It just clicked in my brain. What I haven't been able to articulate about why I'm so anxious about #Windows Recall. I'm sure others have already gotten to where I am.
It's worse than "a system that tracks everything you do" and stores that info in a basic database that could be easily compromised.
It's worse than a nanny surveillance tool for companies to spy on their employees.
It's inescapable.
It doesn't matter if I make a dozen "how to disable recall" tutorials. The second YOUR data shows up on someone ELSE'S screen, it's in THEIR recall database.
It won't matter if you're a master #security expert specialist. You can't account for EVERY other computer you've ever interacted with. If a family member looks up an old email with your personal data in it, your data is now at risk.
If THEIR system is compromised YOUR data is at risk.
I just went from "vague feeling of unease" to "actively writing templates to canvas elected officials, regulators, and attorneys general."
reshared this
Droid Boy :coolified:
•wizzwizz4
•Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.
Kevin Beaumont (DoublePulsar)Droid Boy :coolified:
•Droid Boy :coolified:
•merlin / alex glow
•@droidboy @helgztech It's an almost literal Pandora's box.
Inside may be any/all of someone's most private info, & anything their contacts have ever shared.
MS may claim that the lock they built is so strong that no one can ever break it.
But anyone with the barest hint of security experience knows that's laughably naïve.
And no one's laughing.
And we can't opt out.
Why build the box?? Everyone hates it except surveillance capitalists.
Chirayu :verified: :flipboard:
•SomeGadgetGuy
•FoolishOwl
•@mountdiscovery Microsoft depends on institutional clients, especially government agencies, many of which have stringent legal rules about access controls. There's no way Recall can be compatible with those rules.
What's astonishing me right now is that I would have expected a whole lot of Microsoft's clients to push back, "We'll have to stay with Windows 10", but I'm not seeing any hint of Microsoft backing down.
Chirayu :verified: :flipboard:
•@foolishowl yup, and even though this feature is only available for newer PC with NPUs folks already hate this feature. No way it rolls out in the near future.
Microsoft should just fork Windows for consumer and professional i.e enterprises
A new OS from the ground up with all these gimmicks and Co-pilot bloatware and the other the continued legacy OS that is still compatible with all kinds of software and services.
gigantos
•@mountdiscovery @foolishowl how can it not ship?
Machines are rolling out of shops on June 18th. No way they are not already tanked with the shipping version. Hardware release is a slow process, you can't roll back on a whim.
FoolishOwl
•@gigantos @mountdiscovery I get a lot of advertisements from Lenovo, and all their new laptops have NPUs.
Intel has been saying that going forward, all their processors will have NPUs. I haven't looked as closely at AMD, but I know they're advertising gaming laptops with NPUs.
I think we have to treat hardware made after 2023 as unreliable. Probably after 2022 as well.
Also the Linux Foundation and OSI have public AI projects, and Red Hat, so I expect the Linux kernel will enable NPUs.
mnemonicoverload
•NullDott
•mnemonicoverload
•FoolishOwl
•Chirayu :verified: :flipboard:
•@foolishowl yes they are...
NPU becomes a great marketing tactic and differentiating factor from other chip manufactures.
gigantos
•Billy Smith
•@foolishowl @mountdiscovery
When chatting with colleagues from the London Tech-Financing meet-up's about this, they said that people from UK financial regulator are already investigating. :D
From the initial conversations, it sounds like no regulated industry will be able to use this, so that cuts out 80% of MS's most profitable corporate clients. :D
F4GRX Sébastien
•Misuse Case
•@foolishowl @mountdiscovery >> Microsoft depends on institutional clients, especially government agencies, many of which have stringent legal rules about access controls. There's no way Recall can be compatible with those rules.
It’s incompatible with rules in the government and most regulated industries (including healthcare). It also screws with records management.
1/2
Matthew Loxton
•@foolishowl
Right
Institutional clients including the justice system, hospitals and healthcare, research and development, and military.
@SomeGadgetGuy @mountdiscovery
FoolishOwl
•@mloxton @mountdiscovery And as much as I advocate for the use of Linux, and for that matter, for radical social change, we're talking about institutions that people depend upon for their lives, and I can't see them all completely overhauling their internal processes overnight. Microsoft must fix this.
It reminds of Bruce Sterling's discussion of Bell Telephone being at once a for-profit company and a public service, a contradiction that was resolved badly.
Matthew Loxton
•@foolishowl
Yah, either MS fixes this and makes it an option with the default setting of "NO!", or institutions are going to just create scripts to delete images as soon as they are captured
@SomeGadgetGuy @mountdiscovery
silverwizard