It’s a nightmare scenario for Microsoft. The headlining feature of its new Copilot+ PC initiative, which is supposed to drive millions of PC sales over the next couple of years, is under significant fire for being what many say is a major breach of privacy and security on Windows. That feature in question is Windows Recall, a new AI tool designed to remember everything you do on Windows. The feature that we never asked and never wanted it.
Microsoft, has done a lot to degrade the Windows user experience over the last few years. Everything from obtrusive advertisements to full-screen popups, ignoring app defaults, forcing a Microsoft Account, and more have eroded the trust relationship between Windows users and Microsoft.
It’s no surprise that users are already assuming that Microsoft will eventually end up collecting that data and using it to shape advertisements for you. That really would be a huge invasion of privacy, and people fully expect Microsoft to do it, and it’s those bad Windows practices that have led people to this conclusion.
Do people outside of tech care?
They really should
I figured on my gaming and VR rig that I’d begrudgingly upgrade it to W11 when W10 stopped receiving security updates and support but at this point the recall feature (which will be used to train LLMs regardless of what Microsoft promises or guarantees) has ensured that I never install that kind of spyware as an operating system.
I’d rather spend forever troubleshooting and getting my Valve Index to work with Ubuntu than deal with a giant backdoor.
you can disable recall in regedit by adding a key and a DWord 32 bit value
Yeah … regedit should not be considered a solution for the user base. In fact any time the user base knows that regedit exists we in IT have failed.
I wish Linux weren’t completely fucking impenetrable for casual users.
It isn’t impenetrable. ChromeOS and Android are Linux based after all. If you don’t want to be prayed upon by Google you can use things like UBlue (inc. Aurora, Bazzite), PopOS, or Mint.
The advantage of PopOS and UBlue being you can download an image with Nvidia drives pre installed.
PopOS is a very mac like interface so you might not like it. Otherwise it’s pretty much install and go, has good community support, and even comes pre installed on some high end machines.
In the case of UBlue they include images for specific manufacturers of laptops like ASUS, Framework, and Microsoft surface. You also get fully automatic atomic upgrades with rollback in case of failure, similar to Chrome OS. This means even if you do something very stupid like reboot in the middle of an OS update, it won’t matter. It’s engineered to be almost unbreakable even for new Linux users thanks to being partly immutable. You get a choice as well between varieties for normal users called Aurora, one of gamers called Bazzite, a development one called Bluefin, and a server version too. Being based on Fedora it’s also reasonably up to date as well, but without sacrificing stability like Arch does.
Linux Mint is the classic easy to use Linux that runs on most computers made in the last 10 years and often older. It does sometimes struggle on newer machines with drivers though as it’s not using an up to date kernel. What it’s good for is that it pretty much just works when you have it installed and set up. It’s popular so you should get plenty of community support. It’s a quite similar interface to Windows while arguably looking better and definitely using less resources.
I’d say it’s really easy. The only requirement is making a choice to use something else, which most unfortunately is already asking too much for the vast majority of users.
It’s gotten a lot better over the years
When I first tried it (back in 2010) it was pretty rough all around but after trying it again recently due to the whole TPM requirement for Windows 11 I’ve found it to be really straight forward
Linux Mint is really user friendly and is what I’ve even put on my grandma’s pc
It’s not that it hasn’t gotten better, but that the entire infrastructure that’s underpinning the GUI is simply completely different than what people are used to. And I’m not just talking CLI here, because the average Windows user likely doesn’t use that to begin with – it’s things like filesystem organization, software management, driver installation, configuration files, etc.
And it’s not that these barriers are insurmountable either, but they DO require a significant amount of cognitive effort that not everyone is willing to put in.
I’ve heard this a few times lately. It makes me curious how recent the impenetrable experience was.
I’m shocked at the idea that an average Windows user who tried this year’s version of Debian Stable would find it even mildly confusing, much less impenetrable.
I switch between Windows 10 and Debian 12 Stable, daily.
I find that, on Debian, all the expected features are in the same spots, acting the same ways.
Disclaimer: I don’t have an Nvidia graphics card to cause me headaches.
And I do understand that depending on hardware, installation can be tough. That’s true with Windows, too, of course. At least installation doesn’t have to be an issue for new purchases, since enough PCs can now ship with either pre-installed.
The only real limiting factor is that most computers that you just walk into a store and buy (and are not made by Apple) come with Windows, and people just use whatever comes with their computers.
People rarely switch even default settings, let alone the entire OS.
I’m sure if computers came with Linux, there wouldn’t be that many complaints from casual users after they got used to it.
The hardest people to switch over are the Windows power users in my experience.
Most are not sure how to safely and properly install a new OS. If a computer came with Linux already pre-installed instead of Windows, count me in!
There are plenty of vendors that ship with Linux preinstalled. Even Dell does this with select models.
And just for the record, the tone of this is meant to be encouraging. I love hearing that people are open to other options.
There are vendors who sell laptops that come pre-installed with Linux. Only thing is that they’re a bit more niche. Dell is probably the biggest name who sells computers with Linux as an optional OS on their website, but IIRC they brand it as “developer editions”.
Otherwise, you get vendors like System76, Tuxedo, Purism, etc. (Maybe Framework, but IDR if they even install an OS)
I still don’t think that you can walk into a store and buy any of the above.
Not that installing Linux is difficult; in fact, it’s easier than installing Windows IMO. Most distros come with easy-to-use graphical installers with easy-to-understand language, even for newbies. They also come with a live environment that lets you try out the distro before installing it. Thing is, most people aren’t even going to bother trying it.
Thing is, most people aren’t even going to bother trying it.
Here is to that changing. Society needs better options regular users will be able to just purchase and go, imo.
It’s just a little different nowadays. Like the other user said, they just don’t know they have a choice or what to choose and follow whatever they know…
And what was one of the early bolsheviks’ regime strongest points? They created schools and made people literate en masse, and did it with their own curriculum. People became less suspective to ex elites and religious propaganda, and became their target audience.
Adobe, Google, MS give discounts and special programs for education because this way people get used to their products. Many local organizations that touch these casual users don’t have a real IT department and just flow with what’s given, they don’t make an informed choice like corporations. And that’s probably the place where this switch may even start to begin. A class of students who started with e.g. KDE Plasma would be used to it more than they used to Windows, same with other software. They can already do their homework and play most games. What else do they need?
The sharp corner is to find money to fund select schools to show others it’s not scary and makes it even cheaper for them in the long run, maybe some special troubleshooting team to teach them the ropes. I’ve heard from some users there and on reddit that their computer classes with a geeky teacher who installed Linux is how they’ve rolled in without a problem.
2002 called, they want their Linux attitude back
Not really
For the retail market, most people just have phones not computers anymore. Microsoft has already lost The Battle of Windows phone.
For the Enterprise market none of this recent b******* is going to enterprise customers anyway, they would have group policies and volume licensing deals to avoid all the b*******.
For those poor retail customers who still run Windows, they suffer, but they’re minor, not significant
This is for the enterprise market more than anything. Large companies are already logging and mining everything. Slack, Teams chat, Teams voice, email, keystrokes…literally everything. Microsoft’s problem is that Enterprises are using third party products to do so. Recall solves that competitive issue for MS. I have no doubt that it will be tied to their cloud offerings, and I have no doubt that MS will retain the right to use it all of the data from the consumer side for AI training.
I’ve worked extensively in the Enterprise environment, and data exfiltration is a massive concern for any company with intellectual property, which is most of them.
Having data leak at all, another vector for exfiltration, is a huge huge risk.
Heck, I’d be surprised if Microsoft itself let its own developers run Total recall
As an infosec professional for way longer than I care to remember, you are preaching to the choir. That said, all of our clients are both large enterprise and critical infrastructure, and they all log (and mine) everything. Not only that, they are shipping this directly to third parties. It makes me break out into a cold sweat every time I think about it, but here we are.
PS: OK, all the US based ones. Our EU based client does not do this to my knowledge and I assume it has to do with EU regulations, but that’s just a wild guess.
Good point. But the companies are at least controlling the data pathway, being aware of it, signing off on it, doing it for their benefit.
And I imagine at least for the US companies, every company they exfiltrate data to, is contractually obligated to keep their data private
Bunter2
For the majority of commercial users they literally don’t give a fuck either. It’s on techies that really care about his stuff sadly.
baloney
Why are you censoring yourself? Are you stupid?
Possibly. But I’m also definitely lazy, and my voice to text automatically censors. And I don’t feel like changing it. So f*** it
Bullshit
Just passing through and corrupting children.
O7
Thank you for your service!
Fuck yeah
Microsoft has built a number of safety features into Windows Recall to ensure that the service can’t run secretly in the background. When Windows Recall is enabled, it places a permanent visual indicator icon on the Taskbar to let the user know that Windows Recall is capturing data. This icon cannot be hidden or moved.
Oh my, that one is really cute
Malware will disable that icon. Law enforcement will buy thay malware.
A lot of people here seem to be missing the nuance.
Sure, it’s problematic for their consumer market share, but you’re right that that’ll probably be forgotten by the mostly tech-illiterate populace over time. But that’s not the problem.
Step 0 of MS’s plan for this should have been “make sure there is an absolutely bulletproof and ironclad way to disable that stuff completely for enterprise customers”. And they didn’t do that. So now, enterprise IT writ large is going to… you know… just not buy any of these devices. Which is absolutely their right.
But the really frustrating bit is that MS may have significantly harmed the rollout of ARM-based laptops (as well as x86 chips with beefy NN-optimized tiles) with this, and additionally done real, massive harm to Intel, AMD, and Qualcomm by doing so. All three of those manufacturers have gone to ENORMOUS lengths to roll this tech out, largely at MS’s behest. They’re all going to take this on the chin if the rollout goes poorly. And the rollout is already going poorly.
But MS thought they could Apple-handwave away the details. And they can’t, because a lot of people who understand the absurd security implications of continuous capture and OCR and plaintext storage of the OCR output. It’s not something you can handwave away. It’s entirely a non-starter in the context of maintaining organizational security (as well as personal data security, but we’ve already talked about why that’s a bit of a moot point with the general public). But enterprise IT largely does try to take their job seriously, and they are collectively calling MS’s bluff.
The problem for the long term is that MS has pretty much proven to the IT industry with this stunt that they can’t be trusted to make software that conforms to their needs. That’s a stain that isn’t going to go away any time soon. It might even be the spark that finally triggers enterprise to move away from MS as a primary client OS. After all, Linux is WAY easier to manage from a security perspective.
TL;DR: the issue is that MS has significantly damaged their reputation with this stunt. And you can’t buy reputation.
Edit:
The article has an update:
Update noon ET June 7, 2024: Microsoft has released a statement noting it is making three significant changes to how Recal works including making it opt-in during setup, requiring Windows Hello to enable Recall, proof of presence is now required to view your timeline, and search in Recall, and adding additional layers of data protection including “just in time” decryption protected by Windows Hello Enhanced Sign-in Security (ESS) so that snapshots will only be decrypted and accessible when the user authenticates.
It’s definitely a move in the right direction… but it also begs the question of why didn’t they do that in the first fucking place? Seriously, some heads are gonna roll over how badly this whole release was planned, and the very clear lack of due diligence.
For anyone for whom Micro$oft’s reputation wasn’t already cartoonish villainy, sure.
For those of us from the olde worlde, who marveled at dancing monkey boy on a grainy quicktime file, it’s absolutely par for the course. They can shutter everything but cloud tomorrow and still rake in 100 Billion a year for the foreseeable future. It was a monopoly thirty years ago (convicted 20 years ago) that has eaten and shat whatever and wherever it wanted for decades.
The judiciary and congress don’t understand shit, and if they did m$ bought them. Done.
Microsoft should go further and further with this so that windows becomes worse so that less people use it.
They say this like anyone is going to do something…
Perhaps if I wish really, really hard they will. I just will not hold my breath!
Ya, a PR nightmare for the next 15 minutes until the next unbelievable thing comes along and the ADD nature of people forgets windows is watching everything they do.
That’s usually what I think too, but after watching how Twitter’s gone to shit since the two big user departures, I think this could legitimately affect Microsoft’s bottom line.
Twitter is a great example of the exact opposite being true. Are people upset? Absolutely. Did they leave the platform? Nope. Maybe a small percentage.
Respectfully, it’s not.
The user departures, and response to further enshittify, have driven their stock price into the ground.
What user departures? The platform has barely dipped. Stock prices are meaningless.
X is the one telling the number of X users. Do you really trust Melon to tell the truth?
You’re assuming my source is Musk.
So far in this thread only one person has actually shared a source of any kind. Care to share with the class?
Number of users doesn’t matter because most people don’t close their accounts. Twitter’s actual usage and traffic is down by 20% since Elmo took over and their revenue is also massively down.
Who said anything about “number of users”? “Monthly Active Users” (MAU) is the industry standard.
Are you serious? The comment you replied to explicitly says “user departures”. And the article I linked is about active users.
Is this how you respond when you’re proven to be blatantly wrong about something? Totally pathetic.
It’s X.
Stop deadnaming X.
Anyone still clinging to the remnants of its former existence, please close your account. Stop kidding yourself.
What’s X? Is that the older version of Wayland or something?
It’s a shittier version of Mastodon but for right wing lunatics and russian bots.
I’ll never NOT call it Twitter, and you can’t make me.
You say that but deep down you know it’s Elon Musk’s X now. The dream is no more. You’re an X’er Harry!
I’ll stop deadnaming Twitter when Musk stops deadnaming his trans daughter.
And for the record, I’ve never used Twitter. It’s always kinda sucked. Now it really sucks.
Musk is a complete shithead and that’s not gonna happen.
Calling it Twitter is only going to accommodate the people that refuse to get off that nazi network.
Cause you know Musk gets off on the hate of people still calling it Twitter, exactly because how he treats deadnaming.
I believe the biggest thing that will hurt MS is moving to subscription. The vast majority of users aren’t gonna wanna have a forever fee when they buy a laptop/PC
That’s definitely going to be a problem for them, yes, because it’s also going to drive a ton of traffic to Linux and Linux is going to get even better.
That will rely on businesses moving away from Windows. That is where they make a ton of their money with Enterprise licenses and Office 365 subscriptions.
And businesses don’t give a shit about their employees’ privacy
We handle a lot of IP on our Windows PCs so it’s debatable. However, in recent years, Microsoft has taken over most of our services with SSO, office 360, teams, etc so who knows.
They do care about keeping their company secrets and proprietary info though. Recall could make corporate espionage a cake walk.
Yup. It’ll depend on how they handle Recall at the institutional level.
It’s a given that hospitals and law firms will have to turn it off, as they’re required by law to honor privilege. We’ll see what choices they make.
I find the nosedive in Twitter’s stock price these last few years encouraging. It seems for many there is a red line.
A lot of people would have huge bursts of negativity about this, but at the same time remain stubborn enough to not even consider evaluating alternatives. Microsoft and Apple spent decades making sure this would work
For now at least, I block as much telemetry at the network level (DNS level) using pihole.
Annoys my wife and kid at times. I try to explain why and what it means but convenience is king unfortunately.
My mom only really browses the web, writes emails, and edits and occasional document. I’ve given her my old XPS 9350, with Fedora installed on it, and she’s been very happy with it. Keeps saying that everything just makes sense, and when she needs something, it’s easy to find. She’s far from tech savvy, but not completely clueless either
I’m swapping to Linux finally because of it. Few things are black and white but these things do have effects and some additional percentage of users are shifting over because of it.
Ok fine, I’ll repeat it again:
You’re right - many consumers will likely forget about it and just use it anyways. But enterprise customers absolutely, categorically will not. Even with their damage control, this is still going to hurt them a lot. Moreover, it’s going to hurt hardware sales from Intel, AMD, and Qualcomm, all of which have dumped MASSIVE amounts of capital into this tech. This is going to slow the rollout of NN-optimized chip tiles, and that is going to directly hit their bottom line. Microsoft hurt themselves AND the three most important hardware partners they have.
Oh please it’s not watching everything you do. It’s just taking screenshots 🙃
I agree with your point, but I think it’s important not to forget just how shitty tech media is a holding these companies to account. Half the shit most mainstream tech journalist publish borders on hagiography for these companies.
This is the best summary I could come up with:
As CEO Satya Nadella described it, Windows now has a photographic memory that uses AI to triage and index everything you’ve ever done on your computer, enabling you to semantically search for things you’ve seen using natural language.
Your favorite web browser, video editor, or music streaming app of choice could release an update that begins scraping data from Windows Recall and uploading it to its own backend.
Many have already assumed the worst; that Windows Recall will eventually be used as a means to sell data to advertisers and train AI models, and that if it’s not happening today, it’s only a matter of time.
It’s a feature reserved exclusively for new PCs shipping under the Copilot+ umbrella, which means if you want to use it, you’ll have to buy a new device with a neural processing unit (NPU) that can output 40 TOPS of power first.
But there’s a very dark cloud hanging over this feature right now, and a lot of privacy conscious people are simply not going to be able to subscribe to the idea of Windows Recall in its current form.
I suspect this means we will see new features and capabilities added to Windows Recall over the coming months, along with updates to ensure the data it collects is secure on the device.
The original article contains 2,259 words, the summary contains 219 words. Saved 90%. I’m a bot and I’m open source!
The article was revised with a PR release from Microsoft saying they’ll make the feature opt-in.
Let’s of course not forget that things like upgrades to Windows 11, and use of an MS Account instead of local account, were opt-in…until they weren’t. Require them to sign a contractual agreement that this feature will remain opt-in forever.
I don’t think this will bury MS because they can easily market this to enterprise clients ( if they haven’t already ). Recall is a particularly useful tool for any employer that wants to keep track of everything employees do, especially in an age of WFH. They probably fogired they can take the PR hit from users concerned about privacy and move on unaffected.
Any enterprise working with sensitive data certainly has to disable the feature. And turns out, that’s most enterprises.
I have heard very little, if any, enthusiasm about this. Nobody seems to be excited about it at all.
Aside from the security nightmare, I’m really curious what havoc the LLM can cause by hallucinating stuff, based on how suggestive a question is asked.
Wife on husband’s account: “What dating sides did I visit this year?”
“Here are the 5 most popular dating sides you visited last year:…”“When was the last time employee X watched porn and on what side?”
…As expected, there is no evidence that this is “the straw that broke the camel’s back”. Don’t waste your time reading this article.
MS has been doing this kind of shit for decades and their market share has never changed significantly.
Was it stupid? Yeah. Are people upset? Sure. Is anyone going to do anything about it? No, because the vast majority don’t care or they would have stopped using it a long time ago.
I both agree and disagree. I agree that there isn’t going to be a single ‘straw’, because everyone’s thresholds are different. For me it was back when Microsoft auto-upgraded my PC to Win 8, which was also when they started putting in hard-to-disable telemetry and bad UI. It sounds like Recall is the threshold for some other people.
Also don’t discount that MS’ market share is dominated by a ton of corporate users (who lack a choice) and casual users (who don’t care / are unaware), but at least anecdotally they’ve been losing the power users in my life, which if true in general which will have negative downstream effects for them moving forward (IT departments working to support alternatives, software developers refusing to build on Windows Server / MS software stack, etc.)
the vast majority don’t care or they would have stopped using it a long time ago
It’s a little disingenuous to claim people should’ve stopped using something that hasn’t come to market yet. I was looking for other options when they started trying to force me to upgrade to Windows 11, but this absolutely is the last straw that I won’t use Windows on my next computer.
It’s a little disingenuous to claim people should’ve stopped using something that hasn’t come to market yet.
It is. Good thing I didn’t say that.
I was looking for other options
Oh well I guess the global tide is shifting if you are personally looking for other options.
You said there was no evidence that anyone would change. I told you my personal story how this IS impacting me and how I’m going to change OS on my next computer, and you… just sarcastically dismissed me?
Did you want to actually contribute to the conversation or just be upset?
You said there was no evidence that anyone would change.
No that is not what I said.
just sarcastically dismissed me?
Because your personal anecdote is not indicative of societal movement.
For at least 3 decades. That’s twice more than the time between Second Boer War and WWI. That’s the time between the start of WWII and the initial versions of Unix. Or between the initial versions of Unix and Start Wars the Phantom Menace. More than between the original Star Wars and the Phantom Menace.
I just read they decided to default it to off. They should remove it entirely imo, but with this move, it costs IT departments $0 and 0 hours of their time to worry about.
I think business + government + education usage is more important for them than personal, and as long as this costs them nothing, I doubt it makes a dent in anyone’s plans. Could have been an apocalypse if defaulted to on though.
I just read they decided to default it to off.
From what I’ve seen they will be asking yes or no upon setup with no default.
If it’s anything like some of the other features they’ve crammed in they will ask that question over and over and over and over again until you choose the answer they want.
I’m using windows 11 and after hearing about recall and all the other shit they’ve done, I’ve finally decided to make the jump to Linux
So for atleast me, this was the final straw
Same here
Some, maybe 1-2% of Windows users keep yelling “I’ma switch to Linux”. They then try it for a few days and give up.
You didn’t matter in the first place, but also you will most likely not make a successful transition anyways.
Lol. Okay whatever you say.
Crab
I get that. And, playing the devil’s advocate here…what happens in a couple of years when the time comes to purchase a new Laptop/desktop that comes pre-installed with Windows? Will your current ire and consternation hold up until then, meaning you’ll take the effort…long after this current “trust crisis” is over…to install Linux once again. Or, with this current scandal a faint memory from a few years back, will you just kind of shrug and say “Hey…it’s there, I might as well just go with it.”
I mean no offense, and I by know means want to presume your answer here. But I’d be willing to bet 90% of the people who, in a pique of ire, replace their current windows with a linux distro, won’t bother to do the same when they purchase a new laptop down the road.
Installing Linux is a pretty trivial process at this point. Not much additional work beyond what already comes with setting up a new laptop. Especially of you’ve already done it before.
Unless it’s arch lol.
Every machine I’ve purchased in the last 16 years has had a Linux liveCD or USB key before first power up. Windows has tried to boot a couple times, when I was too slow to figure out how to select a boot device, but none has actually completed the boot process. I take a sort of perverse pleasure in formatting pre-installed windows without it ever having run.
That’s my strategy as well. I just don’t know how many of us there are that are that committed vs the people who are “temporarily irate” and then go back with their next purchase because its “easier”.
I had dabbled in gaming on Linux but never made the jump. After reading about recall I spent a week making my choice on OS of choice ( and then I switched a week after :') ).
I’m fully on Linux now. Even if they fully back down from windows recall I dont need an OS that’s trying to sell me something based on whatever I do in it.
It was my final straw as well.
Edit: and it hasn’t really been bad either. The shader compilation after every gfx driver update is a bit annoying. That’s about it.
I’ll probably run into something at one point. Like some anti cheat that doesn’t work and is preventing me from playing the game.
Which distro did you end up on? I’ve been looking into them and after using steamos on my deck, I think I will go with Bazzite kde
I ended up with nobara. I might give bazzite a go at one point, but more out of interest. Nobara is treating me just fine!
Edit: and it hasn’t really been bad either. The shader compilation after every gfx driver update is a bit annoying. That’s about it.
If it’s shader compilation under Steam, turn it off in settings. With advancements in graphics drivers and Proton, it really isn’t needed anymore.
I disabled it about 12 months ago and haven’t noticed any difference in performance whatsoever.
