Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.

Stopthatgirl7@lemmy.world to Technology@lemmy.world – 1009 points –
doublepulsar.com

Q. Is this really as harmful as you think?

A. Go to your parents house, your grandparents house etc and look at their Windows PC, look at the installed software in the past year, and try to use the device. Run some antivirus scans. There’s no way this implementation doesn’t end in tears — there’s a reason there’s a trillion dollar security industry, and that most problems revolve around malware and endpoints.

221

You are viewing a single comment
View all commentsShow the parent comment

There cant be.

It literally screenshots what you're doing every few seconds, and builds a plain text database of any and all text it captures.

Incognito mode is not having it installed.

Hmm that didn’t sound right so I had to look it up. Microsoft says there’s a way to pause the recall snapshot functionality for a set amount of time, like an incognito mode:

Pause or resume snapshots To pause recall, select the Recall icon in the system tray then Pause until tomorrow.  Snapshots will be paused until they automatically resume at 12:00 AM. When snapshots are paused, the Recall system tray icon has a slash through it so you can easily tell if snapshots are enabled. To manually resume snapshots, select the Recall icon in the system tray and then select Resume snapshots.

https://support.microsoft.com/en-us/windows/retrace-your-steps-with-recall-aa03f8a0-a78b-4b3e-b0a1-2eb8ac48701c

I don’t understand why there’s so much FUD around this product…

You don't understand why there's so much fear, uncertainty, and doubt about an on-by-default program that records everything you do? Are you being serious right now?

I find it hard to take seriously anyone who throws the term FUD around with no sense of irony.

Yeah not to be obtuse here, but I think the fear is over sensationalized. I haven’t seen it in person, but it seems like this is a totally new product that is similar to idea of browser history, but adds in some modern features. I would like to check it out.

on-by-default

That’s not correct. Based on the documentation, Windows Setup has an option to enable/disable the feature on first boot.

The documentation also says it doesn’t capture incognito windows and I mentioned in my other comment that you can turn it off temporarily and permanently. It doesn’t run all the time no matter what, like some of the comments have suggested.

Here’s a screenshot of the config page with a simple toggle to turn off:

Windows 11's Recall feature is on by default on Copilot+ PCs

Disabling the AI snapshotter requires a trip into Settings for ordinary users

Over the weekend, The Verge's Tom Warren posted (on twitter) screenshots showing Microsoft's latest Out-of-Box Experience (OOBE), in which the Recall feature can't be turned off unless the user opens Settings after completing setup.

Now, it's possible things have changed in the last few days, but I wouldn't really expect them to based on the last time I used windows. I also didn't know this before I tried looking it up, so I'll admit I'm a little biased against microsoft.

But the real question is, what documentation are you looking at where you're pulling all this information from? Can you provide a link?