Microsoft is relaunching its AI-powered Recall feature, which records everything you do on your PC by constantly taking screenshots.
  • In December, an investigation by Tom’s Hardware found that Recall frequently captured sensitive information in its screenshots, including credit card numbers and Social Security numbers — even though its “filter sensitive information” setting was supposed to prevent that from happening.
  • Treczoks@lemmy.worldEnglish
    5·
    24 days ago

    Not mine. There are a lot of reasons not to use Windows, and this is just one of them.

  • simop_jo@lemm.eeEnglish
    11·
    24 days ago

    WHAAAT? I would NEVER expect that from a company so good that cares about me and my data. They even tell me that in the perfect operating system! Windows! I just love bloat and ads and ai everywhere on my 150$ piece of software!!!

  • yarr@feddit.nlEnglish
    20·
    26 days ago

    That AI is going to be copying a lot of “I put on my robe and wizard hat”

  • Hastur@lemmy.caEnglish
    1020·
    26 days ago

    everywhere is copying your private messages. Google, facebook, microsoft, reddit, your phone texts, anything you’ve ever posted anywhere. This isn’t news

  • Septimaeus@infosec.pubEnglish
    79·
    26 days ago

    Just a tip: if you must use consumer editions of Windows regularly, consider adding an automatic provisioning tool like AME to your workflow.

    The example above uses customizable “playbooks” to provision a system the way docker compose would a container image, so it can fill the role of a VM snapshot or PXE in non-virtualized local-only scenarios.

    The most popular playbooks strip out AI components and services (there are many more than just Recall) but also disable all telemetry and cloud-based features, replace MS bloatware with preferred OSS, curtail a truckload of annoying Windows behaviors, setup more sensible group policies than the defaults, and so forth.

    I have a few custom playbooks for recurring use cases so that, when one presents, I can spin up an instance quickly without the usual hassle and risk.

    • BearGun@ttrpg.networkEnglish
      16·
      26 days ago

      consider adding an automatic provisioning tool like AME to your workflow.

      The example above uses customizable “playbooks” to provision a system the way docker compose would a container image, so it can fill the role of a VM snapshot or PXE in non-virtualized local-only scenarios.

      I know what most of these words mean individually

      • spooky2092@lemmy.blahaj.zoneEnglish
        5·
        26 days ago

        Basically, a playbook is a set of instructions or baselines for how you want the system to look/be setup, and the provisioning tool will engage in however many tasks are required to configure the system to your specifications. I played around with something similar with PowerShell DSC, and its pretty cool to be able to eliminate config drift when it checks against the config and remediates any changes that weren’t updated in the playbook.

        • demonsword@lemmy.worldEnglish
          2·
          25 days ago

          Basically, a playbook is a set of instructions or baselines for how you want the system to look/be setup, and the provisioning tool will engage in however many tasks are required to configure the system to your specifications.

          so… ansible?

    • Jay@lemmy.worldEnglish
      5·
      26 days ago

      This is really interesting! I’ve usually installed Winaero Tweaker back when I still used Windows, if I knew this existed I probably would’ve gone with this instead. Having access to “playbooks” would be quite handy.

    • boatswain@infosec.pubEnglish
      11·
      26 days ago

      This looks like useful stuff; thanks for sharing. I’m not on Windows myself any more, but this looks like info with passing on to those in my life who are.

    • reksas@sopuli.xyzEnglish
      13·
      26 days ago

      to vast majority of people this is unthinkable. They will also likely just not even notice news like this because they dont pay attention to such things and likely dont even care about their personal info until something bad happens to them because of that.

      • Fluffy Kitty Cat@slrpnk.netEnglish
        5·
        26 days ago

        Stealing this info and posting it publicly is an important way to fight back. Once prole hear their credit card is being defrauded because of recall it will be untenable for it to stay

    • moonburster@lemmy.worldEnglish
      3·
      25 days ago

      I get that it is annoying for you since you obviously don’t have a pc that will run it, yet.

      But a lot of problems in tech started because it was just there and didn’t do that much yet. Lots of governments are still catching up to the big tech to stop them from having too much power, because they slept on it.

      I dislike the recall stuff too, I don’t have a pc that will be able to run it and probably won’t have one for the coming 10 years, unless there is a huge leap in performance. But I do appreciate all the people here making their voices heard and actually bending MS their knee as well.

      So please filter it and get out of the way of the nice people, thank you

    • FreedomAdvocate@lemmy.net.auEnglish
      212·
      26 days ago

      Not to mention it’s optional, entirely on device, and secure.

      Let’s be honest, most of Lemmy users complaining about it are on Linux or a Chromebook anyway. They can’t use it even if they wanted to.

      • Psythik@lemm.eeEnglish
        28·
        26 days ago

        *sigh* you’re not wrong but the constant posts are annoying.

      • Psythik@lemm.eeEnglish
        318·
        26 days ago

        And how many people have the latest CPU? Most Lemmy users don’t even have an HDR monitor—tech that’s been mainstream for over a decade at this point—let alone the latest and greatest processor.

  • floofloof@lemmy.caEnglish
    77·
    26 days ago

    Well at least there are all kinds of checks and balances to prevent big tech and the US Government from abusing this information, right? Thank goodness we have no reason to worry about it being used for political surveillance and identifying who to send to foreign concentration camps, or anything like that.

  • rottingleaf@lemmy.worldEnglish
    4·
    26 days ago

    Makes sense why they want this technology so much, one thing has really been achieved - in year 2005 you couldn’t make a program that would be a keylogger and a useful thing all in one, so you had to make a keylogger somehow detect those rare events one can risk it running, or something like that. You couldn’t instruct it in English “send me his private messages on sites like Facebook”, you had to be specific and solve problems. Now you can. And these “AI”'s are usually one program with generic purpose. To stuff everything together with kinda useful things.

  • NihilisticWanderer@lemy.lolEnglish
    24·
    26 days ago

    We already know this. It’s not just Microsoft; Google, Meta, and other big tech companies are also involved in similar practices.

    • Ledericas@lemm.eeEnglish
      2·
      26 days ago

      google has on various phones, a app that records your phone, but you can delete it. google also uses vcaptcha V3 which they lent the technology to REDDIT as well.

        • Moose@moose.bestEnglish
          12·
          26 days ago

          I mean, but we pretty much do know? The difference between Linux and Windows / MacOS is Linux is open source and can be checked and audited by anyone. If an exploit exists, it will be visible publicly and just needs to be spotted by those knowledgeable enough. Windows and MacOS are more than likely audited too but by private companies under NDA, so then it’s left up to Microsoft or Apple to decide what exploits are fixed.

          • Retro_unlimited@lemmy.worldEnglish
            2·
            26 days ago

            I agree completely that open source can be audited by anyone, but I did read something tried to be sneaked into an update, and you never really know, software is complicated and maybe some roundabout way to have an exploit using code that looks like it’s intent was something different.

            • Moose@moose.bestEnglish
              4·
              26 days ago

              Ah yes, I think that was when a FOSS maintainer had to step down and handed it off to someone else if I remember right? See this XKCD for relevance. It’s pretty ridiculous how much we (and companies with billion dollar revenues) rely on the free work of others for such important systems. But yes, an important distinction to make is that certain Linux distributions may use code by others that is not open source and malicious without them realizing.