It was surely just schedule pressure. There's no system-visible API for "incognito mode" (nor should there be, obviously, as it would defeat the purpose) so they just skipped it.
I dunno, and I say this as someone who works for a competitor and has no love for MS... a lot of the responses here seem really uncharitable. This isn't bad faith, it's just a rushed product with some poor planning. If Apple had rolled this same feature out with glitz and a giant slideshow about privacy and explained how everything was encrypted and never left the device, we'd all be crowing about how great it is even if it too was screenshotting incognito windows.
I thought about it for a minute, and sure, given a chrome.exe HWND, I can't think of a way to tell if it's Incognito.[1] But companies work with important vendors on major features all the time. If they think it's important enough to exclude private windows in Edge, they surely could have worked with Google to figure out something.
> nor should there be, obviously, as it would defeat the purpose
No it doesn't. Incognito mode is about leaving no trace on disk, that's all. Recall is the one defeating that purpose right now, if TFA is accurate.
[1] Not saying it's impossible. Only that I can't think of a straightforward solution in a pinch with my limited Windows experience and hacking skills.
In Firefox, check for "Private Browsing" in the titlebar. In Tor Browser… default to "it's private". In stock Chromium, look for the string "Incognito" near the Chrome hamburger icon (e.g. via IAccessible2).
It's not hard to support this functionality in the major browsers: it'd take me all of 15 minutes.
> Recall won’t save any content from your private browsing activity when you’re using Microsoft Edge, Firefox, Opera, Google Chrome, or other Chromium-based browsers.
Without a system-level incognito mode feature I could see apps allowing users to denote their windows as DRM content to avoid Recall.
> a lot of the responses here seem really uncharitable. This isn't bad faith, it's just a rushed product with some poor planning.
But it’s not the product people are criticizing, at all. Similar tools have existed for a long time and have not raised eyebrows except when it’s been forced by an employer or a school. It’s that it’s the OS putting an always on and enabled-by-default spyware on devices that are frequently shared by family members, when their average users who barely know what a web browser is and will just accept recommended defaults. Speaking of which, the whole spiel about Edge/IE is precisely their aggressive defaults. It’s the same here.
If you’re a startup building custom tools you can talk about rushed products and assume good intent. This software is built by a software company with some of the worlds best software engineers all the way up to the top. I mean, people trust them with everything from business secrets to payment details to mission critical services. This is clearly not a “rushed product oopsie”, it’s blatant disregard for privacy, and to a lesser extent, security.
I’m avoiding windows like the plague, but since seeing my mom get bombarded with “recommended Microsoft defaults” over the last decade or so, I’m convinced MS is deliberately exploiting uninformed users as much as they can get away with, while leaving hidden options for power users to disable the ads and the crapware so they don’t leave. This total recall debacle is probably a similar attempt at using their unknowing user base to train their new AI models, or similar. If it was a genuinely useful product it would not be enabled by default.
> It’s that it’s the OS putting an always on and enabled-by-default spyware on devices that are frequently shared
And I have to repeat: if Apple Computer had pushed the same product, but with a slide talking about how it was all locally encrypted and unextractable and tied to both the device and the user account, HN would be celebrating the attention to privacy even though macs too are "frequently shared". And the reasoning would be how strong the security engineering was around the process, because we love that stuff and we love macs.
MS doesn't get the same benefit of the doubt, and it leaks into the technical content of the argument, and that's wrong. And FWIW I'm mostly just handwaving the technical details. I mean, do we know for a fact that MS is *not* encrypting this with a TPM-managed key tied to the user account? I bet they are, honestly.
> if Apple Computer had pushed the same product, […], HN would be celebrating the attention to privacy
I don’t believe so, at least not if it’s enabled-by-default.
> MS doesn't get the same benefit of the doubt
Apple doesn’t rely on benefit of the doubt because they are very clear about how the privacy of new products work (say Touch and Face ID), and Microsoft is not. I mean just look at this very thread, it’s super unclear how it works and interacts with other windows feature (some of which are premium) like fde/bitlocker and whether there’s telemetry/training. That obviously contributes to the “harsh” response. As it should.
> I mean just look at this very thread, it’s super unclear how it works and interacts with other windows feature
I agree with you, but that’s not great evidence for your point. Bring up any random Apple feature and people will be quick to warn you about their misunderstandings of it. “Face ID means Apple has all our pictures now!” “Apple Keychain shares all your passwords with them!” Etc.
Windows is actually pushing for bitlocker by default now. I believe new Windows 11 installs either are already or will soon start defaulting to enabling bitlocker across the board.
> telemetry/training
It's really just timer triggered screenshots + OCR + an SLM (small language model) running on device on a TPU/NPU, GPU, or other ONNX compatible device.
I'm generally super uncharitable about Microsoft since a lot of their stuff is a nasty black box with unclear security assumptions however with Recall, it seems like people are really jumping to conclusions without really even looking into what all it is.
This is a largely "unsophisticated" product made by bolting a bunch of more or less preassembled components and the bulk of which is open source.
So the data is intended to be encrypted at rest along with the rest of the OS, it's all run locally (which isn't a handwaivy thing, the tech is all very much capable of running locally) and if you don't have hardware capable of running it, it shouldn't be enabled in the first place.
My confusion with all of this is why Recall didn't start out as a PowerToys feature. It sounds like the exact type of internal "look at this cool little toy I built" thing that generally makes it into PowerToys but I'm assuming some exec ran with the opportunity and said "this is awesome, let's ship it with the OS and make it a highliner feature for our AI push" which is how we got here.
Absolutely not would I give Apple a free pass either. They can say all the nice things they want about protecting my privacy, but I do not trust any commercial entity will act in my best interest. Especially when they all have government requirements to hand over my data when a cop asks nicely.
We are speed running into a neuromancer dystopia where tech companies control every facet of our lives. Why would I be ok with them making it easier to monitor my every keystroke?
I dunno, and I say this as someone who works for a competitor and has no love for MS... a lot of the responses here seem really uncharitable. This isn't bad faith, it's just a rushed product with some poor planning. If Apple had rolled this same feature out with glitz and a giant slideshow about privacy and explained how everything was encrypted and never left the device, we'd all be crowing about how great it is even if it too was screenshotting incognito windows.