Check out our Monthly Survey Page to see what our users are running.
We do often include affiliate links to earn us some pennies. See more here.

This will be preaching to the choir for some readers, as you didn't exactly need another reason not to use Windows right? Microsoft's new Recall AI will take screenshots of everything you do and that sounds truly terrible. Spyware as a service, courtesy of Microsoft's push to stick AI into everything.

You might think I'm being perhaps a bit sensational here or even clickbaity, but no, this is actually genuinely what Recall does. As Microsoft said: "Recall uses Copilot+ PC advanced processing capabilities to take images of your active screen every few seconds", and not only just on their new ARM PCs, they said it will roll out to x86 platforms too via a Windows update.

What's the point? It's to give you a special timeline of your day (it stores up to 3 months worth of what you do), allowing you to go back through it and find things, highlight things, open the original application shown in pictures and eventually open up whatever you were working on in the right application with the right content at the time. Basically, some fancy-pants AI search going over everything you've done.

Microsoft do say the storage is local to your device, and is "protected using data encryption on your device" and even using BitLocker if you're on Windows 11 Pro or an enterprise Windows 11 SKU. Microsoft also claim it doesn't share it anywhere else, at all, no advertisers or Microsoft themselves. But, how far do we trust data being fed into a black-box AI that no one can really see what it's doing huh?

Here's the thing: straight from their own FAQ (scroll down) it notes how "Recall does not perform content moderation" and it will "not hide information such as passwords or financial account numbers". Oh wow, that sure sounds good for your privacy doesn't it. But don't worry it "does not take snapshots of certain kinds of content, including InPrivate web browsing sessions in Microsoft Edge" and "material protected with digital rights management (DRM)" is also protected. We can't have Netflix or Disney getting annoyed with it taking a shot of that movie you watched, nope.

I'm not even what you may call a "privacy nut". I use big-name stuff all the time, my main browser is plain ol' Google Chrome and you get the idea. But still, this is super weird.

What happens if someone else gets access to your device? Lost, stolen, sold (and you forgot to wipe) and so on. If you get hacked, they'll end up seeing everything, it's another major attack point. Yeah great it's stored on your device, but people and companies get broken open all the time, malicious orgs will have a real party with your data. There's plenty of other times people may end up with access to your device to think about, I'm not going to list them all of course.

You can hear Microsoft CEO Satya Nadella speak about it to The Wall Street Journal, skip to 3:23:

YouTube Thumbnail
YouTube videos require cookies, you must accept their cookies to view. View cookie preferences.
Accept Cookies & Show   Direct Link

No thanks. I'll pass, forever. I never want this. It feels creepy and gross.

The UK's Information Commissioner's Office (ICO) is already looking into it. No doubt others will be too. A privacy nightmare for everyone.

If you wish to try Linux, I can recommend Kubuntu which is my daily-driver.

Article taken from GamingOnLinux.com.
21 Likes
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly came back to check on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly.
See more from me
80 comments
Page: «5/8»
  Go to:

LoudTechie May 23
Quoting: pleasereadthemanual
Quoting: LoudTechieWhat mcirosoft didn't disclose with their TPM requirement is that breaking bitlocker of the TPM they required at first(hardware based) is so easy that a teacher suggested it as a project in my first year of embedded software engineering. This is the relevant trick..
Doesn't work for fTPM, but that only got allowed when it turned out that gamers with game pcs can be very loud.
Huh. That's pretty interesting. I guess the real professionals might have a suitcase full of these pogo pin sniffers for common laptop models, ready to disassemble the laptop at a moment's notice.

My desktop computer from 2017 has fTPM. Let me check if my Dell business laptop from 2022, which came with Windows 11, has fTPM.

<Rebooting>...

Edit:I have no clue. It doesn't tell me in the BIOS whether I have a fTPM, it just has the option to enable Secure Boot.

If you can't enable/disable your TPM in the BIOS you've no fTPM. If you can you do.(f stands for firmware)
EDIT:
This probably means you've hardware TPM for such a modern device.

Rant:
For some reason the advised practice in the security community is that for drm like activities dedicated hardware is most effective, but as far as I've encountered so far this is complete and utter bull.
Nintendo did and does it and failed.
Intel doesn't and succeeds(Intel ME)
By binding it to existing devices changing it is more intermingled with stuff the attacker doesn't want to touch.
Yes giving it more permissions helps, but if you integrate it in the firmware of something important it's harder to take away.

Edit:
Looked it up:
You've both, but the hardware TPM is probably the used one.

Bussiness laptop had TPM before consumer ones, because physical attacks are much more dangerous for owners of laptops who aren't also the user, such as businesses.
I assumed your laptop was new when you got it.


Last edited by LoudTechie on 23 May 2024 at 7:08 pm UTC
LoudTechie May 23
Quoting: wvstolzing... so I take it that plaintext indexing & search already works flawlessly on windows, that they're now expanding their horizons to indexing images, & user actions and the like?

... and that the promised indices won't take up half of the user's boot drive, and perpetually occupy half of their cpu & ram? (which of course they won't because all the processing and storage will be 'in the cloud')

Actually they promised to keep it local(for now), so I hope you've a really large drive, because it'll contain a video of its entire existence.

Edit:
Also they promised to keep it encrypted, so it will take up even more space than a normal video of it existence.


Last edited by LoudTechie on 23 May 2024 at 6:40 pm UTC
Man, Cory Doctorow's word "enshittification" really has turned out to be one of the words of the year, eh?
LoudTechie May 23
[quote=Lofty]
Quoting: LoudTechie
Quoting: Lofty
Quoting: Eike
Quoting: Lofty
QuoteI'm not even what you may call a "privacy nut".

Although this is a common turn of phrase. It's time we removed the association of conspiracy theorist with a human right to privacy.

I agree.

Quoting: LoftyIn the early day's people were far more trusting of technology and saw it as largely altruistic and a benefit to society (which with opensource it still can be) but invariably the usual shadowy forces do their thing and here we are.

[bolding by me]

... but this does sound... conspirational.

Maybe they aren't out in public stood on a box selling you data viewable on a large screen but im perfectly happy to identify groups tucked away in some monolithic corporate box connected to a vast data center sharing deeply personal information about you or your loved ones to the highest bidder as shadowy forces.

To me that is the usual shadowy forces. i couldn't think of a better phrase as my "tin foil" hat is blocking the connection to my neural-link Ai brain feed.

if you cant think of a better turn of phrase then let me know.


Shadowy implies lack of transparency, which has really improved over the years.
The term forces dehumanizes them.
The "shadowy forces" call themselves "data brokers".
I would call them "privacy salesmen/salespeople(reliant on who I'm talking to)".

That having said. I'm not opposed to the term "privacy nut".
I've no issue with being the crazy one and it does get the point across.
Quoting: LoudTechie
Quoting: Lofty
Quoting: Eike
Quoting: Lofty
QuoteI'm not even what you may call a "privacy nut".

Although this is a common turn of phrase. It's time we removed the association of conspiracy theorist with a human right to privacy.

I agree.

Quoting: LoftyIn the early day's people were far more trusting of technology and saw it as largely altruistic and a benefit to society (which with opensource it still can be) but invariably the usual shadowy forces do their thing and here we are.

[bolding by me]

... but this does sound... conspirational.

Maybe they aren't out in public stood on a box selling you data viewable on a large screen but im perfectly happy to identify groups tucked away in some monolithic corporate box connected to a vast data center sharing deeply personal information about you or your loved ones to the highest bidder as shadowy forces.

To me that is the usual shadowy forces. i couldn't think of a better phrase as my "tin foil" hat is blocking the connection to my neural-link Ai brain feed.

if you cant think of a better turn of phrase then let me know.


QuoteShadowy implies lack of transparency, which has really improved over the years.

Has it ? I mean i know there are laws around data protection such as GDPR. At least from a European perspective i could mostly agree. But Microsoft is an American company.
Aha, but to do business in Europe it still has to report who it sells and provides, which data to and to keep it a little scalable they will try to keep these pieces of information the same for europe and the rest of the globe(especially the first time they had to publish this, because making a special "europe" exception takes time) and the same is true for California.
Also thanks to the Snowden leaks the USA government more often publishes(often due to court cases) on the subject. Also there are nowadays more external monitoring methods.
Also the EU thanks to Snowden leaks once in a while get forced to publish parts of its own espionage through court cases.

Quoting: Lofty
QuoteThe term forces dehumanizes them.

Forces implies a large gathering of people committed to the same objective. Are we 'dehumanizing' an invading army by calling them a 'force' ?
Okay here you're just right, my excuses for the mistake.

Quoting: Lofty
QuoteThe "shadowy forces" call themselves "data brokers".
I would call them "privacy salesmen/salespeople(reliant on who I'm talking to)".

'privacy salesmen' should not even be a thing,i would call them immoral shysters. It should not be a job to sell people's private information without consent at the level proposed here.
[quote=Lofty]
Well yeah that's why I prefer the term. It gets the point across without sounding like an accusation of conspiracy beyond normal business transactions.
Quoting: Lofty
QuoteThat having said. I'm not opposed to the term "privacy nut".
I've no issue with being the crazy one and it does get the point across.

So long as it's not used to dehumanize people who care about privacy or minimize the risks involved, hushing people into silence.

Meh, many badges of honor in the past began as a way to dismiss owning up to it is often more effective. The term jesuit was meant to call them traitors, Cavalier was at first meant as an insult, Anarchist started as an insult it, conservative started as an insult.


Last edited by LoudTechie on 23 May 2024 at 6:43 pm UTC
Oh man, I can't wait for the first news articles to break about when Microsoft inevitably stuffs something up in an update and people's embarrassing private session get uploaded and shared far and wide. 🤣 You know that's going to happen eventually.

It's worth noting that not even Windows users are particularly enthused at the idea, as in this article on PCGamer.

Quoting: LoftyAre we 'dehumanizing' an invading army by calling them a 'force' ?
Yes. We call them "enemy forces," not "enemy people." An important facet of war is finding ways to dehumanize the people you're fighting so you/your soldiers don't feel so bad about killing them.
Bumadar May 23
The screenshot made just as you hover over the view password icon to check will be worth gold;)
Pengling May 23
Quoting: PhiladelphusIt's worth noting that not even Windows users are particularly enthused at the idea, as in this article on PCGamer.
I'll be amazed if many will put their money where their mouth is and walk away. It's only gotten as bad as it is now because they never take action about their complaints.
Pyrate May 23
This is so wonderful, it's setting the groundwork for my friends who have started asking me about Linux and it'll develop into them considering, and hopefully even switching to it before October 2025.
tohur May 23
I would trust such a feature if it was opensource.. for instance if a DE on Linux implemented this feature I would use it without batting an eye considering I could just go look at the source code to see what its doing and mostly likely use my OWN ai models to boot.. only way folks gona feel conforble using this from Microsoft is if they opensourced it.. To be frank it should be a LAW features such as this must be opensourced regardless if the OS is or not.


Last edited by tohur on 23 May 2024 at 9:15 pm UTC
LoudTechie May 23
Quoting: tohurI would trust such a feature if it was opensource.. for instance if a DE on Linux implemented this feature I would use it without batting an eye considering I could just go look at the source code to see what its doing and mostly likely use my OWN ai models to boot.. only way folks gona feel conforble using this from Microsoft is if they opensourced it.. To be frank it should be a LAW features such as this must be opensourced regardless if the OS is or not.

I wouldn't
The data is still stored on the computer and made readily accessible.
A malicious actor on my system(this can just be chrome looking for delicious data) can take it and run with it.
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon. Plain Donations: PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
Login / Register


Or login with...
Sign in with Steam Sign in with Google
Social logins require cookies to stay logged in.