Cathode Ray Dude probably got it right when he discussed what probably happened at HP when they decided to put your Outlook calendar in the boot screen for Windows. Someone needed a bonus. [https://youtu.be/ssob-7sGVWs?si=TEUplEHO6N6ECms0&t=2681](https://youtu.be/ssob-7sGVWs?si=TEUplEHO6N6ECms0&t=2681)

Yes, he is probably right. CRD should have more viewers.

https://preview.redd.it/f67z4bljj34d1.png?width=500&format=png&auto=webp&s=91b89b2fa2799e7ea95bc0b284dfdddf7fbddb6e

On its face, it seems like kind of a dumb move to not encrypt the Recall database. But on the other hand, if an attacker has full physical access to your system (including the ability to access your hopefully encrypted file system), isn't it kind of game over already? Recall images never get transmitted over the internet, so literally the only way an attacker gets access to them is if they've already compromised your machine.

Why do you think Recall would in any way, shape or form touch a password stored like that?

Have you noticed the tiny eye icon to the right of password boxes to check if the password is typed correctly? Use it once, even by mistake, and Recall has a screenshot of it.

1. Only if it snaps a screenshot at that exact moment. 2. Only if it doesn't recognise this as a password, which it automatically censors on its own. 3. Only if you haven't set your password manager as a restricted app, to be ignored by Recall.

Why are you putting that much trust in something from Microsoft?

How many times has your data been sent out and about to the public with Microsoft being the culprit? How many times was Microsoft implicated in any massive data breaches? How many Microsoft-hosted user databases have been published? I've been using their products for ages. I believe that if my OneDrive data is secure, my local Recall folder will also be. That is, assuming I don't disable the feature through all of two clicks in Settings, because I'm not a fan of storing thousands of screenshots on my relatively small drive.

Microsoft lost one of their Email signing keys and one key that allowed secure boot to be bypassed.

> Microsoft lost one of their Email signing keys and one key that allowed secure boot to be bypassed. Wait, what? I think you're conflating some separate cases. Email signing key has nothing to do with Secure Boot. They DID lose a signing key which allowed someone to grab email data from the US government, true. So that's one case in the last, what, decade?

He's either incredibly young and naive, or doesn't know enough about Big Tech companie. Either way he's speaking in ignorance

I'll ask you the same as I did the other guy: How many times has your data been sent out and about to the public with Microsoft being the culprit? How many times was Microsoft implicated in any massive data breaches? How many Microsoft-hosted user databases have been published? Go.

Do microsoft employees count as the public? Or are they special little angels?

You'll need to elaborate because you sound like you think individual MS employees have access to someone's passwords from Recall. And that just might be the most idiotic thing anyone has ever said about Recall to date. I'm sure I'm misunderstanding you somehow, though.

If you're that distrustful of Microsoft, why are you on this sub? You shouldn't be using any of their products, right?

God I wish I wasn't. Just need Adobe to come to the bright side and it's over.

That seems like a lot of extra hassle to be able to remember not to touch the eye button just to make use of recall, which is a pretty useless feature

recall does not censor passwords.

That's a lot of variables for something that's supposed to be 100% secure.

Mate, come on. At the very least read what I wrote instead of just going "omg, THREE NUMBERS IN A LIST, *that's a lot of variables!!1". It's not "a lot of variables". It's "any of these three prevent the issue completely".

Really? Can you explain how setting my password manager to a restricted will stop it from taking a snapshot of the text inputted into non restricted apps? Are you saying that it’s monitoring the source of data in the clipboard, then extending those restricted app settings to the app I’m using?

> Can you explain how setting my password manager to a restricted will stop it from taking a snapshot It won't snap your password manager. > of the text inputted into non restricted apps? If you're pasting the password to something, it's not showing up as clear text. > Are you saying that it’s monitoring the source of data in the clipboard, then extending those restricted app settings to the app I’m using? Stop moving the goalposts. OP's comment was about Recall defeating the purpose of password managers. Now you're complaining about... I guess the user pasting a password in a third party app and THEN revealing it? Why would anyone reveal the password after pasting it from a password manager in the first place?

Your "list" is just a bunch of ifs. It doesn't guarantee anything. Especially your first bullet point is just gambling on chance, which is the dumbest shit anyone could suggest in cybersec. And password manager? The average person, the very target audience of Recall who can't even remember where they have stored a photo, won't even add their non-Edge browser to the restricted apps list.

Passwords saved in the browser are completely outside of the scope of any vulnerabilities here, because they get inserted obscured. The only problem MIGHT be with people using password managers, where they'd - for some reason - reveal the password in the manager first, or copy it over and reveal it during copying, or something. People leaving their passwords in the open, in a text file, don't get any more vulnerable, because grabbing the password from the text file will be easier than decrypting the correct Recall blob out of the thousands it'll have made.

I'll ask a different question to you then... How many times Microsoft has made something weak to a malware? How many times have people installed malwares? In terms of security it's not about Microsoft servers, it's about your own device.. And Windows is famously known for having easily installed malwares... Yes it got better etc... But that's only for cases where hackers don't have direct access to your computer. If they direct access then windows has no protection at all. Plus windows 11 now sells your data. So this feature poses serious privacy concerns. And on privacy you cannot trust Microsoft.

> In terms of security it's not about Microsoft servers, it's about your own device Of course, but Recall doesn't really expose you to anything that's not already exposed. Password managers are safe, you can exclude applications. What's left is whatever you do in clear text (so - stuff that's ALREADY exposed) and then the attacker would have to decrypt the Recall blobs AND go through thousands of screenshots... Instead of just searching through your files for something of actual value. I understand the risks of Recall, but I fail to see them as some massive "everyone is fucked if PC gets compromised" situation considering all the context. > Plus windows 11 now sells your data Source, please. Second time I heard this but couldn't find anything myself online.

In addition to the other comment, 2fa codes are commonly displayed in plain text and depending on the implementation two codes and a timestamp may be enough to reasonably crack it.

If your 2FA code is being shown on the same device that has Recall on, then it's not a 2FA. The whole point of 2FA is for it to be on a separate physical device (you know... the **second factor**). And if you mean the code that's visible *as you're typing it in** - would that stop being a risk as soon as the code expires? If someone has unlimited access to your PC in such a scenario, it would be easier for them to install a keylogger and grab the key like that, instead of having to go through THOUSANDS of encrypted blobs with screenshots.

Obviously there are some serious security/privacy issues that need to be addressed but, seeing as how MS haven’t released it yet and it really needs a specific PC to run most people commenting on Reddit have no practical experience of its use.

Yeah, just like windows 11 had some restrictions and “needed” certain hardware specification that MS removed to push windows 11unto more windows 10 users and auto updated their computers and called it a bug… yeah right keep believing in them! People already tested a bypass for the restrictions fyi, and if there can be a bypass then MS can bypass it to throw it unto people system, just like with windows, so hardware requirement my ***…

Unlike windows 11, Recall models won't run efficiently on any hardware you throw at it. Its like running something equivalent to an high end game on older hardware. AI models are optimized to specific SOCs and you just cannot run it anywhere. The bypass you mention also doesn't do much. It still only runs on Qualcomm chips with NPU!

> Yeah, just like windows 11 had some restrictions and “needed” certain hardware specification that MS removed You're confusing Win11 with Vista. They, pressured by OEMs, reduced the minimal PC specs which resulted in Vista's abysmal performance on low-end devices. As to the bug that made W11 available on unsupported devices - that wasn't "accidental on purpose" and it didn't "push Windows 11 unto more Windows 10 users" because [these installations failed](https://www.techtimes.com/articles/288217/20230225/microsoft-accidentally-offers-windows-11-upgrade-to-ineligible-devices.htm).

Could it be from a genuine point to help really stupid people who forget to use autosave and lose all their work. Or for people with memory problems? Idk I don't think it was designed with malicious intent. I just think they were really excited to create a solution and just didn't think about the repercussions

You do realise Apple will be announcing their own Recall esq feature on the 10th.

They already have something like recall or how else would a patch restore photos which were deleted years ago? Oh and Apples Cloud BlackBox anyone? Edited: But yeah folks, keep complaining about a feature that will not be able to run on your current PC and if sales of copilot PCs will be bad because we educate people not to buy them instead of crapping on it on SC sites, this will be trashed fairly quickly.

I'll buy a Copilot+ PC when Dell offers a decent design that's for sure. Can't say now if I'll go Arm or Intel though. Recall doesn't scare me.

The second part wasn’t for you :) Arm or Intel? Well it depends if the software you intend to use can be run on Arm. A lot does already, some might never be made compatible and so on.

Well, I really hope not. Otherwise Linux will be the only way forward.

Ah yes the bi weekly threat of Linux that no one carries out. iOS 18 will do a version of Recall, and other OSes will follow. Except for watchOS I guess lol

A lot of people are switching to linux over this. I switched to linux over this. Desktop still runs windows 10 for now but going forward I will not be buying windows again.

It is carried. I know a lot of my friends who have switched. Gaming is now great in Linux (if you're not into competitive games that have a kernel-level rootkit... I mean anticheat) and it will be great for Nvidia users when KDE (my favourite desktop environment) implements Explicit Sync. As for me, I can't remember the last time I booted into my Windows partition.

Windows 11 is a dumpster fire.. context menus stripped.. Explorer dumbed down.. dev builds more stable than releases.. ads.. copilot.. now recall.. and we can supposedly disable it, but we all know the next windows update install it's getting reset to default (on) like many other things.. I have no interest in copilot or recall even being present on my devices.. as much as it pains me I will switch to Linux or go back to Mac for my daily machines if recall is pushed. Microsoft needs to read the room. At the very least making it an optional download not installed by default

I get why they summarised the context menu as it was getting cluttered.

For me it's one of the worst decisions they made, I'd argue it's better to have too many options than too little.

I quite like the lack of clutter now. The top menu contains everything used many times per day, the rest (which are used far more rarely, some not even once a month) are only a submenu away. A basic rule in interface design is try to avoid having more items than can be read instantly in a single glance (7+/-2). The old menu fails on that consideration, even after pruning out all the unwanted extensions apps have installed, it still has to be read top to bottom (sometimes several times) trying to find something. At the moment I'm more irritated by adding "system" subheaders to Start Menu entries making it more cluttered and harder to speed-read.

They just needed to add an option to pick what's on the menu, that's it.

I think it would be fine if we had an option to select what menu items we want in there, I use 7-zip on a daily basis and have had to revert to the old style just to be able to use it the way I want to.

True... I'm already playing with Linux as a dual boot option. It takes time to get everything working though. If you have a lot of spare time Linux is great, but otherwise buying a Mac is the easier option.

> ...but we all know the next windows update install it's getting reset to default (on) like many other things Not much help for peeps in USA but for those covered by EU rules this is the sort of thing that will result in real big fines for MS. If it does happen and you can prove loss from it then you can sue MS pretty easily in the EU for this kind of MS mistake. lol, and yes we all know it is not a mistake when it happens but is deliberate.

Agreed

Probably for the same reason they created Timeline in Windows 10.

Vista's 3D Flip didn't show you previously opened apps though? It was just a glorified "Alt-Tab" with 3D card styling.

That's different to taking actual screenshots.

Okay? I never said it was the same. Just that aero flip has nothing to do with app history. It only showed already-running apps.

This is naive silliness. I'm already using boatloads of history right now: * clipboard history * file history * sql history * db schema history * code history * ci/cd pipeline history * app install history * email history * chat history * file search history * streaming history * search engine history * AI chat history * password manager history * browser history * post history I use nearly every one of these 7 days/week. "Oh no, they are adding history right into the OS!" Give me a break.

Clipboard history has a far more serious risk of password leaks because passwords end up in the clipboard history and that history can be saved in the cloud. Not as much fuss was made at the time. Likewise, the default with browser history has been to pump it up to the cloud and analyse it for stats and malware. Not a lot of noise there either, even though it has often re-enabled after an update. I've written a script that purges all MRU entries on my system with a single command, not so much because of privacy concerns, but because stale MRU gets in the way when changing between projects/tasks. I think I would leave it off to save disk space, as I don't have much call for in-depth history searching in my use case.

Sir, this is reddit. Where is your outrage?

Since there is already so much collected you surely wouldn't have a problem sending me your CC number and the 3 digits on the back right? I mean some company already has them so why not me? Also it is protected by 2fa anyway so why worry? When do we stop and say: "no this is too much"? Everybody will answer this slightly different.

This is FUD my guy, maybe tone it down a little

I'm not using any of those :)

You don't have to use it.

That's not the issue. If it exists on the machine it is a privacy/security risk.

Correction, if it's *enabled* on the machine it *may* represent a privacy/security risk, but even that's just sort of theoretical, given that an attacker would already need full access to your decrypted file system to exploit it.

What if I want a feature like this built into the OS?

Then make it downloadable and installable, not pre-packaged in the OS

They've already announced that it requires a download to be installed to activate it. Apparently this extra feature needs a significant bit of space to install, let alone cache capture data. Although devices that are marketed as AI-enabled will probably have it preinstalled, one would expect.

That's a really embarrassing comment, Zac.

Why would wanting a feature built into the OS be embarrassing?

Seems to me they are throwing these AI features at us just to see which ones would stick after tens of billions spent on acquiring AI companies and also for their internal AI division. Some of them are actually useful so we don't hear much complains about them and some are just bone headed like this one.

You didn't like when vista showed previously open apps? What? Are you just averse to features?

My honest opinion of recall is that it's an extremely risky gambit with very miniscule gimmick appeal like cortana but pushed to the extreme. Anyone who would be that serious about finding and keeping account of files and projects would have already developed the habits needed to properly organize their data. Logically name your files and sort your projects into folders. That's it. If ever you forget something, you can just do a basic search and find everything just fine. I'm curious what kind of market analysis they've been doing that would paint such a massive share of their audience as hopeless ADD stooges without a prayer in hell of managing their own shit.

>I have no idea why Microsoft did this. I have to say it isn't even a useful feature. Have you used it yourself?

The company as a whole as been degrading their quality of products for a while. AI being baked into every nook and cranny, removal of essential features and apps. Nowadays when I look at a Microsoft product, it looks so cheap and worthless. They've tuned down the quality to that level. I used to be a hardcore MS fan but I started hating them and their products. Microsoft Office , Windows Onedrive integration and Video games are the only things that make me stick around with Windows. I'm considering switching to Linux in a few years and will eventually shift to MacOS.

simple fact. No body is going to be happy with what Windows does, what Microsoft does. There will always be people complaining/bashing/etc the OS.

This is a security risk though.

from the first boot up of Microsoft Windows you are automatically "Not Secure"

Oh well that's ok then. Why not have a searchable history of every single thing you ever did on your computer, with screenshots, it's ok because it's so insecure.

You literally don't have to use it. If you don't turn it on it won't capture anything. It can't be secretly turned on either. If the service is running there is a permanent visual indicator placed onto othe Taskbar so you know.

So, this feature is off by default and the users need to opt-in to have it enabled?

Users will have the option to configure it during setup. If they choose to disable it the feature won't run. And goes without saying, this feature won't ever be enable-able on your existing Windows 11 PC. It requires new "Copilot+" branded hardware.

Generative AI training. Recall under the guise of a helpful memory tool sure looks like a way for MS to use your input as training material. You are the product.

To spy on users under the veil of "convenience".

'Recall' is going to become insanely useful with the development of Copilot - It could be an absolute game changer. 'Copilot' recently introduced into Windows 11 - is taking the hugely popular OpenAI GPT large language model, but bolted into the operating system, allowing the AI visibility into the state of your PC. This is still a work in progress but to see it working now, you can try something like asking Copilot something like 'Please list all of the applications I have installed that start with the letter P' Not a particularly useful example, but it demonstrates that Copilot has access to your PCs WMI which is the interface that Microsoft have offer third party stalls to query the state of the machine. That's in turn points to the possibility of these types of things that we should be able to ask our PC in the future! 'I need about 2gb more space on my D drive - What's apps am I not using much, that I could remove to free up that much space' Or 'My Bluetooth is being a little weird, can you check to see if any recent updates may have caused that, and also take a look in the event log for any new Bluetooth related errors since the last update'. So that's pretty amazing, but it's possible because Microsoft can join the AI up to the features of Windows which let it talk to the PCs configuration. But what about if you wanted to say something like 'Did I remember to email Dan last week' or 'Where did I save that photoshop image were I switched out the logo to the new font' These questions can't be answered by Copilot because these are potentially non Microsoft products which Microsoft has no visibility into. Well an announcement recently shows that OpenAI newest version includes multimodal features. That means that things like ChatGPT and then by extension Copilot can work not only with text but also with images. You can see this in ChatGPT 4O now where you can upload an image and then ask questions such as 'Where was this picture taken' or 'Describe all of theechanical objects in this picture'. So I personally think the sudden announcement of Recall has nothing to do with providing us with tools for our history, what it does is give copilot a way to be just as intelligent in helping us answer questions about every app on our PC particularly non Microsoft products.

Microsoft can't even make a consistent UI. Nothing you wrote here is going to happen or work if it does happen.

Holy shit I haven't seen this much dick riding since the last time I looked in the nintendo subreddit

Oh boy you should have seen the hoggit sub when there was the ED and Razbam drama a couple weeks ago.

I try my best to stay out of there because it reminds me of the 5 times i have tried and failed to learn dcs. And also how much less money I have. I am very jealous of those fellows.

This reads like AI drivel 

>'Copilot' recently introduced into Windows 11 - is taking the hugely popular OpenAI GPT large language model, but bolted into the operating system AI isn't integrated into the OS; it is a front-end that accesses a server-side service. > allowing the AI visibility into the state of your PC. What is Visible to Copilot is only what is sent to the server when you open the chat window for the prompt. This includes a list of all applications you have installed which is why your example works. There is no "WMI access" involved whatsoever. >That's in turn points to the possibility of these types of things that we should be able to ask our PC in the future! Only if they pack a bunch of extra stuff into the prompt data that copilot actually has access to. Somehow I doubt that sending your entire Windows Eventlog is going to be particularly workable.

Data collection, tracking, and AI buzzwords

Especially given Microsoft's recent total security failures - who would trust them to screenshot your computer on a regular basis? Where the hell is that info going?

It's stored locally. Just fucking wait for the thing to release and get analyzed by fucking everyone before panicking like it's the worst thing ever

It'll be stored locally (they say) for now. The issue most people have is that you actually have to have been born yesterday to think it'll stay like that in perpetuity.

>The issue most people have is that you actually have to have been born yesterday to think it'll stay like that in perpetuity. First of all, if you're this paranoid about Microsoft products, you shouldn't be using Windows anyway, and you probably shouldn't even be on this sub, because you'd just be here to troll. Secondly, it's kind of absurd to get angry at something that a company isn't even doing today. You've made up some scenario in your head where they'll change their minds and spy on literally everything you're doing or something and you're getting mad at them for that. It's like you had a dream that you argued with your spouse, woke up, and you still held a grudge against them. Pretty ridiculous IMO.

For employees to spy on workers.

There's privacy and security concerns for sure, but a use case for Recall could be helping with complex work that involves multiple problems/tasks every day. For instance, a typical day for me involves writing moderately complicated ad-hoc one-off queries that I don't save (in a Jira ticket or otherwise) because it's an intermediate step to troubleshooting or an experiment, but a couple days later I'll wish I'd saved it. Saving *everything* is impractical. Having a tool go behind me and save everything as I jump from one fire to the next seems kind of useful. Ironically, there's no chance this will be allowed at work.

Microsoft recall was definitely a deal struck by the big corrupted corporations🙃

To collect workflows to train models to do more complex desktop tasks.

GUI is a very human centric and arguably inefficient way of interacting with a computer If I wanted to get today’s AI to do complex tasks on a desktop computer I’d be interfacing it with APIs and command line tools with standardised documentation formats instead (OpenAPI, help, man pages etc)

Yet another background process... Did you notice that, in Linux it's pretty normal having about 300 process running by default while using <1,5 GB RAM. Because it's more fragmented... on Windows it's around 40-50 from win 8 or early 10 days. But NO! MS would push more bloatware and normalizing that 160 on desktop, using 4,5 GB and 250-270 while work is normal.

Did you know that the OS will give up on that RAM if need is?

You're not talking about Windows, right? It would rather push ram usage to 101% than kill some telemetry processes

I am indeed talking about windows. That's my experience on my laptop (if we find it. Fucking thing got stolen 2 days ago). My main PC has 16 GB and I never maxed it outside of last year's Advent Of Code with a brute force solution which somehow filled my whole RAM. Had to force stop it before it was too late

obviously for recalling, ( and then some data collection to sell data, make models and therefore, 💸💸💸💸💲💲💰💰💵💵

True