Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)
Ok, so this is a Lemmy post that links a r/ailess post that links a r/privacy post that finally links this Ars Technica article.
Why not just link the Ars Technica article to begin with? I don't think there's any good reason to link all these separate chained discussions.
This. Please collectively downvote. This sort of thing is the proper use of the downvote button.
There's even the cross-post feature!
You linked to a shitty website that blocks hardened browsers instead of the article on Ars. Downvoted.
Please re-post with a link to the actual article.
At first glance, the Recall feature seems like it may set the stage for potential gross violations of user privacy. Despite reassurances from Microsoft, that impression persists for second and third glances as well. For example, someone with access to your Windows account could potentially use Recall to see everything you've been doing recently on your PC, which might extend beyond the embarrassing implications of pornography viewing and actually threaten the lives of journalists or perceived enemies of the state.
Despite the privacy concerns, Microsoft says that the Recall index remains local and private on-device, encrypted in a way that is linked to a particular user's account. "Recall screenshots are only linked to a specific user profile and Recall does not share them with other users, make them available for Microsoft to view, or use them for targeting advertisements. Screenshots are only available to the person whose profile was used to sign in to the device," Microsoft says.
This sounds very much like on of those claims that has an invisible "for now" attached to it. It's always going to be a slow roll out with these kinds of things.
Can't wait to see 3rd party software trying to use this to "improve your experience" while using their app.
I've been using Linux for near enough a quarter of a century as my main desktop and I haven't regretted it yet.
Linux today is plenty easy to use today for a non-technical audience, runs with less resources, has global communities, comes in your language and it's free.
I hear you.
Being able to search and read was the hardest part (read as not at all difficult)
99.9 % of my computer usage is FF and libreoffice.
Other than (maybe) initial setup there is nothing stopping “your mom” from being able to have Linux as a daily driver.
Microsoft is for some reason $$$$ shooting them selves in the foot they seem hell bent on making windows unusablely crappy. Oh look enshitification.
Case in point, my late 50s father was recently fired from his job of 36 years. They told him not to return the ancient E series thinkpad they had given him as an email checker, but wouldn't give him a password to be able to use it. After finding the bios wasn't locked I chucked Debian on it for him and he's been using it for months to send applications with only a light introduction libreoffice and some minor tinkering with system settings to make it feel more familiar.
You are a good kid. Kudos.
I thought that surely it couldn't be that bad. But...
"Recall uses Copilot+ PC advanced processing capabilities to take images of your active screen every few seconds," Microsoft says on its website. "The snapshots are encrypted and saved on your PC’s hard drive. You can use Recall to locate the content you have viewed on your PC using search or on a timeline bar that allows you to scroll through your snapshots."
So it's a security camera pointing at your screen, but with AI involved.
Honestly though, this sounds like the kind of thing you could hack together with a shell script and OCR on a *NIX system in an afternoon. Cronjob to take screenshots and run them through OCR, keywords to a database. Add hooks to your window manager to take additional screenshots on relevant events (change desktop, application opens/new window on screen, etc.).
bUt iTs Ai InTeGrAtEd
"Encrypted"
It must be secure if it is encrypted. The problem with the Microsoft secret storage is that they key is on the disk.
For individuals, yes. For organizations, no. Orgs who know what they're doing use a HSM for their data encryption. Thus the title of this post is inaccurate.
But from the consumer side, I am absolutely never going to buy a "Copilot Plus" device, whatever that is.
You may not get much of a choice.
Your username is becoming more and more relevant daily
Funny how that possibly happens
This sounds a LOT like the plot of a terrible 90's movie that was thinly veiled to portray MS as a mini-surveillance state, with some murder thrown in. I'll try and find it.
Edit: Released in 2001, it was 'Antitrust'. I remember it being bad, but not good-bad like 'Hackers'
That sounds familiar. I was thinking of one called something like Sawfish? But maybe Antitrust is what I’m thinking of.
'Swordfish'. I don't even know what in the hell that movie was supposed to be, but it was basically Hugh Jackman as Wolverine as "Hacker", but just filled with ridiculous nonsense.
Great episode of 'How Did This Get Made' going over it. Worth a listen.
Can't view the post without the reddit app, have a direct link to the actual article?
Soon it'll be safer to use a Chinese Linux distribution than Windows.
Red Star OS ftw.
That's northkorean I think.
I know, but NK politically isn't that far away from PRC.
I recall a statement from an article I've read several years ago on the presentation of Will Scott, a professor who has been in NK, at 31C3 2014.
Als sich Scott Root-Zugang verschaffte, fand er ein für Normalnutzer unzugängliches Programm, das die komfortable Einrichtung verschlüsselter Datenträger erlaubte. "Das ist interessant, wenn ihr einen AES-verschlüsselten Datenträger braucht, an dem die NSA garantiert nichts manipuliert hat", scherzte Scott.
When Scott gained root access, he found a program inaccessible to normal users that allowed the convenient setup of encrypted data carriers. "That's interesting if you need an AES-encrypted data carrier that the NSA is guaranteed not to have tampered with," joked Scott.
I know, but NK politically isn’t that far away from PRC.
After the Covid lockdowns there is a saying in China:
We thought that North Korea is our past, but now we know it's our future.
most likely it will be a group policy which most it departments will turn off anyway.
Don't be so sure! For a few percents off the price some greedy executives would give anything to Microsoft (and/or others).
Its kind of crazy how that works. Microsoft is blinded my success in many ways.
here's hoping. would be a nightmare if it somehow reached the healthcare industry
At public services too, like schools and hospitals, where admins mostly couldn't care less?
For now...
Seriously though why do they do this to us. Before you know it Windows will be tied to Azure with no local AD.
Is this windows 11 and up or windows 10 as well?
The Windows 10 equivalent, Timeline, got discontinued in 2021. At this point in time it is unknown whether Microsoft will retrofit Recall into Windows 10. Knowing Microsoft it is safe to assume they’ll try anything for profit.
Ars Technica reports Microsoft will add AI to Windows, to steal your corporate secrets
Look, I think it's a dumb feature and a dumb direction for Microsoft to head so deep into (AI and the whole Copilot branding). But that title is a downright lie and not supported by the article at all.
The article refutes your title in the 5th and 6th paragraph. Did you link to a reddit post rather than the article to make your title more clickbait? Come on, that doesn't foster actual discussion. You can do better than that.
To quote Microsoft themselves on the feature;
"No content moderation" is the most important part here, it will happily steal any and all corporate secrets it can see, since Microsoft haven't given it a way not to.
No content moderation means it ISN'T reading the screen.
It's screen shots saved to your hard drive just like when you hit the print screen key in Arch. It's a stupid feature but saying MS is stealing everything because of this feature makes no sense.
I appreciate the content there, but the second sentence refutes exactly what you're saying.
That data may be in snapshots that are stored on your device
Cast or put doubt on Microsoft security, or their privacy practices. That would be a great conversation starter as a post. But without evidence of wrongdoing the post here is a non story.
An example that would be notable is: "Packet sniffing reveals that Recall is sending image hashes to remote servers". That would be a big story that could then appeal to the title of this post. But the Ars article, and even that screen shot you posted is nothing like that.
There's a reason reputable news sites don't report on things that don't happen. Its because that's not news. So back to the reference to the title of this post: "to steal your corporate secrets" is just blatantly false!
You can turn off a lot of it with group policy. I would also do testing on the desktop so you can stay ahead of the antifeatures.
Edit:
I like this line:
Recall won't take snapshots of InPrivate web browsing sessions in Microsoft Edge
My problem is, even if it's encrypted, only local blah blah blah, if your Microsoft account is compromised, what then?
I worked on account services for msft. The amount of people with compromised accounts is astounding.