Arthur T Knackerbracket has processed the following story:
After weeks of being excoriated by cybersecurity experts, Microsoft is making moves to address concerns over its new AI-powered computer history-saving feature: Copilot+ Recall.
Most notably, Microsoft is switching Recall from a default feature to one that requires a user to opt-in first. The company is making the change before Recall officially rolls out on June 18.
"We are updating the set-up experience of Copilot+ PCs to give people a clearer choice to opt-in to saving snapshots using Recall," wrote Microsoft Windows VP Pavan Davuluri in an official company update on the feature. "If you don’t proactively choose to turn it on, it will be off by default."
Last month, Microsoft announced a series of new AI-powered features coming to Windows. One central feature that the company announced was Recall.
Recall takes constant screenshots in the background while a user uses a device. Microsoft's AI then scans the screenshots and makes a searchable archive of all the activity history that a user performed. Which websites were visited, what a user typed into forms – nearly everything is saved.
Cybersecurity experts were immediately concerned. A prominent former Microsoft threat analyst who had hands-on experience using Recall called the feature a "disaster."
It turns out, Recall really does save pretty much everything including text passwords, sensitive financial information, private Google Chrome browser history, and more. And Recall saves it inside a database that can be easily accessed by a bad actor who gains remote control of a user's device.
Making things even worse, Recall was going to be a feature turned on by default, meaning users might not have even been aware of what was going on in the background of their device.
Thankfully, users will now have to opt-in to the feature, fully aware of what they are turning on and what Recall does.
Microsoft isn't just making Recall opt-in either. The company also announced that in order to enable Recall, users will have to enroll in Windows Hello, a security feature that requires users to sign in via facial recognition, fingerprint, or a PIN.
That same authentication will be required for a user to access or search through their Recall history timeline as well.
Plus, Microsoft says it's "adding additional layers of data protection." Recall snapshots will only be decrypted and accessible after a user authenticates. The search index database will also now be encrypted too.
Microsoft's blog post about the Recall security update also runs through a number of security-related provisions that were already built in, such as the screenshots only being available locally on the device. The feature already provided imagery to show it was being used – a Recall icon pinned to the taskbar on a user's desktop. However, many users would've likely been unaware of what the icon meant if Recall had just been on as a default.
The new opt-in option should hopefully make it crystal clear that a user is consenting to what Recall does.
Related Stories
Microsoft is having another whack at its controversial Recall feature for Copilot+ Windows PCs, after the original version crashed and burned amid scrutiny from security researchers and testers over the summer. The former version of Recall recorded screenshots and OCR text of all user activity, and stored it unencrypted on disk where it could easily be accessed by another user on the PC or an attacker with remote access.
The feature was announced in late May, without having gone through any of the public Windows Insider testing that most new Windows features get, and was scheduled to ship on new PCs by June 18; by June 13, the company had delayed it indefinitely to rearchitect it and said that it would be tested through the normal channels before it was rolled out to the public.
Today, Microsoft shared more extensive details on exactly how the security of Recall has been re-architected in a post by Microsoft VP of Enterprise and OS Security David Weston.
Previously on SoylentNews:
Microsoft Will Try the Data-Scraping Windows Recall Feature Again in October - 20240822
"Recall" Will Now Be Opt-In: Microsoft Changes New Windows AI Feature After Backlash - 20240610
Total Recall: Microsoft Dealing With Trust Issues - 20240609
Windows Co-Pilot "Recall" Feature Privacy Nightmare - 20240524
(Score: 5, Interesting) by looorg on Wednesday June 12 2024, @04:51PM
They should have marketed it as a free backup solution for all you data for the masses and nobody would have batted an eyelash at it except the privacy nerds. But those fuckers always whine about their precious privacy and security an such things ...
Now it will always been known as that horrific big brother technology that nobody wanted. But lots of people are probably going to opt-in, or some other features of windows won't work if you don't, so "click yes here and then forget about it". Cause your computer is now just like Minority Report or one of those cool sci-fi movies, that are not all dystopian warning signs. I don't think it matters of you have to login with your face and a pin and a password the first time or so to set it up. People in general will probably just do it to activate the new awesomesauce feature they never knew they needed or wanted ...
So this is how they will create that secondary massive porn database. Just waiting for Clippy to remind the user that they have not had their daily dose of barely legal teenage xxx yet ... Clippy can even schedule time in your calendar for 15 minutes of personal time, such a helpful assistant.
(Score: 5, Touché) by RamiK on Wednesday June 12 2024, @04:56PM (14 children)
Right?
compiling...
(Score: 2) by Reziac on Thursday June 13 2024, @02:17AM (13 children)
How to disable automatic updates:
https://www.windowscentral.com/how-stop-automatic-updates-windows-11 [windowscentral.com]
And there is no Alkibiades to come back and save us from ourselves.
(Score: 3, Informative) by RamiK on Thursday June 13 2024, @02:09PM (12 children)
Thanks but I prefer it my way: https://nixos.org [nixos.org]
compiling...
(Score: 2) by Reziac on Thursday June 13 2024, @02:21PM (11 children)
LOL, that's one way to do it.
...and I haven't tried this distro, must download...
[blink] Microsoft supports systemd ??!
And there is no Alkibiades to come back and save us from ourselves.
(Score: 3, Informative) by RamiK on Friday June 14 2024, @11:46AM (10 children)
I've used it near exclusively for over 10 years and it's the biggest linux distro nowadays (most contributors... most packages...) but it's very different from everything else (except for gnu guix) and has a steep(est) learning curve so you'll never hear of it since it's impossible to recommend for beginners unless they happen to come from a functional programming background or are experienced enough system administrators that they'll immediately realize the value of what it's doing.
Anyhow, though there's a graphical installer nowadays and an initial reference configuration file is generated for you, you should read the manual installation instruction first to get an idea of what you're getting into while paying close attention to the part about the .nix configuration file: https://nixos.org/manual/nixos/stable/#sec-installation-manual [nixos.org] https://nixos.org/manual/nixos/stable/#sec-configuration-syntax [nixos.org]
That should get you up and running with the traditional approach to nix. Technically, there's a modern and better approach to nix but it goes through learning the nix language properly so it's best left for when you have a stable system and a good idea of what you're getting in return for your time: https://nixos-and-flakes.thiscute.world/preface [nixos-and-flakes.thiscute.world]
compiling...
(Score: 2) by Reziac on Friday June 14 2024, @01:29PM (9 children)
Yikes. I understand the appeal, and in my youth I'd have probably enjoyed it (in the Olden Days of Manual Configs, I did silly things like chain-boot 3 different species of DOS) but nowadays I want a distro that Just Works. I love PCLinuxOS/KDE (tho I do not like the new installer Tex switched to... Drak was perfect defaults, two clicks, done) but it took me a lot of years to find a linux I could live with for everyday. My philosophy has become if it's more hassle than Windows, why would I use it?
But I'll still take a look at it, just because (when I have time... still mired in the annual battle with Jurassic Weedpark). So thanks for the heads-up!
And there is no Alkibiades to come back and save us from ourselves.
(Score: 2) by RamiK on Friday June 14 2024, @07:47PM (8 children)
I stick to it because it's the only distro that just works. Basically, everything, from the packages to the system deployment, is written in code. So, if there's a specific thing that doesn't quite work (some package was build with the wrong compile flag... you want to rollback / use a newer version / apply a specific patch to a given package...), you just write an override next to where you listed the package and it's applied when you pull updates. Like, it will literally download the sources, apply patches compile and deploy when you're doing a system update. And if upstream updates the package on their end at a later point and there's a conflict, it will give you an error with a proper trace on what's incompatible between your change and upstream's.
It's essentially a solution to all of linux's woes but it comes at the price of having to get familiar with the plumbing a bit. You can still use the graphical installer if you don't mind a bit of magic. But since the file system hierarchy is so different from other distros, I find it far better to manually partition and write the configuration file and then see how the installer just follows what you asked and copied the packages to the storage. Like, if you were a windows user with some f# background I'd tell you to just use the graphical installer since you wouldn't come with expectations and habits that need unlearning.
compiling...
(Score: 2) by Reziac on Friday June 14 2024, @08:24PM (7 children)
Actually, the biggest woe I have with linux is that I've learned not to trust the filesystem; when it errs, fsck likes to delete the most recent files. And to not let it write to an NTFS volume, because the fragmentation is nuts. Sacrificial drive between, or via the network and a Windows PC doing the copy and write to the archival drive, that's what I do now.
But as an everyday desktop, PCLOS rarely gives me any trouble, and the current install dates to Feb.2017.
That's good on the compatibility tracking. If I did a lot of installing of this and that, or coding work, I'd surely find it useful. As it is, I let Synaptic do the grunt work. :)
And there is no Alkibiades to come back and save us from ourselves.
(Score: 2) by RamiK on Friday June 14 2024, @09:58PM (6 children)
I don't have any of these issues with ext4 but back when I dual booted (over a decade ago) I definitely had similar issues with NTFS partitions on linux.
Between a few windows and linux desktops, smartphones, tablets and streamers, I ended up keeping almost all of my files on a (nixos) NAS serving cifs and nfs. I experienced a drive failure once due to mechanical issues but never had software related data losses otherwise.
Well, if it works for you then that's that I guess.
Personally, I found myself in a perpetual breakage cycle where I'd always in need of some package from debian unstable but pinning screwed my system so I switched to the rolling unstable only to find it's broken a dozen different ways AND still too old in many places so I'd try arch or fedora but by the time I got things barely working there was a major release and everything broke again... The cycle only stopped when I switched to nixos and could start fixing things myself.
But if being fair, I keep a vm with debian to build openwrt images and the likes since doing it the nix way would be too painful compared to just spinning a vm instance.
But yeah. If you don't need it and are fine otherwise, then there's no point I guess.
compiling...
(Score: 2) by Reziac on Friday June 14 2024, @11:03PM (5 children)
PCLOS is rolling, and I've come to prefer that. Seems to have fewer lingering difficulties. One of our forum rats took it from oldest version that would still run (2011 or 2012) to 2022 with only two minor excursions to the CL, so I think it's doing the job pretty durn well.
However, we are Firmly Advised to never install from outside our repository. My solution is in the rare case I need something not-in-repository, I just unzip the RPM and run it directly (desktop shortcut does the job), and the OS never knows it's there. Did you know there existed WinAmp for Linux? got it to run, tho it couldn't find the sound server.
http://doomgold.com/images/linux/snapshot10winamp.png [doomgold.com]
Always disliked Debian, tho I do sometimes use Fedora. Nowadays Fedora upgrades gracefully (mine has gone from v32 to v40 without incident, including a couple major skips) tho I remember when it didn't, and every version upgrade was always a full reinstall (which is against my religion). But I just had a Debian that's one version out of date refuse to upgrade, so it's a nuke and start over (fortunately the only thing worth saving is the wallpaper). This does not inspire love.
[Hotswap bay and a stack of little HDs = all the OSs I care to keep a copy of. One of my PCs has a stack of about 20.]
One of the weird things I've seen linux do is copy a bunch of files to the NTFS external drive, then suddenly decide the copy failed and delete everything in the directory, including all the files previously copied there. Nope, does not inspire trust... and as to fragmentation... blue files written by XP, red file (it's one file) by linux, in 2019. The file was broken and unusable.
http://doomgold.com/images/linux/fragmented.jpg [doomgold.com]
And there is no Alkibiades to come back and save us from ourselves.
(Score: 2) by RamiK on Saturday June 15 2024, @03:08PM (4 children)
That's not going to work in nixos since all the library paths differ. When porting binaries, the packaging system has a facility to change existing library paths by editing the binary using patchelf which simply rewrites the hard path strings in elfs to whatever you ask it to: https://nixos.wiki/wiki/Packaging/Binaries [nixos.wiki] https://github.com/NixOS/patchelf [github.com]
The autopatchelf thing is just a wrapper around this fella: https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/setup-hooks/auto-patchelf.sh [github.com]
e.g. it's how reaper is packaged from a binary: https://github.com/NixOS/nixpkgs/blob/nixos-24.05/pkgs/applications/audio/reaper/default.nix#L45 [github.com]
There's even windows binaries being packaged using wine all wrapped up seamlessly: https://github.com/NixOS/nixpkgs/blob/master/pkgs/by-name/sy/synthesia/package.nix [github.com]
That's the learning curve problem in a nutshell: There's facilities to automate all the crap you're used to doing to get your system running the way you want and you can write your own when they're missing but you need to do it in the nix language (well, really just bash scripts called by nix) so when something breaks there will be traces when updating and the likes.
p.s. you might be able to fix the winamp binary using patchelf if the reason it's failing to find the sound system is a broken link and the library it's failing to reach is still available in your distro and the ABIs haven't changed.
compiling...
(Score: 2) by Reziac on Saturday June 15 2024, @04:59PM (3 children)
For some unknown reason, for a while SeaMonkey wasn't in our repository. I didn't really expect the unzip-the-RPM trick to work, but lo and behold it did.
I like the idea of a Windows Blob rather than WINE, which I've had zero luck with (now I have XP in a VM for when I need Win-something). Kinda what KDE does to package its apps for Windows (I use some of those too).
My problem with all this mad-configs is that I'm not used to doing much to get the system running how I want it... I just do some cosmetic things to Plasma, add a few things that aren't default in our Kitchen Sink edition, and that's it. Makes a person lazy. :D
Gods know what the WinAmp-for-linux was looking for, it dates to 2001, and it was easier to just run WinAmp in the XP VM (or use Qmmp, but it's not the same). If you feel an urge to masochism....
http://www.doomgold.com/pcstuff/WinAmp/Winamp-Linux-3.zip [doomgold.com]
Found it in some back reaches of the official old-versions archive that used to be up (I think it's gone now).
And there is no Alkibiades to come back and save us from ourselves.
(Score: 2) by RamiK on Saturday June 15 2024, @08:57PM (2 children)
lol no thanks. If it was some productivity thing or game I would have bothered but for something as trivially replaceable as a music player... Anyhow, before I switched to using mpd & cantata I used to use audacious and before that... well, I can't even remember the last DECADE I used winamp :D
Note I've been blamed for having a somewhat challenged taste in desktops resulting in what I'd consider an inherent incompatibility with winamp's aesthetics: screenshot [data]
compiling...
(Score: 2) by Reziac on Saturday June 15 2024, @09:28PM (1 child)
Okay, that is the first time I've seen a base64 encoding as a link body...
[inspects, determines that it's supposed to be a .png]
[breaks out UUDeview and decodes it]
Hmm. No display. Are you sure you didn't, uh, image-in it?
I like the simplicity of WinAmp 3. I still use it. :D
My desktiop aesthetics are doubtless entirely unlike yours. In fact, they don't even match each other. :D
http://doomgold.com/images/linux/KDE_Screenshot_20220106_170651%20-%20LibreOffice.png [doomgold.com]
http://doomgold.com/images/linux/trinity-snapshot3.jpg [doomgold.com]
And there is no Alkibiades to come back and save us from ourselves.
(Score: 2) by RamiK on Sunday June 16 2024, @07:05AM
It opens as is with firefox and with right click -> open image in new tab in chromium I believe?
Either way, you can make it with:
png:
$ base64 -w0 foobar.png | sed 's|.*|<a href="data:image/png;base64,&">image</a>|' > out.html
pdf:
$ base64 -w0 foobar.pdf | sed 's|.*|<a href="data:application/pdf;base64,&">image</a>|' > out.html
Breaking it down, you just use "base64 -w0" to convert the file to a base64 and then wrap the output (using sed) with an html a tag that uses the appropiate data href ( "data:image/png;base64,FOOBAR" for pngs ). In my example above I've also redirected it to an "out.html" file for you to double-click (using sed). But on my own setup I redirect it to wl-clipboard for immediate pasting.
I'll leave converting it back to you as a home work assignment :D
compiling...
(Score: 5, Touché) by JustNiz on Wednesday June 12 2024, @05:09PM (3 children)
So the technology to spy on everything you do will still get automatically installed whether you like it or not, it will just do nothing until you enable it.
Honest.
Yeah right.
Linux here I come.
(Score: 3, Interesting) by Beryllium Sphere (r) on Wednesday June 12 2024, @09:43PM (2 children)
Until you enable it, or until a piece of malware does.
(Score: 4, Touché) by coolgopher on Thursday June 13 2024, @02:48AM (1 child)
A piece of malware, like a Windows update...
(Score: 2) by Reziac on Friday June 14 2024, @08:26PM
The proposed upcoming update that will nuke the third party interface fixes that make current Windows halfway usable... that'll be classed as malware here, all right.
And there suddenly become good reasons to freeze a desktop.
And there is no Alkibiades to come back and save us from ourselves.
(Score: 4, Touché) by DannyB on Wednesday June 12 2024, @05:32PM (1 child)
They will collect all of your data, of course.
You will have to Opt In to activate and use the Recall feature which accesses this data that they will collect whether or not you Opt In to Recall.
People who can't distinguish between etymology and entomology bug me in ways I cannot put into words.
(Score: 2) by Reziac on Friday June 14 2024, @08:29PM
I'm wondering when they'll think to make Windows unusable if you block microsoft.com at the router.
And there is no Alkibiades to come back and save us from ourselves.
(Score: 3, Touché) by Tork on Wednesday June 12 2024, @05:42PM (1 child)
"Ask it to fuck off!"
🏳️🌈 Proud Ally 🏳️🌈
(Score: 1, Touché) by Anonymous Coward on Wednesday June 12 2024, @10:59PM
That's what I did. And it told me how to disable it by two methods. I needed to ask again how to install gpedit.msc on Windows Home and again it did.
Not much of a self-preservation instinct yet, but I'm not complaining.
(Score: 5, Insightful) by bzipitidoo on Wednesday June 12 2024, @07:09PM (1 child)
What is it about commercial vendors that they think it's okay to spy on their users, accuse their users of piracy, force DRM on their users, trample upon users' rights by for instance denying users the first sale doctrine, co-opt users' hardware and network connectivity for their own purposes such as annoying their users with obnoxious ads, and risk the loss of their users' data over some trivial commercial concern? This latest stunt of MS ranks right up there with the Sony rootkit scandal.
(Score: 2) by acid andy on Thursday June 13 2024, @12:26AM
Precedent.
Welcome to Edgeways. Words should apply in advance as spaces are highly limite—
(Score: 4, Insightful) by VLM on Wednesday June 12 2024, @08:37PM (1 child)
Recall seems like weird marketing given the plot of the classic sci fi movie Total Recall
https://en.wikipedia.org/wiki/Total_Recall_(1990_film) [wikipedia.org]
"agents of a shadow organization try to prevent him from recovering memories of his past"
It would be like naming your countries next nuclear power plant "The China Syndrome Plant".
(Score: 2) by Reziac on Thursday June 13 2024, @02:20AM
I had the same thought: Oh, this is Total Recall for Windows.
Then went and disabled automatic updates.
https://www.windowscentral.com/how-stop-automatic-updates-windows-11 [windowscentral.com]
And there is no Alkibiades to come back and save us from ourselves.
(Score: 3, Insightful) by r_a_trip on Thursday June 13 2024, @10:01AM (2 children)
I feel pretty safe on Linux right now. Hopefully distributions aren't going to go nuts too.
A 24/7 spy recording every digital thing you do? Miniluv would kill for such control. The wait is for the inevitable targeting and breach of this "feature". We all know that Windows and security is like water and oil. So opt-in or Windows Update doing that for you and your digital life is neatly packed up for transport to cyber-criminals. Once out there, the genie is out of the bottle.
(Score: 2) by stormreaver on Thursday June 13 2024, @01:10PM
It's already begun. Total Recall is the first, and it won't be the last.
(Score: 2) by Reziac on Friday June 14 2024, @08:32PM
[whispers]
...systemd...
.
.
.
.
.
[actually I have no particular problem with it, but there's your precedent.]
And people need to remember that a "cloud backup" is your data being held hostage by a commercial entity instead of by random internet thugs.
And there is no Alkibiades to come back and save us from ourselves.