guess they are testing the water to try and get a competitive edge over google in a few years with this new data trove.


Other use cases for on-device NPU silicon have been demonstrated, e.g. radio sensing of room geometry and human motion, breathing, gestures.


Thanks for the clarification of other kinds of spying that this enables.

Nevetheless I still have difficulties seeing how this is supposed to make money for Microsoft.


> how this is supposed to make money

No idea about this specific feature, but billions are being spent to train models in the cloud (including Azure), with the expectation that some models will be used for on-device inference. It remains to be seen whether those investments will return dividends. In the meantime, cloud and GPU vendors are making money on model training.


This seems likely to me.

Considering the global market share of Windows, there would be a need to roll out such a grandiose service slowly, too.


> AI PCs are going to be more expensive than normal PCs

The Qualcomm Oryon SoC is about half the price of an Intel CPU.


Currently an Inspiron 7440 (non-Copilot+) starts at $849 and an Inspiron 7441 (with Copilot+) starts at $1,099. That's a $250 premium to get an "AI PC".


12-core Oryon dev kit with 32GB RAM is $899, https://www.windowscentral.com/software-apps/windows-11/qual...

It's a brand new device family. OEM price competition should improve as more devices ship in Aug/Sep.

Oryon should run Linux with good performance-per-watt. Hopefully the NPU can be disabled to save energy.


The part where you are pointing out a dev kit and about how well it runs Linux is really just admitting you don't understand the conversation we are having here.

Most users buy a cheap HP from Costco for $300. Businesses will buy the same standard line OptiPlex they bought last year. Very, very few people will magically end up with Windows Recall who didn't intend to.


> how well it runs Linux

i.e. PC hardware for AI inference will not be limited to Windows.

> Most users buy a cheap HP from Costco for $300. Businesses will buy the same standard line OptiPlex they bought last year.

Both Intel and AMD announced upcoming chips with NPUs. Mediatek and Nvidia will likely join the Arm AI PC competition in 2025. Apple's 2024 OS updates are focused on AI features, both on-device and cloud partnership with OpenAI. Intel's Computex tagline a few weeks ago was literally "AI Everywhere".

In a few years, silicon for on-device AI inference will likely be pervasive in retail PCs, including Costco, HP and Dell Optiplex. It has been shipping in Apple Silicon Macbooks and iPads since 2020, mostly unused by software until now.


Considering how stupid/unsophisticated an avg computer user is. The worlds scammers income is going to sky rocket in the next few years as more people get new computers with built in recall.


I just assumed windows work computers were doing this already.


Work computers are like this, a bit, but typically they don't exfiltrate their own data outside their own corporate borders. That's a big deal/difference.

The other issue, the vendors tend not to leave glaring security holes in their software, both because of IT desire to maintain control of the operating environment, but also because there is intense awareness that corporate espionage is a constant, real, and ongoing threat.

It sounds like the MS folks rushed out a "feature" and wanted to pretend we all live in some utopia where nobody does anything bad, ever. Possibly all snorting coke or something...


> I just assumed windows work computers were doing this already.

In most sectors the installed corporate spyware is from a different company than Microsoft.


I have no problem with Recall if they give me granular controls on what apps it can and cannot monitor, and that I know it is stored only on my device. It not monitoring incognito isn't enough. If I'm working on a sensitive project, I don't want it looking at Word or Excel either. I don't want it looking at my remote desktop sessions, etc. That should all be able to be blocked. Until it is, I don't want it enabled. I'll still use Windows and look forward to the ARM chips, but I'm not enabling this until all of this is addressed. I can see how it could be very powerful and useful, especially for companies...but it needs controls, not just for myself, but also ones that IT itself could implement in enterprise settings.



Recall will track every you do this would be a massive invasion of privacy if Microsoft didn't already track everything you do.


I regularly get spam claiming that a hacker has compromised my device, has been filming me jerking off through my own webcam, and will send screenshots to my friends and family if I don't send them bitcoins. You know, the usual.

Once Recall is out the story will go from laughable to worrying - all they'll have to do is change their text to include instructions to open Recall (the same way old websites would open 'file:///' to show they 'knew' what's on your PC) and regular people will lose their minds (and money).

And then there's the age-old adage "if you can see it you can exfiltrate it" - it didn't work for DRM and it won't work here. Malware will steal this data.


Beyond the technology community I doubt that the loss of personal privacy is being discussed at large. Ad trackers had already made internet privacy a myth for the vast majority of the world; we now are seeing this permeate onto personal devices and subsequently to our environment with these always on, silently tracking devices - in the name of convenience.

Perfect recall, no need for memory, available at your fingertips - with T&C that completely disregards your need for personal privacy.

The challenge though is the "better" alternatives where a mix of privacy and convenience is there is not always convenient. We have and continue to be marketed convenience at the cost of privacy.

What we need is consumer data privacy to really become a societal and government concern and for devices which infringe on this to really go through the same scruity as say a drug going thru FDA approval.


> Beyond the technology community I doubt that the loss of personal privacy is being discussed at large.

Actually, people in the US are worried about privacy in the age of AI. [1]

[1] https://www.pewresearch.org/internet/2023/10/18/how-american...


Windows already had a built in keylogger with Window 10 (https://www.pcworld.com/article/423165/how-to-turn-off-windo...) but all that data was only going to Microsoft and couldn't be accessed by you or anyone with access to your device.

Law enforcement, attorneys, and three letter agencies must be extremely excited about Recall. Now they won't have to hope that MS has records of everything you've typed while using your device, because with Recall all of that evidence will be stored on the device itself.

"If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged." imagine could be found using everything a person ever types on their computer.


Ahhh, I knew it was important to keep my 20 year old SGI fuel. :P


As far as I can see based on the data already posted online, this is literally the Windows 10 Timeline feature, it even (re)uses the same API from that feature (that was deprecated just 3 months ago) and apparently shares the implementation as well (that feature also used a sqlite DB in your AppData and a subfolder with jpegs).

They just put a little AI lipstick on that old pig in the form of OCR and some image classification.

The Windows 10 Timeline feature has been around for 6 years. It is a bit surprising there is so much pushback this time around for effectively the same thing. I wonder if it's because Microsoft has been burning away people's trust through ads and dark patterns and all that bullshit, and this is the direct result of that.


Actually Timeline was a semantic store from what I understand-- it didn't store screenshots of what you were doing, instead apps that used the Microsoft Graph API could contribute information about what you were doing to be included in the Timeline.

As far as I know, nothing used it except for MS' own apps. This new solution bypasses that problem by having no requirement for apps to use the Graph API-- it will just use an AI to deduce what the tasks were, and provide a search-like conversational experience on top of the collected images.


Windows Timeline stores a list of recently opened apps and documents, not screenshots.


Seems like the Key & Peele's Computer History sketch needs an update.

https://youtu.be/s0lUbqDrFWU?si=47kGfhA-PVuctWep NSFW


Well, we've got the next 6 months to make 2024 the year of the Linux desktop...


> Hackers can't get it

Same as

> The Tesla will never crash in FSD

Same as

>out platform is hacker proof


I don't know why there's such a big controversy around this. It sounds like any other feature that stores data on your device. How do you think your iPhone shows you screen time stats? It tracks every click every tap and stores it to disk. If you don't like a feature you can turn it off. Personally it sounds interesting and I want to try it out to see if it helps me remember stuff.


I dont even need to read beyond the title for a change, its been more than 10 years now since I have used windows in a business environment (linux on my main machine, mac for my second) and there is already no way I would go back to it.

But good grief wtf. I was mostly joking when I said before MS was intentionally trying to kill windows, but is there actually any other explanation for implementing this "feature"?


I used to use Manictime[1] to achieve something similar, although, that was for time tracking purposes. But I can admit I've used it multiple times to find websites and documents that I forgotten the name of using the screenshots. But in essence, It suffers from the same flaws as Recall.

[1] https://www.manictime.com


I genuinely like Windows. I was raised on it, and have used every consumer version since 98, and have programmed on it since Windows 7. I believe that from a purely technical, systems programming, and even UI/UX perspective, it is superior to the competition—both commercial and free/libre open-source. I will be very happy to defend this statement as factually and reasonably as possible, because I also program on 'the competition OSs' at work, and every time I do so, I want to go back to a cohesive platform like VS 2022 which, for me, is unparalleled in terms of productivity.

But this sort of tone-deaf move from Microsoft is irritating me. I already dislike Windows 11's UI and UX flow because it is so reminiscent of macOS; this is why I haven't updated to it on my personal main computer yet (which is running Windows 10 Education, courtesy of my alma mater's Azure subscription). I've seen rumours that Microsoft hired a bunch of UI designers who used nothing but macOS and decided it was a good idea to port macOS UI designs to Windows. What a terrible terrible thing. UI responses that are instant even on Windows 10 now have a jelly-like lag to them on Windows 11, for no good reason. Also consider the regression of the right-click context menu, the ads and Copilot everywhere, a preference for unlabelled icons over text, amongst many others.

As another comment says, Windows Recall appears to be an AI evolution of the already-present Windows Timeline feature. The privacy outcomes of this are concerning and I really really wish we didn't have 'AI' and 'Copilot' stuffed down our throats all the time. I would like to opt-in to features I want, rather than have them all pre-enabled. Some of them are very useful, like clipboard history with Windows-Ctrl-V; some less so and are flagrant privacy violations.

I have already disabled almost every tracking, phone-home and auto-update feature possible using group policies; this is just another thing to add to my list of disabled 'help' features.

That being said, if Recall doesn't phone home—which appears to be the case here—I don't buy the argument that 'it's stealing everything you do and hackers can access it if they have physical access'. I believe that the moment a computer's physical access record is compromised, the entire computer is compromised, regardless of security theatre like disk encryption in the form of BitLocker/LUKS, Secure Boot etc. It doesn't matter whether Recall is present or not.


> if Recall doesn't phone home—which appears to be the case here—I don't buy the argument that 'it's stealing everything you do and hackers can access it if they have physical access'

The risk is not physical access, the risk is malware installed on the machine, or a security hole in some browser feature enabling malicious actors to covertly uploading the recall database to a remote server.


> It doesn't matter whether Recall is present or not

Yes it does. Consider getting some malware that is detected a few minutes later and removed. For most people there would be no harm. With recall, you would be instantly screwed.


Can't wait for the first corporate legal case where discovery requires them to present the entire history of a person's computer usage, not just their communications.

If you're capturing screen shots, then how is something like using Signal or some other encrypted service still possible?


I'm licking my lips at the possible market opportunities this will create! We will truly be able to create products to help shield folks from AI Recall and profit like crazy! It's a good time to be alive whenever we can profit!


  The idea other people with access to the device could see a photographic memory is.. very scary to a great many people on a deeply personal level. Windows is a personal experience. This shatters that belief.
How did we get here? A 20-year lifelog.

2003, https://en.wikipedia.org/wiki/DARPA_LifeLog

>The objective of the LifeLog concept was "to be able to trace the 'threads' of an individual's life in terms of events, states, and relationships", and it has the ability to "take in all of a subject's experience, from phone numbers dialed and e-mail messages viewed to every breath taken, step made and place gone".

2007 Microsoft Research, https://www.microsoft.com/en-us/research/video/the-microsoft...

> The SenseCam is a personal, wearable camera developed by Microsoft Research in Cambridge, UK, and used as a lifelogging device in projects like MyLifeBits.. is based on wearing the SenseCam for lifelogging of ‘events’ during your day, and generating a fast-forward movie of the event as the memory recall interface.

2010 Microsoft Research, https://www.microsoft.com/en-us/research/publication/now-let...

> Lifelogging technologies can capture both mundane and important experiences in our daily lives, resulting in a rich record of the places we visit and the things we see.. Previous work has demonstrated that Lifelogs can aid recall, but that they do many other things too. They can help us look back at the past in new ways, or to reconstruct what we did in our lives, even if we don’t recall exact details.

https://www.microsoft.com/en-us/research/project/mylifebits/ & https://en.wikipedia.org/wiki/MyLifeBits

> MyLifeBits is a life-logging experiment begun in 2001. It is a Microsoft Research project inspired by Vannevar Bush's hypothetical Memex computer system.. The "experimental subject" of the project is computer scientist Gordon Bell.. For this, Bell has digitized all documents he has read or produced, CDs, emails, and so on. He continues to do so, gathering web pages browsed, phone and instant messaging conversations and the like more or less automatically. The book Total Recall describes the vision and implications for a personal, lifetime e-memory for recall, work, health, education, and immortality.

Lifelogging was referenced by 10,000 academic papers over two decades, https://scholar.google.com/scholar?q=lifelogging


Neither these two paragraphs or the source they’re paraphrasing (https://doublepulsar.com/recall-stealing-everything-youve-ev...) indicate anything matching the headline at all.

The source article is a QA with himself. There’s 1 tweet references, that shows a screenshot of a truncated SQLite db that shows a log of the applications opened via the user UI shell: https://x.com/gossithedog/status/1796218726808748367?s=46&t=...

Whoopty doo. There are many, many sources throughout Windows that can give you a list of recently opened applications (that have existed for 10-25 years)


This is so wild. What kind of a-hole in the C-level suite of MS thought this was a good idea?


This feature isn't for individual users, it's for corporations that want to control their employees.

If a corporation was a man, it would be a tyrant that demands to know everything its subjects do and think, and wants to control what they do and think.


I have shared a similar post about another app of the same kind. It is called Invisibility (already using it, but concerned)!

https://news.ycombinator.com/item?id=40530354


Seems like the Key & Peele's Computer History sketch needs an update.

https://youtu.be/s0lUbqDrFWU?si=47kGfhA-PVuctWep NSFW


Thanks for the video. Like someone commented, i think too that this sketch will not get old so soon, more with all "AI" getting pushed.


I am not sure about this, but this new feature requires a dedicated AI chip (or maybe even a decent enough GPU), so,… here’s to hoping the guys behind shutup10 can integrate a patch to disable this.


> this new feature requires a dedicated AI chip

It literally does not: https://news.ycombinator.com/item?id=40543584


The only silver lining on this is that, previously, the idea that your computer might visually spy on everything you do and index it for easy searching was the domain of paranoid conspiracy theorists.

So I guess at least marketing that as a feature now makes it obvious that it is possible, I guess.


It was always possible.

But now they will claim you have a way to turn it off. Who knows ! There is so much telemetry being recorded anyway.

This is like people preferring Macbooks from 2016 because it was pre-touchbar. I honestly consider good tech from previous years to be far more secure than what’s around now. Who knows what’s in your products now?


I find the irony that I keep getting advertised the podcast* by some VP of Security ding-dong at Microsoft *delicious*.

(* I am intentionally not stating the name because they don't deserve the attention or free advertising)


It's a thinly veiled ploy to get training data to train their generative AIs in user activity with the hopes of teaching AI the workflows of people, so it can replace them.


Welp, I said before I would wait and see instead of directly dismiss the feature, and now I have my answer. That will be another of these feature to hard disable after windows install…


The real question is why the hell can said infostealer malware access the file.

Can we PLEASE have proper per-process file access restrictions on Windows already - like MacOS has had for a decade now ????? Why is win32 app isolation still not done?


https://learn.microsoft.com/en-us/defender-endpoint/enable-c... this works surprisingly well to prevent an app from going too far into folders it should not access.

It's a bit opaque though, not as simple as *nix owner/group/everyone permissions.


This seems like a start, but just marking applications as "trusted" doesn't cut it. We need real rules like each program can only access its own installation folder, its own user data folder, and any folders the user has explicitly granted access to for that program.

I may "trust" a video editing app, for example, so I can access my raw content folders. It should still be completely impossible for that process (or any spawned from it) to access my browser session information in case of an RCE from loading a malicious video.


> During testing this with an off the shelf infostealer, I used Microsoft Defender for Endpoint — which detected the off the shelve infostealer — but by the time the automated remediation kicked in (which took over ten minutes) my Recall data was already long gone.

Yeah... This is a BIG issue with the modern generation of antimalware solutions.

The old signature-based detection is great and immediate. But it has drawbacks. It only detects already-known malware. Not tailored stuff used only on one specific target. Also, malware can change its own signature adaptively. and hook into known-safe binaries.

So, a modern antimalware uses AI learning and behavioural analysis. Why is notepad.exe suddenly logging all your keywords? Ban it. The problem is: This takes a while. The tool can be configured to block it before someone looks at it, but it still takes a while. At the point that this happens, the damage is often already done.

At an enterprise level this is not a huge problem because it does mean the problem is detected, and by the time it is investigated it's possible to stop the source of the malware and ban it from all the other 100.000 PCs by using signature detection or other mitigations. On personal PCs this is more of an issue because they don't have a dedicated SOC (Security Operations Centre) jumping on to these things.

Also, the noise level is an issue in the enterprise, set the detection threshold too high and your SOC gets overwhelmed by all the detections and becomes ineffective.

Anyhow, this is indeed a good argument against Recall. When it was first introduced last week, people stated that it wasn't a big deal because malware can install its own key/screen logging. However a repository of the last 6 months of activity is indeed a very juicy target to exfiltrate quickly before detection.


I don't see Recall being axed.

Disabled by feature flag? Sure.

Disabled by default? Sure.

Once Windows stops having administrator accounts, they'll enable it by default.

As Smith would say, "it's inevitable".


> As Smith would say, "it's inevitable".

To which I reply:

    sudo rm -rf /agents && echo "the only windows here are made of glass"


wym by

"Once Windows stops having administrator accounts"?


I may have dreamt this since I found no evidence online, but I thought "Windows 12" or similar would have only regular accounts. I assumed they would redirect filesystems calls for that, similar to the mechanism Windows Vista introduced and since has had no visible improvements.


Is there a law enforcement analysis tool for this yet?


The domestic abuse point is a chilling one

An abuser being able to access their partners/kids computers and go and see every thing they have done is terrifying

Can we just not do this at all?


Yes, my ex would have loved to have used this to see everything I was doing on a computer… then dox all my private data to Facebook for a laugh.


nannyware has existed for decades before this, just like tracking devices existed before Apple air tags.


Yea but very few people install it. Now it comes prepackaged.


I haven't typed or viewed anything on any Windows PC in like 15 years. And I think anyone shouldn't....

Keep pushing chaps...


Time to stick to only gaming on windows. I’ll use a dedicated and locked down Linux box for everything else.


Remember when we used to warn about software that phoned home?

Malware?

Keyloggers?

Adware?

Rootkit DRM?

Turns out they changed what "it" is, and I'm not even halfway to my pension yet...


Let me be clear: I will literally burn any computer equipped with this technology I am forced to use and post the aftermath online.

This is societal cancer. Total information monitoring is the death of any semblance of human independence and should be violently resisted.

I have never been more disgusted by a management team. How clueless can you be? Combined with digital intelligence, this technology is profoundly dangerous to anyone who works with a computer or technology (which is almost everyone).


I think that kind of sabotage would only work if a very large number of persons joined you.

You might want to consider an alternative plan, as doing that to an employer's / government's computer could get you in a lot of trouble.


OBEY.


Who do you anticipate forcing you to use a computer with this functionality?


Work, school, or ignorance.


“Someone else will do it”


What happened to the punk in cyberpunk?


> What happened to the punk in cyberpunk?

It began to wane as soon as programming and in particular working in big tech became an opportunity to get rich.


1. Turn user activity into data

2. Turn data into AI that replaces users


It should be called "Clean Sweep".


when is this ever going to end? computing is so promising but we use it for activities like this....


Seems to me like Microsoft probably sees Recall as

a. A way to capture more personal data and sell it to advertisers, or

b. A way to make Windows even more attractive to enterprise customers so that managers can snoop on employees, or

c. A handy feature that most users will want.

What Microsoft is saying publicly is c, which in itself is a red flag that suggests it's probably not true. The other red flag is that even as tone-deaf as Microsoft is about user wants and desires, even they can't be stupid enough to believe most users want this. So it's gotta be a or b or both.


Why stop there? It should also transcribe videos and everything said around the computer. Then, since it becomes possible to deduct the users opinion about just about everything if need be failing back on friends, family and coheard association it can also do our shopping and autofill the voting ballots silently on the background, without bothering me.

I mean, I have no idea how to stop laughing inappropriately at the moment but I know the product exists, that it can be delivered to my doorstep and that I can afford it.


This is something you have to specifically enable right? Right?!

I’m sick of brain dead execs and product managers. What world do these people live in?


First it's gonna be an obvious setting, then it's gonna be a setting deep in the "features" of windows, then it's gonna be a register you have to edit, then it's gonna be an obscure powershell script you have to execute, and in the end, it will be a default feature that you have no control on :)


Don't forget them requiring an online Microsoft account to change the setting. Don't have internet or can't set up an account? Well, tough luck.


It’s enabled by default on a select number of laptops they sell, and no one else has access to it yet. But they plan to roll it out further. I’d personally hoped for some kind of “Secure Enclave” such that only certain processes could be run, but this is about what I would expect of someone shipping a minimum viable product because AI is a hot buzzword. Weirdly, even AI could theoretically solve some of the privacy issues simply by looking for PII and removing them. Extra weirdly, this would have been more secure if they uploaded screenshots to the cloud, because access could be better monitored there and exfiltration limited.


If anything, it's likely they imagine the PII being useful. Imagine being able to ask your computer for your bank account number instead of digging it out of a website or file. Obviously useful... but also obviously exploitable.


Regardless of the new Recall feature, the Windows Timeline already collects vast amounts of data and is enabled by default, and I've seen the database file grow even when disabled. A trove of information for any forensic analysis.

https://kacos2000.github.io/WindowsTimeline/WindowsTimeline....


First it's opt in, then it's on by default, then it's mandatory and what do you have to hide anyways?

The default progression of this sort of "feature" and business practice.


There’s also the classic phase where it’s technically opt-out, but it magically gets reset to default every time Windows updates.


There's a phase in between where it's reset every time you leave the settings menu and can't see them resetting it (I forget which privacy policy it was anymore, but that was the straw that kicked me over to Linux for good).


And in this particular instance it did not even start with opt-in. They went straight to on by default!


> This is something you have to specifically enable right? Right?!

lol, lmao even. Some might even be so inclined to say rofl.

It is actually kind of depressing the state in which Windows is and is going. For me personally the only actual "advantage" Windows has over my homegrown Archlinux install is app/game support. And basically all of the ones that don't work, don't work by design because they don't want the user to own their hardware/software.


>What world do these people live in?

Getting promoted by other execs based on the visibility of delivered features.


Imagine using windows in 2024


Holy shit, when I was doing litigation these databases would be my wet dream.

I might seriously quit my job and start a discovery consulting / tech company just for targeting these databases.


The new text messages / browser history


Another great reason to use Linux.


“the future of windows is cloud”.


My hot take on this has been that although the tech community universally hates this - the sales and management types that drive these decisions will love it, and recall will go down as a resounding success for Microsoft. You're also going to find disabling it reduces your 'azure score' which is absolutely used by such types as a measure of their sysadmins skills.


The management types who think they love this, because they can monitor their employees more effectively, will change their minds in a hurry when a competitor sues them, discovery starts, and the competitors' lawyers get to go through everything that Recall saves.


WTF are you on about? Lol


I am "on about" the fact that HN is frequently a bubble that doesn't reflect business. As an example, there has been many threads full of assertions that no good manager would ever deploy "bossware", and yet companies selling these products are reporting sales going through the roof.


I'm confused. According to the article, several days working results in a 90kb compressed DB. If that's the case, it can't be capturing all the text you see, including web pages - perhaps "working" here doesn't involve general web browsing? What am I missing?


Presumably the snapshots it takes and summarises are periodic, but at what interval I'm not sure. Alternatively (and this is a technical possibility) it could be hooked into WebViews and HWNDs to get notified when it's worth taking a screenshot.

Given that you can exempt particular website (in addition to private browsing modes in "supported browsers" already being exempted [1]), that implies some integration between a browsing context and Recall.

[1] https://support.microsoft.com/en-us/windows/retrace-your-ste...


Text compresses very well. Also, it wouldn't be capturing the entire web page, just the text you actually see on screen.

Obviously that 90kb doesn't include the separate folder with all the jpegs.


The full screen OCR will capture the jpeg file names


Yeah I'm also wondering what kind of perf drag it would be. I'd probably just turn it off. Like when would I ever want this?


The real harm in Recall and I so much wish there was an authority who stepped in and slapped Microsoft into next week because of it: abusive relationships. Now your abuser can see everything you've done on your computer so if you try to get out your situation will worsen and also because of this you might not dare to seek help on said computer.


> because malware can now target a single file with huge amounts of valuable information

By that logic password managers are also no-no.


At least the password manager I use has solid encryption. I can control where the file lives and what file permissions it has. For instance, I can keep it on a USB stick that I only insert when I need a password and then remove the stick afterwards.

I do not remotely whatsoever trust Microsoft or Windows to keep their Recall database secure and offline. Attackers will know exactly where the file is, unlike with my password manager. There's no shortage of Windows privilege escalation exploits to gain TrustedInstaller status to read any file on the system.


Excuse me, when did password managers collect information about everything their users do on a massive scale?


For password managers, the alternative is password reuse. Big difference.


do you think there's a difference of scale here?




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: