New Windows AI feature records everything you’ve done on your PC

boem@lemmy.world to Technology@lemmy.world – 418 points –
New Windows AI feature records everything you’ve done on your PC
arstechnica.com
109

I've seen this movie before. They will make it enabled by default and make it difficult to disable. Then a few years later someone will figure out that this data that was supposed to be "private and encrypted" was being sent out to Microsoft, who will get a slap on the wrist, half assedly apologize and immediately move on to even more anti consumer ways to squeeze more income out of its users for "growth".

immediately move on to even more anti consumer ways

but they'll keep collecting that data even after the slap on the wrist which will be more like a gentle tap

fine-no-jail-time = cost of doing business.

This touches on what I find the most fuckin irritating about the current state of software decision. I bought this super generic run of the mill disk clean up software. In the past I've used similar software and the fucking spam for add on this amd plugin that or defend your pc with this... it's fucking insane. Finding burried files from apps I deleted years ago. Well this time I got lucky. I download it, run it. Doesn't ask me to sign up for shit, I don't have to make an account. No added features for blah.99$ The fucking shit just ran after install, batch fixed it all. Then in the final report flagged it's own fucking software as obsolete and quoued it up for delete. CUSTOMER FOR FUCKING LIFE. Who thr fuck is running these reports that must show customer retention is higher when you fuck them in the ass till they bleed green. I would pay fuckin 5x's the price of windows os if it meant I could play steam games on a windows system with Linux tiered performance and security. Why the fuck is cramming so much bloatware that you need to upgrade your whole system the new thing. Fuck windows, fuck Google, fuck samsung and youtube.YouTube.

Edit: obligatory edit and shoutout to all the shitbag game developers too for thinking anyone fucking want another game that runs at 2 fps because it starts raining in the game. Fuck your 4k atari games. They're a fucking embarrassment to everyone who has worked in the industry.

As long you don't play multiplayer like cod, cs, forntinte. Linux is a gaming system. Yes sometimes you need to apply fixes from protondb or wait until the game starts for a minute, but it usually just works. At least if you are using steam.

You can run the epic games launcher through steam though. But you should install it with lutris. Or just use the hero launcher (which doesn't support cloud game saves yet)

Can you suggest a good write-up / walkthrough for how to shift to gaming on Linux? I've installed and run it before so I understand the basics, but that was basically just to keep an old laptop alive to watch YouTube.

Fucking Windows...just purchasing one big DIY spyware package these days.

I don't have guide I can remember,but some tips:

If you don't have Nvidia. It should be just installing Linux mint. And you are ready to go.

Use the package manager to install anything and Google it if you need help.

If you have Nvidia it might just work, but you need the proprietary drivers.

In steam itself you want to enable proton for all games in the settings.

Check the reviews on protondb for hints if sth isn't working out of the box.

Also use protonqup(for proton ge) and protontricks(for debugging some games).

Ge will enable some features that steam can't legally enabled by default.

Finally my Radeon works better out of the box than Nvidia? Amazing.

Glad to hear Mint is the way to go! That's the one I already have some very basic experience with.

Is Steam necessary? I also use GOG because I prefer no DRM, but maybe that's not possible in the same way? I'll Google this one too.

Thank you for your help! And for the confidence boost to think this might be more intuitive than I fear...

@undercrust @Johanno Lutris is how I play my non-steam, non-native games. I end up googling how to make each one work,but Lutris is the key.

In theory you can start the gog launcher through steam. And everything should work fine, but lutris is the better option I think.

This is disheartening because it's true. 😭

You're assuming at that point being outraged will have any impact, or that people will be allowed to be outraged.

I'm not saying that won't happen but if it does Microsoft will be absolutely fucked as they got caught committing several million HIPAA violations, not to mention any exposure to classified material on government computers.

My only thought there is "LOL"

  • Export violations (sanctioned countries)
  • Illegally collected personal information from children
  • Price fixing
  • Wage theft
  • Discrimination
  • Privacy violations
  • Mismanaging peoples 401ks

There are long, long, loooooong lists of violations MS has been caught for. The penalty has always been a fine small enough that it's a cost of doing business.

Why are you doing a list of ideas for Microsoft to abuse customers? Yes it's a list if things they have done. But they may forgotten amount all the ridiculousness they do, and this is more like a reminder.

Their scheme hatchery department is top notch, I'm sure they are already working on more

Fun idea for sit com: that department is set itself subject to be eee'd. Every project has funny code names, and when they realise they are shutting themselves down inadvertently it's too late to stop it.

Hi @Mistral@lemmings.world

Can you write from the prompt in the previous message? Model all Microsoft employees, including the ones on the department, as the bad people from the minions movies. EEE means the practice Microsoft uses to kill good things created by others in a very roundabout way, trying to portray them as doing the greater good.

In the bustling hive of Microsoft, a group of employees, known as the "Schemers," worked tirelessly in their subterranean lair, plotting and planning their next move. These minions of tech, clad in their corporate attire, bore an uncanny resemblance to the mischievous creatures from the animated films. Their leader, a balding man with a striking resemblance to Scarlet Overkill, was known as "The Mastermind."

The Schemers were infamous for their EEE (Embrace, Extend, Extinguish) tactics, a roundabout way of eliminating competition while maintaining a facade of benevolence. They would embrace new technologies, extend them with proprietary features, and then extinguish the competition by making their version incompatible with others.

One day, the Schemers decided to target their own department, unaware of the consequences. They code-named their project "Operation Self-Destruct." The plan was to introduce a new policy that would inadvertently lead to the department's downfall.

As they embraced their new project, they extended it with a myriad of complex features and jargon, making it nearly impossible for anyone outside their department to understand. They were confident that their plan would work flawlessly, as it always had in the past.

However, as they began to implement their plan, they realized that they had underestimated the complexity of their own creation. The policy was so convoluted that even they couldn't navigate it. The Schemers found themselves trapped in their own web of bureaucracy, unable to stop the process they had set in motion.

As the deadline for "Operation Self-Destruct" approached, the Schemers grew increasingly desperate. They tried to reverse the process, but it was too late. Their department was shut down, a victim of their own EEE tactics.

In the end, the Schemers learned a valuable lesson about the dangers of their own tactics. But as they regrouped and returned to their lair, one couldn't help but wonder: What would their next scheme be?

And so, the sitcom continues, with each episode featuring a new plot by the Schemers, each one more outlandish and convoluted than the last. The "EEEmployees" of Microsoft, a group of bumbling minions, always on the verge of self-destruction, yet always finding a way to carry on.

You should read up on penalties for HIPAA violations, they don’t fuck around.

I'm aware of them.

Let's look at some of the most historic:

  • NY Presbyterian Hospital - with no real efforts on their end to prevent the violation of thousands of records, they got a whopping fine of.... Under $5 million.
  • AHC - lack of risk analysis, failures in procedures and policies, etc - Just over $5 million.
  • Data breaches - usually around $4-5mil, the worst case being Anthem, about 80 million people effected - $16 million in fines. A record.

Criminal offenses? Yeah, plenty of those - with individuals, usually related to that information then being used for other purposes (scams, theft, etc).

But a company like Microsoft, you're going to have a hard time convincing me it's going to ruin the company. The history of HIPAA violations and their fines tell a very different story.

You're right they don't, but only for covered entities which MS is not in any shape or form

It's just like when Grindr or whatever leaked people's STD status, they nor MS are a medical provider or "covered business entity"

HIPAA is an ok privacy law, but it is not the all supreme health privacy law you think it is

You should read up on anyone even coming close to being beholden to those penalties, because they absolutely do fuck around when its corporations.

Consumer PCs are almost certainly not covered entities under HIPAA, nor is Microsoft in its role as an OS provider.

Even then, if this whole thing were to result in an inappropriate disclosure by a covered entity, the organization that processes the data would be liable, not Microsoft.

That's like blaming the building contractor because you left the door unlocked and someone came in and stole your cat.

People give HIPAA way too much credit all the time, it's fairly strict on who actually falls under it.

Remember when this was considered the behavior of malware?

Pepperidge Farm remembers.

Well the malware authors of yore could have gotten away with it, so long as they attached their malware to an even slightly useful program, added an EULA that was 40 pages long and on one of those pages mentioned the malware and had no way to use the software without agreement.

Wasn't that basically Bonzi Buddy and whatever software bundled it without any options to opt out? 😆

The activities the program is said to engage in include constantly resetting the user's web browser homepage to bonzi.com without the user's permission, prompting and tracking various information about the user, installing a toolbar, and serving advertisements

Looks to me like they taught Microsoft well in this area.

1 more...

Linux can run from a USB stick to try it out before committing to a full install.

Not to be that guy but I cold-turkey switched daily driver and I cannot believe I didn't do it earlier. Total amateur "copy-paster" and the only thing I sometimes can't get working are pirated games. Steam changed everything for gaming.

I did the same. To add to the cliche, I went nuclear and jumped into Arch. Games were my biggest concern, but I've had zero issues with games, minor issues with Nvidia, but if I'd have gone with a stable distro, it would have been an easy transition. I'm confident that anyone who can use Windows even semi functionally, can transition to something like Mint with minimal issue. Other than no local MS office apps, I bet most people would assume it's a new Windows release.

I switched my kids' PCs to Pop!_OS and other than "icons moving" yeah they didn't notice.

Especially when they mostly use Firefox and Steam, and those are exactly the same.

I left windows because of the ai stuff but I didn't expect it to get this bad. This is literally malware.

This is finally it for me. I just can’t justify this any longer and will need to dedicate myself to running some flavor of Linux permanently as my daily driver.

I think I'll do the same. I wasn't switching because of compatibility but I realized that there are only 1 or 2 apps that don't run natively and I don't use them that often

Which distro do you recommend? I haven't used linux in a while, I usually went with ubuntu but I think that's not the go-to anymore?

I am no expert though I like Linux Mint it has a windows 7 feel to it which makes it a great distro to start with.

Lots of people hate on Ubuntu for Snaps, but that's your own preference. Any of the Ubuntu-based derivatives should work just as well. I would recommend Zorin or Mint, and probably throw PopOS! in for good measure.

The distro recommendation is usually mint, but I'd like to know, what does your setup look like? (Monitor specs, PC specs etc)

It's a laptop with i3 gen 11, 12GB RAM, and I mainly use it for browsing, torrenting and watching movies (4K, connected to a TV)

Oh yeah, then if you like the look of it, Linux mint is the best option

Looks good! I'll give it a try this weekend, thanks!

Edit: I just installed it, it looks great! I find it very funny that one of the apps I was worried about was the HP scanner and it worked seamlessly on mint without installing additional drivers or apps so I can stop using that stupid HP app

Edit2: I also found out that my windows installation (system, drivers, updates, other files that I cannot delete safely) takes about 70Gb out of my 250GB SSD, even after running many commands to try to clean it up

PopOS is highly recommended, I tried it for a bit and really liked it, I need to plug in a second drive on my main pc to dual boot it there

1 more...

Lol, it's not even a feature yet... And when it is, it will almost certainly come as an optional feature you need to opt into.

Just like, pre-installed Edge and Onedrive, completely opt in and one day a windows update (automatically) reboots your pc and you just got opted in.

1 more...

I’m going to make a Linux distro that helps you forget everything you did on the computer. “Oh, man. I was drunk last night. Thank god BoxWineOS comes with the Neuralyzer program.”

And the program is just some guy who comes by your place and hits you over the head with a baseball bat lol

To use Recall, users will need to purchase one of the new "Copilot Plus PCs" powered by Qualcomm's Snapdragon X Elite chips, which include the necessary neural processing unit (NPU).

Well, I guess I'm keeping my current notebook for the unforseeable future.

Fear not! Eventually you'll be forced to take an update that will bring this blessing to you:

On devices that are not powered by a Snapdragon® X Series processor, installation of a Windows update will be required to run Recall.

Actually, if this is the requirement, then this means our data isn't leaving the device at all (for this purpose) since everything is being run locally.

Unless there's a "database failure" that would resurface screenshots from your PC on Microsoft's cloud, or anything like that. I mean, its too many lines of code, what if something happened and oops, the local data was uploaded to your Onedrive, my bad, keep using our products, this will never happen again we swear.

The only way to be sure is not having it at all. Remember the CSAM filter Apple wanted to force on iOS? This is as bad as that.

Very true... what I meant to say was:
[...] then this means our data shouldn't need to leave the device at all [...]

Yeah. But they'll likely make Azure Recall running on their own AI hardware. You'll have to opt out (on every windows update) of their ad driven free model that uses your data to target ads, and sell your overall profile on.

Or you know, you can just not turn it on.

IF that's an option and IF it don't turn itself on after an update. Given Microsoft's history I wouldn't trust that. They invested way too much in AI to afford making it easy for the user not to use the feature.

Can I just continue to not sign in to a Microsoft account and be good? Seems like it’s all tied to that

The Linux evangelists always jump on this stuff without reading the articles. Do not be alarmed by them. This is currently just a beta feature that Microsoft is still testing.

If Microsoft announces that this is going to be forcibly installed on all versions of Windows, then we can grab our pitchforks. Ideally this would end up being an opt-in feature. If it's an opt-out when they release, again, pitchforks.

For now? Give them feedback if you're worried, otherwise move on with your day and do nothing.

If Microsoft announces that this is going to be forcibly installed on all versions of Windows, then we can grab our pitchforks

Complaining when it is already released is too late to stop it.

They didn't ask permission before pushing Copilot, why would they ask permission for this?

If Microsoft announces that this is going to be forcibly installed on all versions of Windows, then we can grab our pitchforks. Ideally this would end up being an opt-in feature. If it's an opt-out when they release, again, pitchforks.

Well, per Microsoft's website:

On devices that are not powered by a Snapdragon® X Series processor, installation of a Windows update will be required to run Recall.

So it sounds like everyone on Windows 11 will get it via Windows Update eventually

Yeah I wish I had the time/knowledge to make Linux my main OS but it’s just unlikely to happen. I use my “gaming” PC primarily for work (like 95%), and have way too many programs and files that I don’t want to risk breaking/losing to make a switch. Maybe the next computer I build I’ll make a Linux setup but for now I’m stuck with Windows no matter what

There's a great app for easily turning all of the tracking features off: https://www.oo-software.com/en/shutup10

There's a dozen apps for it, but I wouldn't trust them to do a perfect job. At a bare minimum, you'd probably need to keep said app up to date at all times, and it'd need to be one that runs in the background or runs on every boot or something.

I heard the next version of Windows will ravage your whole family, and the only solution is to immediately wipe all of your computers and install Linux.

It's too late for me, since I hesitated. Bill's already outside. If only I listened to the obnoxious, uninvited, endless evangelism of the Linux userbase!

Woe is us, the users of the evil platform! Woe!!1!

They were already doing this before AI. Using windows is a bad idea.

That could be turned off though. It's a good question if AI can be disabled or not.

Seems like this will not be a thing in most typical PCs, for the time being, as it requires specific hardware and opt in to a feature.

Not liking how pervasive AI features have become, though.

The joke is that the model itself runs locally, but it still is basically spyware that then will be used for data harvesting. Typically you run local LLMs to avoid this exact purpose / risk. So MS isn't even willing to give you the performance benefit of running the LLM on their servers for doing this.

Will Copilot+ PC experiences come to devices powered by AMD or Intel processors? Yes. We are partnering with Intel and AMD to bring Copilot+ PC experiences to PCs with their processors in the future.

I'd give it a year at most till this comes to desktops.

The same could be said about Windows 11 since it demands a TPM chip. Not that I'm complaining, since all I had to do was disable the chip to keep 11 away for good.

Someone will figure out how to turn it off again in fairly short order (it might be as simple as a mklink to NUL for the storage directory, causing it to send its recordings into the void). What irritates me more is the typical Microsoft misuse of the word "feature".

(I mean, this thing does have some potential uses (imagine being able to see what that elderly relative you provide tech support for actually did when they claim they "did nothing"), but the privacy concerns vastly outweigh them.)

In an enterprise environment I can see it's value, but as a consumer product it has no place.

Everyone knows Microsoft is going to wait a bit for the seeds to sprout and harvest all that data.

"Recall uses Copilot+ PC advanced processing capabilities to take images of your active screen every few seconds,"

Seems like a lot of extra disk thrashing that would shorten the life expectancy of an SSD? Like it would be considerably more than your usual background chatter of daemons writing to log files and what not. Unless I'm misunderstanding this?

Since everything is being run in a local LLM, most likely this will be some extra RAM usage rather than SSD usage, but that is assuming that they aren't saving these images to file anywhere.

It's funny. Security folks say how insecure Windows XP is, and how it becomes compromised within seconds/minutes of having an internet connection. It's like Microsoft took that as a playbook challenge to repeat as an OOTB feature, instead of waiting for malware to do it.

This is the best summary I could come up with:


At a Build conference event on Monday, Microsoft revealed a new AI-powered feature called "Recall" for Copilot+ PCs that will allow Windows 11 users to search and retrieve their past activities on their PC.

To make it work, Recall records everything users do on their PC, including activities in apps, communications in live meetings, and websites visited for research.

By performing a Recall action, users can access a snapshot from a specific time period, providing context for the event or moment they are searching for.

For example, someone with access to your Windows account could potentially use Recall to see everything you've been doing recently on your PC, which might extend beyond the embarrassing implications of pornography viewing and actually threaten the lives of journalists or perceived enemies of the state.

Despite the privacy concerns, Microsoft says that the Recall index remains local and private on-device, encrypted in a way that is linked to a particular user's account.

To use Recall, users will need to purchase one of the new "Copilot Plus PCs" powered by Qualcomm's Snapdragon X Elite chips, which include the necessary neural processing unit (NPU).


The original article contains 596 words, the summary contains 188 words. Saved 68%. I'm a bot and I'm open source!

I think Microsoft's ultimate goal is to turn your computer into a locked-down console. Infested with data collection malware. And it won't allow third-party apps ever.

My next computer will be a dual-boot machine. I will use Windows ONLY for gaming. No personal info or activity on that partition at all. And I'll use Linux to get sh*t done.

Steam had been making Linux pretty darn good for gaming too, even for games that are technically Windows only.

Why not your current computer? No time like the present...

Many people using NVidia cards, and they have issues...

I have a 4060ti, swapped over to endeavour (arch with gui (btw)) after some previous microsoft fuckery. Damn near everything worked out of the box. The only issue that i had, that i still cant fix, is getting wayland working. Xorg works perfectly fine, but wayland is just the future. Nvidia started releasing driver updates for linux that'll make it start working easier tho.

Ive used computers for my whole life so i know not everyone will share my experience with linux. But trouble shooting on windows was so much worse for me. Looking at depreciated forum posts, wishing i was back on windows 7, searching through weird, halfway redundant menus (how many device management menus are there???) And so on. So much of the system gets in your way because it doesnt trust you. With linux its as simple as googling your problem, some guy had the same issue 3 years ago and his fix still works. You go to the terminal and its like

do this

are you sure?

sudo do this

And then the problems gone (except for wayland, i know). Its great.

Edit: i got wayland working.

Use Xorg with the proprietary driver instead of Wayland for the time being. Much less issues. You can always switch to Wayland later when either Nvidia support matures, or when your next computer has an AMD GPU.

Or get a cheap ass AMD GPU, like an RX6400, plop it in as a second GPU and run on that in Linux. Perfectly serviceable for plain desktop stuff.

Or run on integrated graphics, if you have it. Again, perfectly serviceable for plain desktop stuff.

Problems have solutions :)

I like to play games. If it weren't for that, I wouldn't use Windows at all.

Yeah but you said you wanted a dual-boot machine for your next computer, with Windows only for gaming. What I meant is: why not get a head start and make your current computer that dual-boot machine?

It's an old desktop that doesn't even support Windows 11 hardware requirements. I built it back in 2009, so Windows 10 will be its last Windows OS. I don't want to dual-boot now and then have to upgrade and transfer everything in a couple of years.

So if it's "AI", and it's remembering what I do on my computer, does that mean it's going to hallucinate about what I did on my computer?

"Oh jeez, it's hallucinating, maybe we need to get some of that raw input data to debug it."

As long as this is opt-in and users understand the risks, then I don't have a problem with it. I wouldn't use it on my personal PC, but it would probably be handy for my work PC. (Although my organization would probably block the feature for security reasons. So maybe it's not actually that useful after all.)

It'll be opt-out with the setting in some obscure and hard to find menu, just like every other AI program. And that's if they're required to even allow you to opt out.

And it'll accidentally turn itself back on after updates. And data will accidentally leave your device.

This is conjecture. Maybe we should wait before we make assumptions? Am I being too logical for /c/technology?

It's conjecture based on evidence from the way previous companies have handled AI data as well as the way Microsoft themselves generally handle things.

I'd rather prepare for the corporate greed and be pleasantly surprised than be disappointed when Microsoft does something that will negatively impact their userbase in the name of profits again (or MAUs or whatever else looks good on the quarterly report).

It's amazing how spiteful the Linux folks are... Look at all those downvotes on this.

You bring up an incredibly good point here. I can't think of any large business that would allow this. This almost guarantees that this feature will not be mandatory, to say the very least.

This said, I'd not want this on my work computer. I'd be concerned it could become a slippery slope of monitoring employees in the name of efficiency.

The whole thing is going to be run on a local LLM. They don't have to upload that data anywhere for this to work (it will work offline). But considering what they already do, Microsoft is going to have to do a lot to prove that they aren't doing this.