The worst thing about it is, even if you switch to Linux for privacy yourself, you’ll also need your friends to switch as well, otherwise if you message them on their desktop, they’re a liability, as the damn recall will be there too, leaking your data.
It’ll be hell for activists.
Funnily enough, Signal has circumvented the issue by marking their chat window as DRM content, making it invisible to Recall.
They used the invasion of privacy to destroy the invasion of privacy?
Lol
They didn’t circumvent the issue - they did what Microsoft tell developers to do in regards to their programs and recall lol.
The same has been true of email for years, but less bad. Activists will need to be even more careful in who they trust.
In what sense?
- if you send plaintext, their email service could spy on them
- once they decrypt, they could accidentally reply with the decryped text, or it could get backed up if they store a copy somewhere
- screen readers could store decrypted email
In general, if you don’t trust the receiver, you shouldn’t send sensitive information. Windows Recall doesn’t change that, if they’re competent, Windows Recall won’t be enabled.
I think this is more an issue for less technical users instead of activists, because activists will be more careful about who they trust than a secretary or something for a powerful individual.
Of course it is. It’s invasive by design. The “recent tweaks” were because of backlash, but now that’s died down
on purpose. they announce something absurd, so people get mad, and they step down to something they wanted anyway (and even pass the impression they are listening to their users opinions)
What I don’t understand, is what I would need and use it for? Never in my life I thought “damn if only I had a screen recording of everything I did 1 week, 1 month or 1 year ago”. Like I don’t get the use case, ignoring anything else. There is no use case.
I can view my terminal history and my recently accessed files. I have version control with git where I want and need it.
There is no use case.
So you’ve never wanted to find an article/headline that you vaguely remember seeing? Or a product that you looked at? Or a picture that you looked at?
There absolutely is a use case for full reachability of everything you’ve done on your computer. Git commits and terminal history and “recent” files list don’t even come close to providing the same thing lol
It’s true that there’s some usefulness in recollection, but geez I find myself digging through my browser history and being absolutely lost… whether it’s an article, video, online store product, anything. Then I usually just re-search for whatever it was from scratch 🤷♂️
Um, the core feature is privacy invasion. It does what it says on the tin.
It’s fine if some people want that functionality, as long as it’s not enabled by default.
One could argue that it’s a feature that could be done on-client without sending to a server. Or with its server component doing nothing more than syncing with E2E encryption.
I have zero interest in Recall, but I thought it was already done on-device? IIRC it always was that way, which is why it’s only available on new computers containing dedicated “neural coprocessors” I believe was the term.
Now given that it’s closed source, you have to trust that they aren’t silently sending data back to themselves - which is where my problem lies, I don’t trust them in the slightest.
You can verify that nothing is being sent back by watching network traffic. I guess they could hide it in update packets, but thats pretty unlikely.
I’ll admit I’ve not looked into it. My computer won’t even upgrade to Windows 11 if I wanted it to, thanks to MS’s artificial restriction on compatibility. Maybe it is all on-device. But if so, whence all the privacy complaints? And does it not allow syncing between devices?
So you don’t even know and didn’t bother to check if it is on-device before attacking it for not being on-device?
Recall is done on-client.
Another great reason to switch to Linux. Fuck this shit
Yes.
Worth it.
Honestly it’s what drove me over the edge. I’m on endeavorOS and it has been great honestly. Would recommend 👍🏻
Part of why i knew so-called “digital rights management” was fucking bullshit was because very little software ever came out that empowered me to manage MY OWN rights in the digital space.
I need there to be FOSS applications that allow me to root-level BLOCK applications from perceiving what I’m doing, to just fucking SANDBOX ABSOLUTELY EVERYTHING BY DEFAULT and let me whitelist what specific things are allowed to directly access the hardware.
Sadly I am not as tech savvy as I used to think I was. I might’ve been technologically clever twenty years ago but I hadn’t managed to keep up… I think what I’ve described might be referred to as a “hypervisor”? And I’m told it’s an overbearing, clumsy, heavy-handed overkill measure that would be difficult to implement and make everything a pain in the ass to do. So … shit, man, I dunno… i’m just so damn tired of my hardware being bossed around by people I didn’t authorize.
Qubes OS ?
Maybe it’s time you invested some time in finding alternatives that let you stay in control of said hardware. I know time is in short supply for all of us, so consider your priorities.
I prefer the term Digital Restrictions Management.
Programs ran through Flatpak can only access permissions and directories that it has explicit permission for. This is perfect for a very small program that only does one thing, it can get rather awkward when you need it to access multiple storage volumes. For example, I wanted to have my Steam games stored on different hard drives, but they were never visible through Steam. I had to override the Flatpak permission to give access to my mounted disks for it to work.
The fact that we can choose to enhance the permissions beyond their default scope on a case by case basis is powerful.
A “hypervisor” is more applicable to servers than anything else, but I agree with you on everything else. That first sentence, man… Big companies get DRM for their property, so where’s my DRM, y’know?
Fucking maddening.
Write your own OS and software then. Your hardware is running someone else’s software otherwise, so no you don’t get to control every aspect of what it does.
I’ve disabled windows update completely so I can pick and manually dl updates. Never going to put that recall shit on my pc.
I’ve disabled Windows completely so I can be safe and sound. Never going to put that shit on my PC.
– sorry, it seemed funnier in my head.
How’d you do that? I’ve made registry tweaks, group policy tweaks, etc and my windows machine still eventually hits a limit where it forces updates around the 12 week mark. Granted it’s still longer than before, it isn’t completely disabled.
At that point it’s easier to install Linux.
I run Linux too, but I have to use windows for some contract jobs.
around the 12 week mark.
Not all computers need to tell the date & time, just uninstall clock.exe
It was a combination of things between policies and taking over folder and file permissions. I can look up the specifics I used if you are looking to replicate it. It’s a bitch to undo unless you write down everything you change.
This is just a thinly veiled ad for AdGuard.
If only we could have a response from an independent security researcher instead of a product, that would be great.
For windows users
To the surprise of nobody… 😆
