Recall remains a phenomenally bad idea. I don’t understand why anyone would green light it.
It sounds like a great idea if you don’t think too long about it and none else has it yet. People like that don’t care about security or privacy concerns, as long as there is no law against it. Gotta earn money and the competition is fierce.
And with “people” I mean executives just as much as engineers. Gotta earn money fast > being ethically aware of the implications of your work
I guess. I mean I immediately thought “I don’t want it capturing the porn I look at”, but maybe people really don’t think about privacy at all.
I don’t really see how it makes money, since it’s bundled into windows (right?).
It makes money the same way anything like this makes money: selling your data. Maybe it improves ad revenue by giving more relevant ads, or maybe they’ll just outright sell your info.
That said, porn is the least of your worries here, I’m thinking it might scrape sensitive info like social security numbers, bank logins, etc, and an attacker then scrapes Recall to get all of it and now you’re screwed.
Doesn’t surprise me one iota. This is why I will be abandoning Windows next year and moving to Linux and doing the same for my parents.
Why wait? Hell, you can test out a live distro in a virtual machine to start learning about it right now before taking the big leap. Unless you’re already familiar with Linux anyways. 🐧
Indeed I am. I already have a dual-boot setup on my laptop (not yet on my desktop) but need to finish testing Linux alternatives and/or running under WINE for some of my Windows-only software. I’ve been slowly chipping away at that over the past few months and expect to continue to do so over the next few as well, after which I hope to be ready to completely switch over.
I’ve been trying to buy a new computer for years. I finally put the remaining pieces on my Christmas list lol.
Good news, Linux works well on old computers, and in many cases, you can just move the boot drive to the new hardware and you’re good.
Same boat! I’ve switched over two of my lesser used devices to Mint already (an old surface tablet and my work laptop), only hesitation is with my gaming machine. Everything has been set up just how I like it so I’m not eager to start from scratch there but once I’m confident and comfortable on my work laptop I’ll make the switch there too
While dual booting into Pop, I can see my Windows SSD and all of its contents. It might make testing a little easier for you!
Running games from the NTFS partition won’t work very well/at all, you’ll want to redownload those to a Linux filesystem.
well of course it does. There is no way for it to know what it is capturing. Best it can do is capture it, and maybe discard it if it manages to detect any sensitive info. Which won’t work every time
Technically, it could be coded to recognize the various formats of strings and blur everything indiscriminately.
- OCR is never perfect.
- A partial credit card number or partial SSN wouldn’t match the format, but is still sensitive.
- Perfection is impossible. Demanding it is silly. Loopholes are unavoidable in everything.
- Context can be trained.
that would require knowing the formats of strings. And it requires the text to be text.
What if you had a photo of a handwritten piece of sensitive information?
I doubt that OCR (optical character recognition) is done on device so it likely being sent to some server for processing.
As a software engineer, in any of our corporate applications when a user hits delete we toggle an archived flag, but the data is still there. So I wouldn’t trust any application to do what it actually says.
There are so many technical barriers for recall to ever be able to not snipe your private data that I wouldn’t go anywhere near the thing.
Edit: Furthermore, what happens when MS inevitably gets hacked again and someone steals all the data it has and then starts using that to commit fraud.
I don’t understand your meaning. Screenshots of a photo are still screenshots and manipulating text on a photo is already a thing (you can use phone camera to translate text directly from a fixed surface).
The only way it could possibly censor sensitive information is if it captured it in the first place and then determined that it was in a sensitive category and then censored it. Recall still has to capture it first to make that determination.
I don’t understand why this isn’t everyone’s immediate thought after hearing Microsoft say their system would censor sensitive information. How could it possibly know what to censor without reading it first? Of course it’s going to invade your privacy, and then maybe they’ll selectively delete some of it when you ask them to.
I wouldn’t be surprised if it all gets uploaded to cloud storage first, and then the “sensitive” stuff gets deleted from the local storage only.
Im always astounded at how tech companies swing between ‘for your convenience’ and ‘for your security/ privacy’, and how often users just take them at their word, then wonder why the noose on the neck of their personal choices and freedoms keep getting tighter and tighter.