It’s a nightmare scenario for Microsoft. The headlining feature of its new Copilot+ PC initiative, which is supposed to drive millions of PC sales over the next couple of years, is under significant fire for being what many say is a major breach of privacy and security on Windows. That feature in question is Windows Recall, a new AI tool designed to remember everything you do on Windows. The feature that we never asked and never wanted it.
Microsoft, has done a lot to degrade the Windows user experience over the last few years. Everything from obtrusive advertisements to full-screen popups, ignoring app defaults, forcing a Microsoft Account, and more have eroded the trust relationship between Windows users and Microsoft.
It’s no surprise that users are already assuming that Microsoft will eventually end up collecting that data and using it to shape advertisements for you. That really would be a huge invasion of privacy, and people fully expect Microsoft to do it, and it’s those bad Windows practices that have led people to this conclusion.
Ya, a PR nightmare for the next 15 minutes until the next unbelievable thing comes along and the ADD nature of people forgets windows is watching everything they do.
That’s usually what I think too, but after watching how Twitter’s gone to shit since the two big user departures, I think this could legitimately affect Microsoft’s bottom line.
That will rely on businesses moving away from Windows. That is where they make a ton of their money with Enterprise licenses and Office 365 subscriptions.
And businesses don’t give a shit about their employees’ privacy
They do care about keeping their company secrets and proprietary info though. Recall could make corporate espionage a cake walk.
We handle a lot of IP on our Windows PCs so it’s debatable. However, in recent years, Microsoft has taken over most of our services with SSO, office 360, teams, etc so who knows.
If you look at sysadmin forums and groups it seems like most recommend disabling recall. Just about every enterprise will have confidentiality, security, or legislative requirements that recall is simply inconsistent with. It’s understandably been a hot topic.
Yup. It’ll depend on how they handle Recall at the institutional level.
It’s a given that hospitals and law firms will have to turn it off, as they’re required by law to honor privilege. We’ll see what choices they make.
I find the nosedive in Twitter’s stock price these last few years encouraging. It seems for many there is a red line.
I believe the biggest thing that will hurt MS is moving to subscription. The vast majority of users aren’t gonna wanna have a forever fee when they buy a laptop/PC
That’s definitely going to be a problem for them, yes, because it’s also going to drive a ton of traffic to Linux and Linux is going to get even better.
A lot of people would have huge bursts of negativity about this, but at the same time remain stubborn enough to not even consider evaluating alternatives. Microsoft and Apple spent decades making sure this would work
For now at least, I block as much telemetry at the network level (DNS level) using pihole.
Annoys my wife and kid at times. I try to explain why and what it means but convenience is king unfortunately.
My mom only really browses the web, writes emails, and edits and occasional document. I’ve given her my old XPS 9350, with Fedora installed on it, and she’s been very happy with it. Keeps saying that everything just makes sense, and when she needs something, it’s easy to find. She’s far from tech savvy, but not completely clueless either
That’s cool!
I’m swapping to Linux finally because of it. Few things are black and white but these things do have effects and some additional percentage of users are shifting over because of it.
I agree with your point, but I think it’s important not to forget just how shitty tech media is a holding these companies to account. Half the shit most mainstream tech journalist publish borders on hagiography for these companies.
Oh please it’s not watching everything you do. It’s just taking screenshots 🙃
Ok fine, I’ll repeat it again:
You’re right - many consumers will likely forget about it and just use it anyways. But enterprise customers absolutely, categorically will not. Even with their damage control, this is still going to hurt them a lot. Moreover, it’s going to hurt hardware sales from Intel, AMD, and Qualcomm, all of which have dumped MASSIVE amounts of capital into this tech. This is going to slow the rollout of NN-optimized chip tiles, and that is going to directly hit their bottom line. Microsoft hurt themselves AND the three most important hardware partners they have.
Microsoft has built a number of safety features into Windows Recall to ensure that the service can’t run secretly in the background. When Windows Recall is enabled, it places a permanent visual indicator icon on the Taskbar to let the user know that Windows Recall is capturing data. This icon cannot be hidden or moved.
Oh my, that one is really cute
Malware will disable that icon. Law enforcement will buy [that] malware.
Well find out in 10 years that that wasn’t true and that it did capture data when the icon wasn’t present whoopsies.
If chkCaptureData.checked then recall() bigNotify() Else recall() End
This icon cannot be hidden or moved.
Or what? Your computer will take out a club and beat you to death?
You can’t convince me someone couldn’t do it with a simple registry edit, or even just replace the icon with something else by swapping an icon file somewhere in Windows/
Apple ensures its operating systems are clean, polished, and without bloat.
Except for all the uninstallable Apple bloat such as Apple Music, Apple TV, etc. And the numerous bugs and issues, such as still not being able to have the touch pad and mouse scroll wheel have different settings.
I remember when everyone was complaining about how terrible Safari is. The lead developer started having a go and ranting on Twitter, saying that raising bug reports is not constructive feedback.
That was a mess.
Do you have any links? Not that I don’t believe you, I just can’t find anything on it and it seems very entertaining
This feels like the kind of thing I would watch a 2 hour long youtube deep dive video on, haha
Where is hbomberguy when the world needs him
Commiting war crimes against the letter h
I do have a Twitter account but for the life of me I can’t remember what the password is so I can’t actually see the responses, since apparently you need to sign in to see responses now, but if you do have Twitter you can see the responses here’s the link. https://x.com/jensimmons/status/1491064075987873792
Some nitter instances might work. This one did. Not a shitshow at all, especially as she didn’t say that “bug reports aren’t constructive feedback”
Everyone in my mentions saying Safari is the worst, it’s the new IE… Can you point to specific bugs & missing support that frustrate you, inhibit you making websites/apps. Bonus points for links to tickets. Specifics we can fix. Vague hate is honestly super counterproductive."
There’s plenty of bug reports in there and she’s behaving how I’d expect a developer to: by asking further questions and version use for stuff that should be fixed. Didn’t see any point where she lost her temper in any way
She refused to acknowledge the existence of issues and point-blank refused to fix existing bugs.
Claiming apple is the new internet explorer is only untrue in the sense that it understates the nature of the issue.
Safari is still a pain for frontend developers to deal with. At least IE6 was a static target and we were well aware of all the bugs. Some of the bugs and workarounds even had names, like the “peekaboo bug” and the Holly Hack".
Safari is a moving target that has so many bugs and issues that none of the other major browsers have.
I caught the tail end of IE6 webdev, but the idea was basically “let jquery figure it out”. Not too painful tbh.
Apple is not blameless but they are a shit-ton better than Microsoft. I have to have M$ for a few work apps but I’m primarily MacOS for desktop and Linux for everything server-side. I avoid M$ as much as possible.
I agree. But everyone acts like Apple’s shit doesn’t stink.
Don’t forget the fact they’re locked onto luxury hardware, and you can’t build your own flavor for it. Even worse is, notebook manufacturers copied them so much there’s less variations among them. I was looking for some “subnotebook” as a potential portable PC, but I had like a few options (many of which would have included AliExpress junk), but there’s an endless supply of same-looking 14-16" ones, that are thin (“real” portability according to techbros), lightweight, “desktop replacements”, and run at a constant 95°C.
Yeah, the main takeaway here is “Apple Bad”
The main takeaway of this article about Microsoft’s horrible decisions is “Apple bad”? OS flame wars really haven’t gotten less ridiculous in the past decades…
I was making a sarcastic response to the comment above mine and its chain, which devolved mindlessly into “Apple bad” as things tend to when Apple is mentioned.
No it’s that Linux is good
I mean 95% of their customers probably don’t care or even know what Recall is but…
95% of their customers are businesses, who no, they don’t understand that. But their IT department does.
Their IT department also knows the MS isn’t going anywhere…
And that IT department also knows how to disable it with a single Group Policy
It really is a none issue
There will be corporate editions that Let you turn it off. There is no way that get activated in defence related businesses.
Yeah, you can be damn sure I’m going to disable this at some grand level for my ORG if it makes it to us.
Yeah this. Fed up with sensationalist headlines that are far from reality. Us Lemmy users have a better understanding of what’s going on but we shouldn’t be falling for this journalism as it’s nonsense.
I’m learning about it as a result of this thread. I’m still on 10, but I know what to look for when I inevitably am forced to switch to 11.
A number of things I use still aren’t supported on Linux
My dad is now pissed at both Microsoft and Adobe, and curious about Linux. If I can find a Lightroom alternative, he might actually switch.
Like darktable?
I haven’t found a suitable replacement yet. I know this is somewhat niche but nothing on Linux can do batch management of Keywords as well as Bridge or Lightroom. I wish I knew anything about C to contribute.
Fun fact: I’ve heard the Adobe suite works fairly well in Linux, if you find yourself a version without DRM
I know of the GitHub script to install PhotoShop, but wasn’t aware that the rest of the suite worked.
I also just read that they would. Never tested it myself. I only use Adobe on my work mac.
Ah. I don’t use Adobe products, so not really willing to test myself.
I tried to install some PlayOnLinux Wine shit but it didn’t work.
Have you tried installing it via Lutris and using Proton-GE as runtime?
🫨
Did not work. :( TBF I am not very technically minded with Linux.
PlayOnLinux? When was this, 15 years ago?
I employed imagemagick recently to batch edit some pics via CLI but I’m not sure if it’s a drop in replacement for bridge and lightroom.
I’ve heard that RawTherapee is good, but not quite on the same level.
Also one of the dumbest names ever.
Sounds like something from a kink brothel in Sedona.
RawTherapee and The GIMP
they knew.
You guys trusted MS before this???
A couple years ago it wasn’t thoroughly and transparently sucking off every bit of personal data it could get, and gearing up to put adds on the desktop on top of that.
Seems the consensus is that telemetry started with Win7, but I swear I remember privacy people freaking out about Win95 or 98 sending system specs or something back with out telling the user. It’s been a slow boil for a long time.
Yeah I think 7 was when it was a big blip on the radar. But 100% they had to start laying that foundation beforehand, so I wouldn’t be surprised if it was either always there or started making its way in 98.
95 was relatively groundbreaking and a part of me thinks the PC was so new they hadn’t thought of it yet or if it was even possible given the nature of internet, but you can’t put anything past the marketing guys that would probably love to know what colour your shit is.
Yes & No.
From what I remember from that time it wasn’t really a lot of people going on about privacy at that time. We were more concerned with how they just grabbed the BSD networking stack without saying anything about it.
There were a few things w/rt activation that people were pissed about. That was more towards the XP era though.
Though maybe someone else remembers it differently than I do since I wasn’t paying attention to privacy at that point and I don’t remember seeing anything about it in PCMAG or G4
I vaguely remember something from TechTV or Slashdot. Searches only turn up more recent discussions though. The old stories are getting buried by the more recent shit going on.
Don’t worry a quick google search will tell us to use a non toxic glue mixed with vanta black to keep privacy intact
I remember when Windows 10 first came around, and people were trying to bring attention to the privacy issues in the TOS. Now it’s been widely adopted just about everywhere, and this is probably going to be the same.
Is github, owned by Microsoft, the largest public code repository?
I’ve always trusted them to do what they’re great at… which is get a product nearly 100% perfect, then back it up about 20%, and polish it off by shooting themselves in the foot.
Which I’ve always found it insane that EVERY product they ship is like that. The only exceptions (IMHO) to that were Office, DOS5, Win7, (Maybe XP)
I figured on my gaming and VR rig that I’d begrudgingly upgrade it to W11 when W10 stopped receiving security updates and support but at this point the recall feature (which will be used to train LLMs regardless of what Microsoft promises or guarantees) has ensured that I never install that kind of spyware as an operating system.
I’d rather spend forever troubleshooting and getting my Valve Index to work with Ubuntu than deal with a giant backdoor.
I wouldn’t go for Ubuntu. They are also run by a corporation that has done problematic things with the project. It also just doesn’t work that well anymore. Better off going for something Debian or Fedora based, or even an Ubuntu derivative like Pop OS.
Isn’t Ubuntu Debian based? Or is that no longer the case? I haven’t used it for about a decade.
It’s Debian-based, but Canonical has been really Microsofty about its development. They now have Snap as a universal packaging format, and have mandated that all official Ubuntu flavors (so X/K/Lubuntu and others, but not derivatives like Mint) must include Snap, and must not include Flatpak in the default installation. They’ve also fucked with APT where installing certain packages, like Firefox, would first install Snap and then the application’s Snap package, without even telling the user. They’ve had some controversy with Amazon ads in the search results, and advertising Ubuntu Pro in the fucking terminal. The default GNOME desktop also has a ton of issues.
I, and many others, recommend against Ubuntu. Linux Mint is the most commonly recommended “just works” distro. That being said, switching to Ubuntu, if able, is still preferable to staying on Windows.
I agree most of this is fucked up, though I don’t know what search results you mean. Also, I always find it funny that people refer to the Ubuntu pro thing as “ads”. Yes it technically is, but it is a fuck ton less shitty than what we’ve come to know as ads in literally every other context. It’s literally a couple lines of text about packages you can get premium updates and support for
IIRC: about decade ago Ubuntu (still with its own Unity DE) processed system search in a way it shoveled amazon ads to users in first places. Or something lime that.
The Unity desktop’s search would display Amazon ads based on the query. https://en.wikipedia.org/wiki/Ubuntu#Conformity_with_European_data_privacy_law
It’s like the “nazi bar” anecdote. It always starts small. You let in a bit of ads, a bit of self-promotion, then the revenue reaches a plateau. You let in a little more ads, maybe a pop-up saying that you could be more secure. Then a few years later you have a Recall situation. If you let one nazi drink at your bar, he’ll bring his friends, and you’ll be running a nazi bar.
I don’t trust Canonical to act with integrity.
It’s debian-based, but such an outlier from the rest of the linux ecosystem that it might as well be its own beast.
Yes, it is, although there are many differences between both.
Many suggest Linux Mint (one of the best regarded beginner distro) as well, which has two versions, one based on Ubuntu and the other on Debian.
So, the three are like Debian’s most popular branch.
Yes, always has been to my knowledge
Pop os is fantastic
It varies. I struggle with its interface personally. I also had to force it to switch to Wayland to get some things working reliably. The hybrid graphics mode has issues too using the GPU when it doesn’t need to. Other than that it works reasonably well out of the box, though you still occasionally have to deal with headaches from apt. A lot of the issues will hopefully be fixed when the cosmic desktop is ready. Some more can be fixed if they end up going immutable, which I believe they are working on right now. The Ubuntu version is also kinda old.
Personally I would rather be on NixOS or Fedora right now, or UBlue’s Aurora. I am probably not a good candidate to be running something like Pop OS though. I am too experienced and my needs and wants are too complex for the poor thing.
I am sure you’re right about at least most of this but I will say my experience hasn’t been very troublesome. Other than a driver issue I had after an update 2 years ago, I haven’t had much trouble. Since I switched to an amd GPU especially, since gaming is much smoother. I had a lot worse issues when I used Elementary OS. Stuff broke a ton. For example, I had a weird graphical issue in Firefox for months.
Elementary OS probably isn’t what I want either.
Are you talking about a desktop? I am on a laptop with Intel iGPU and Nvidia dGPU. The battery life in Windows isn’t great, but it actually seems worse in Pop OS. I did actually catching it using the dGPU when it shouldn’t be. Obviously Nvidia doesn’t help things, and I am glad it works as well as it does. Still it’s kind of sad. I might buy a second laptop just so I can have battery life that isn’t horrible.
Cosmic desktop from my understanding will have a better implementation of the hybrid graphics mode to stop this nonsense.
Yeah, desktops. I do think though that the Intel/Nvidia combo you have makes Linux in general a bit tougher than any setup more Linux friendly than that.
Very common setup sadly, actually the second laptop I have had like this. I can’t imagine AMD + Nvidia is much better though, as Intel graphics has great support on Linux. KDE was probably a better bet, and I would have to change distro to get KDE 6.
I would also suggest not Ubuntu, and instead say you should give Bazzite a try. They are specifically interested in gaming with Steam (they even have a spin for running on Steam Deck). They might have already put in the work troubleshooting the distro with your VR gear.
better get W10 LTSC in VM and use it until EOL and beyond, it’ll be more privacy friendly this way
Using an internet connected OS past EOL is definitely not privacy friendly.
He said until EOL. Windows LTSC, the IoT version in particular is supported until 2032.
No, he said EOL and beyond
You could try win 10 iot ltsc 2021 out. It gets security support until 2032.
Not really
For the retail market, most people just have phones not computers anymore. Microsoft has already lost The Battle of Windows phone.
For the Enterprise market none of this recent b******* is going to enterprise customers anyway, they would have group policies and volume licensing deals to avoid all the b*******.
For those poor retail customers who still run Windows, they suffer, but they’re minor, not significant
Bullshit
Just passing through and corrupting children.
O7
Thank you for your service!
Fuck yeah
This is for the enterprise market more than anything. Large companies are already logging and mining everything. Slack, Teams chat, Teams voice, email, keystrokes…literally everything. Microsoft’s problem is that Enterprises are using third party products to do so. Recall solves that competitive issue for MS. I have no doubt that it will be tied to their cloud offerings, and I have no doubt that MS will retain the right to use it all of the data from the consumer side for AI training.
I’ve worked extensively in the Enterprise environment, and data exfiltration is a massive concern for any company with intellectual property, which is most of them.
Having data leak at all, another vector for exfiltration, is a huge huge risk.
Heck, I’d be surprised if Microsoft itself let its own developers run Total recall
As an infosec professional for way longer than I care to remember, you are preaching to the choir. That said, all of our clients are both large enterprise and critical infrastructure, and they all log (and mine) everything. Not only that, they are shipping this directly to third parties. It makes me break out into a cold sweat every time I think about it, but here we are.
PS: OK, all the US based ones. Our EU based client does not do this to my knowledge and I assume it has to do with EU regulations, but that’s just a wild guess.
Good point. But the companies are at least controlling the data pathway, being aware of it, signing off on it, doing it for their benefit.
And I imagine at least for the US companies, every company they exfiltrate data to, is contractually obligated to keep their data private
Bunter2
baloney
For the majority of commercial users they literally don’t give a fuck either. It’s on techies that really care about his stuff sadly.
Why are you censoring yourself? Are you stupid?
Possibly. But I’m also definitely lazy, and my voice to text automatically censors. And I don’t feel like changing it. So f*** it
A lot of people here seem to be missing the nuance.
Sure, it’s problematic for their consumer market share, but you’re right that that’ll probably be forgotten by the mostly tech-illiterate populace over time. But that’s not the problem.
Step 0 of MS’s plan for this should have been “make sure there is an absolutely bulletproof and ironclad way to disable that stuff completely for enterprise customers”. And they didn’t do that. So now, enterprise IT writ large is going to… you know… just not buy any of these devices. Which is absolutely their right.
But the really frustrating bit is that MS may have significantly harmed the rollout of ARM-based laptops (as well as x86 chips with beefy NN-optimized tiles) with this, and additionally done real, massive harm to Intel, AMD, and Qualcomm by doing so. All three of those manufacturers have gone to ENORMOUS lengths to roll this tech out, largely at MS’s behest. They’re all going to take this on the chin if the rollout goes poorly. And the rollout is already going poorly.
But MS thought they could Apple-handwave away the details. And they can’t, because a lot of people who understand the absurd security implications of continuous capture and OCR and plaintext storage of the OCR output. It’s not something you can handwave away. It’s entirely a non-starter in the context of maintaining organizational security (as well as personal data security, but we’ve already talked about why that’s a bit of a moot point with the general public). But enterprise IT largely does try to take their job seriously, and they are collectively calling MS’s bluff.
The problem for the long term is that MS has pretty much proven to the IT industry with this stunt that they can’t be trusted to make software that conforms to their needs. That’s a stain that isn’t going to go away any time soon. It might even be the spark that finally triggers enterprise to move away from MS as a primary client OS. After all, Linux is WAY easier to manage from a security perspective.
TL;DR: the issue is that MS has significantly damaged their reputation with this stunt. And you can’t buy reputation.
Edit:
The article has an update:
Update noon ET June 7, 2024: Microsoft has released a statement noting it is making three significant changes to how Recal works including making it opt-in during setup, requiring Windows Hello to enable Recall, proof of presence is now required to view your timeline, and search in Recall, and adding additional layers of data protection including “just in time” decryption protected by Windows Hello Enhanced Sign-in Security (ESS) so that snapshots will only be decrypted and accessible when the user authenticates.
It’s definitely a move in the right direction… but it also begs the question of why didn’t they do that in the first fucking place? Seriously, some heads are gonna roll over how badly this whole release was planned, and the very clear lack of due diligence.
For anyone for whom Micro$oft’s reputation wasn’t already cartoonish villainy, sure.
For those of us from the olde worlde, who marveled at dancing monkey boy on a grainy quicktime file, it’s absolutely par for the course. They can shutter everything but cloud tomorrow and still rake in 100 Billion a year for the foreseeable future. It was a monopoly thirty years ago (convicted 20 years ago) that has eaten and shat whatever and wherever it wanted for decades.
The judiciary and congress don’t understand shit, and if they did m$ bought them. Done.
A lot of people here seem to be missing the nuance.
You don’t say…
I’m telling everyone I know it’s time to move to Linux, or worst case Mac.
I have down-voted this because in a worst case scenario, they should move to a less appealing version of Linux, like Arch
(waiting for my down-votes)
All I want from an Os is to launch my programs of choice and not suck up my battery running unnecessary junk I couldn’t care less about.
The worst part is that Windows can do that, but Microsoft insists on enshittifying it. Like Windows 11 isn’t that terrible if it wasn’t for all of the data collection and advertisements and other shit.
I miss the Windows 7 days where you could download a stripped down ISO that was just the OS. It launched your programs of choice and didn’t suck up your battery running unnecessary junk.
Last week, I went to a friend’s house and asked to use her computer, which is still a core 2 duo with 2gb of ram and an hdd, running win7. I was a bit surprised to see her family having it as their only computer, but more surprised to see how fast it was. I expected to have the most laggish experience of my life, but it was… smooth. I’ve used machines with much modern low end cpus, more ram and ssds that performed much worse than that on win10. The enshittification is real.
Yup. I can say for sure that SSDs were certainly a game changer, but now we have systems with like 10x the processing power that operate at the same speeds because the power has been spent on poorly optimized code and bloatware.
Sigh… I’m going to have to start fucking around with Linux, aren’t I?
Yeah, the signs are starting to manifest. You will embrace the penguin at some point to get what you desire.
it isn’t a nightmare for them. they will be fine. they normalize everything they do
Yeah like I hate Microsoft, I am migrating to Linux, and the things I read about recall were pretty fucking horrifying to me. At the end of the day though the general public doesn’t give two shits about tech other than it works out of the box.
I use Arch since 2009 (BTW), but I think I’m planted in reality enough to know that the average user not only doesn’t care, hasn’t even heard about it. This will not even move the needle regarding usage.
Absolutely, the only thing that will ever move the needle significantly is if the average user walks into a store and comes out with a system that has linux already installed.
Pfffttt, Microsoft has been there, done this, and got a whole closet full of tee shirts for stuff like this many times over the years. In the end the users don’t care and can’t stop it. And they are, by in large, too lazy to change to something else to completely avoid it.
It hasn’t ever affected the bottom line enough to matter to them. They will just pull this
bugfeature and wait for a better day. Or perhaps they will figure out a way to introduce it piecemeal to disguise it better.You can only piss on our faces and tell us it is raining for so long.
“It’s raining, I see” says the blind man as he pisses into the wind
Just think they might go from owning 98% of the market to 97% of the market. I am sure this is a nightmare for them.
