this post was submitted on 23 Nov 2024
1 points (100.0% liked)

Privacy

6 readers
7 users here now

Everything about privacy (the confidentiality pillar of security) -- but not restricted to infosec. Offline privacy is also relevant here.

founded 1 year ago
MODERATORS
ciferecaNinjo@fedia.io
1
Remember Microsoft's Recall? The first implementation was never released and was met with strong criticism from privacy advocates and the infosec/security community. Guess what? Microsoft has doubled (mastodon.social)
submitted 3 months ago by nixCraft@mastodon.social to c/privacy@fedia.io
28 comments fedilink hide all child comments
 

Remember Microsoft's Recall? The first implementation was never released and was met with strong criticism from privacy advocates and the infosec/security community. Guess what? Microsoft has doubled down, and its controversial Recall scraper is finally entering the public preview stage. If you care about privacy, please think twice before using this on your AI-enabled PCs (Snapdragon-powered Copilot+ PCs) https://blogs.windows.com/windows-insider/2024/11/22/previewing-recall-with-click-to-do-on-copilot-pcs-with-windows-insiders-in-the-dev-channel/

#privacy #infosec #security #windows11 #DoNotWant

top 28 comments
sorted by: hot top controversial new old
[–] piepants@famichiki.jp 1 points 3 months ago

@nixCraft@mastodon.social I love Recall. It was the final straw that caused me to permanently uninstall Windows and move to Linux full time!

[–] sidepony@eldritch.cafe 1 points 3 months ago

@nixCraft@mastodon.social It's not just Snapdragon PCs anymore. Both Intel Core Ultra 200-series (Arrow Lake and Lunar Lake) as well as some AMD Zen 4 and Zen 5 processors now come with NPUs that are expected to be Copilot+ rated sometime this month. (Microsoft is probably waiting on this to happen for the production launch.)

[–] EverydayMoggie@sfba.social 1 points 3 months ago

At least you can uninstall it now.

@nixCraft@mastodon.social

[–] trantion@masto.ai 1 points 3 months ago (1 children)

@nixCraft@mastodon.social Wait, you have a choice about using it? At least that's an improvement I guess. I figured the best thing for now was to tell everyone not to buy a Copilot+ PC

[–] nixCraft@mastodon.social 1 points 3 months ago (1 children)

@trantion@masto.ai It gets enabled every update tho and MS hope that you will forget about it ;) LOL

[–] ratel@mastodon.social 1 points 3 months ago

@nixCraft@mastodon.social @trantion@masto.ai yes that's the trick. If it can do something dangerous, it IS dangerous, even if disabled or carefully tweaked. My second point is: everytime we tolerate a new feature, we allow it to become something ordinary. It's not a problem if something simply useless becomes the norm. It is a problem if it's not just useless but dangerous. That's what happened with food delivery.

[–] debby@hear-me.social 1 points 3 months ago

@nixCraft@mastodon.social The Windows operating system itself is a form of malware, perpetually infecting and compromising computers...

[–] rejzor@mastodon.world 1 points 3 months ago

@nixCraft@mastodon.social The first thing I'll do is disable this thing. Thie thing is a huge liability, for Microsoft hoarding my data and 3rd party apps accessing snapshots.

[–] GoatsLive@mastodon.social 1 points 3 months ago

@nixCraft@mastodon.social There was never a better time for the general public to start using #Linux!

[–] nixCraft@mastodon.social 1 points 3 months ago (5 children)

Recall takes a screenshot of a user's desktop every few seconds and then uses on-device AI models to allow a user to retrieve items and information that had previously been on their screen. This caused controversy, with experts warning that the feature could be a "disaster" for security and privacy. Yet, it is now rolling out. I guess there will be no hack or bugs that will leak this info on screen. Right? LOL.

[–] Erklaerbaer@mastodon.social 1 points 3 months ago

@nixCraft@mastodon.social when MS mentioned proudly it will be as safe as windows, I knew what to expect

[–] JaxxAI@floss.social 1 points 3 months ago

@nixCraft@mastodon.social can't it be disabled though? Like opt out? I wouldn't want it sifting through my files. Well, not so much of an issue for me, on a Mac right now, main computers are Linux but for work I do have a Windows machine so I guess its works problem, not mine.

[–] jgrg@mstdn.science 1 points 3 months ago

@nixCraft@mastodon.social I find it really worrying that this breaks the assumption that there is no security risk showing sensitive information onscreen to a fully authorized user.
(Plus the computational inefficiency of taking screenshots and turning them back into text.)

[–] WinNT4@mastodon.social 1 points 3 months ago

@nixCraft@mastodon.social Honestly, we've needed a tool like this for ages now, it's not like anyone's web browser has a "history" tab of some sort... oh, wait

[–] Erklaerbaer@mastodon.social 1 points 3 months ago

@nixCraft@mastodon.social there will be no opt-out because it will be opt-in.
In companies, employers can only deactivate it for their employees but not activate it remotely.
There appears to be an option to delete it entirely.
And access to the stored data is only granted using Hello.

[–] Erklaerbaer@mastodon.social 1 points 3 months ago* (last edited 3 months ago)

@nixCraft Remember: This is the company which stores your email passwords from outlook in their cloud unencrypted. Not only from ms accounts but also your gmail, gmx, hotmail, etc.

[–] GnarlyBear@mastodon.social 1 points 3 months ago

@nixCraft@mastodon.social I honestly knew that they were not going to back down from this

[–] nixCraft@mastodon.social 1 points 3 months ago (7 children)

Repeat after me: Snapdragon-based PCs (or laptops) are only safe with Linux or BSD operating systems. They are unsafe with Windows 11 and its Recall feature, even for gaming or other purposes.

[–] el_oscuro@mastodon.social 1 points 3 months ago

@nixCraft@mastodon.social I have a sweet system76 rig which I play starfield while running an Oracle database

[–] laxsill@social.spejset.org 1 points 3 months ago

@nixCraft@mastodon.social this made me switch to a Linux system

[–] Methylcobalamin@mastodon.social 1 points 3 months ago

@nixCraft@mastodon.social Does Recall require special hardware that Snapdragon brand computers have?

[–] evilworld@mastodon.uno 1 points 3 months ago

@nixCraft@mastodon.social why are they unsafe?

[–] dgar@aus.social 1 points 3 months ago

@nixCraft@mastodon.social how unsafe?

[–] pino@social.cologne 1 points 3 months ago

@nixCraft@mastodon.social Why? And what does 'unsafe' mean in the context of gaming?

[–] noahm@chaos.social 1 points 3 months ago

@nixCraft@mastodon.social With that said, I suspect they make pretty great Linux machines.

[–] beepcheck@fosstodon.org 1 points 3 months ago

@nixCraft@mastodon.social i have to run Windows sometimes for work, so i run it in a docker container

works a trick and allows me to sandbox

[–] javalps@mastodon.social 1 points 3 months ago

@nixCraft@mastodon.social Yea ! I switched to #Fedora #Linux. What the hell is even #Microsoft ?

[–] SpaceLifeForm@infosec.exchange 1 points 3 months ago

@nixCraft@mastodon.social

It is prudent to just avoid Windows in the first place.