Windows Recall (was) a Security Nightmare
HTML-код
- Опубликовано: 7 июн 2024
- Learn Cybersecurity - Name Your Price Training with John Hammond: nameyourpricetraining.com
WATCH MORE:
Dark Web & Cybercrime Investigations: • Tracking Cybercrime on...
Malware & Hacker Tradecraft: • Malware Analysis & Thr...
AmperageKit - Unlock Recall: github.com/thebookisclosed/Am...
ARM VM on Azure: learn.microsoft.com/en-us/win...
Total Recall: github.com/xaitax/TotalRecall
📧JOIN MY NEWSLETTER ➡ jh.live/email
🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎FOLLOW ME EVERYWHERE ➡ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/discord ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
🔥RUclips ALGORITHM ➡ Like, Comment, & Subscribe!
![ian - Fit Check (Feat. VonOff1700) [Official Music Video]](http://i.ytimg.com/vi/sDGWDBg45Dw/mqdefault.jpg)
PSA, it looks like KB5037850 was taken out of rotation in Windows Updates... so trying to recreate an Azure ARM64 VM to bring Windows 11 24H2 26100.560 up to 26100.712 likely won't come through. I'm not sure why this was removed, perhaps Microsoft not wanting folks to play with it any more 😂 twitter.com/_JohnHammond/status/1799350383506313671
NSA is watchinng you LMAO!
MOM IM ON TV
nice
i'm watching all of you (including SOG). thanks to reminding me...
I knew you would make it
@@randomdude5634I also use Arch btw.
Fireship reference...
“Thank you, thank you, thank you Microsoft.” -hackers, government, cops, FBI, CCP, Google, Apple, Facebook, kidnappers, etc.
fr tho
Forgot scammers
And you also forgot Linux users
@@chri-k Thank you
Is there a way to disable/delete all the Recall components instead of just opting-out/not enabling it?
I can't sleep well that the Recall code is present on my machine even if it not enabled.
Recall is a classic example of just because you could, doesn't mean you should.
Or "Trying to fix a problem which doesn't exists". heh
@@BillAntOr that nobody asked for...
@@GHOSTSTARSCREAM - Or going to the Moon or Mars, and wasting billion$ instead of fixing issues here on Earth first. smh
@@BillAnt The world doesn't revolve around you.
Presenting recall in another softer way, that is like presenting pdfilia in a softer way as minor person attracted, which sounds so much more acceptable than pdf file
People are applauding that Recall is off by default??? What the hell??? How about NOT INSTALLING that misfeature that nobody but the NSA wanted, thank you very much?
Should be behind an additional feature flag that results in separate download and install at minimum
"that misfeature that nobody but the NSA wanted" - Nobody but the NSA? Hardly. Every scammer and ransomware miscreant in the world surely wants that "feature" installed on every computer. More to your point, yes, there should be a way to prevent it from getting installed in the first place. Its installation should be placed behind several blatantly obvious, literal red-flag warnings about the risks it creates, and it should require a Google reCaptcha challenge/response in order to install.
Yuuuup see what i think is it should be removed entirely and they people who approved of adding it should get 2yrs of prison time 😅
Windows Recall is (still) a Security Nightmare
Use AI to extract text from an image but still can't copy a windows error popup to find what the error code is.. priorities guys come on
Haha you can now, just let recall take a photo 😂
Huh? Yes you can. You can litterally ctrl+c on a windows error pop-up to copy what's in it .. that's been a thing forever. Sorry.
Never knew this @@LiEnby
I'm literally a SOC analyst and I had no idea this was a thing, thanks! @@LiEnby
@@LiEnbybruh never knew
But dude, this tool is so useful!
When you get hacked, not only can a hacker access everything on your computer, but see everything you've done in the past!
"She Chose The Wrong T-Shirt"
...
yep you really demonstrated it John
hehe, boobs!
Need a link 😅 asking for a friend 😊
Still is. That garbage should have never made it into the OS.
It's there and it's not going anywhere. No matter what Microsoft says.
Time for another antitrust case… Microsoft has no right to put malware companies out of business by bundling it with windows 😂
LOL
"no right" it's their operating system, they can do whatever they want. Companies need to be cautious when choosing the right OS.
Crazy how microsoft added its own post exploitation screenlogging module into its OS so I don't have to write my own anymore 💀💀💀
It's following very closely the communist methods, which are 1. Introduce absolutely horrendous policies, which will create good advertising for the policy and make it known to people, 2. When people complain then roll it back a little and at first make it optional, 3. When it is now a well known policy, make it mandatory, 4. Now add the original horrendous policies, and make it mandatory policy. So, take two steps forward, one step back, twop steps forward, one step back
@@AntiAtheismIsUnstoppable Atheism is Satanism. Ognosticism isn't
The people who support this feature have the same level of brain-rot to support kernel-level anticheat.
kernel level anticheats at least do something good. this feature is straight up spyware
@@atsizbalik found one brain-rot here guys
@@atsizbalik if that where true why does kernal level anticheat effect mobile development. Like it's clearly doing more then what it should be doing if it makes android studio stop functioning.
@@atsizbalik you have been PWNED. All your data belongs to them. The attack vector was social engineering!
There's the people that support the gov putting cameras inside everyone's houses as well.
Even turned off i do not want this feature in my windows installation. I'll be switching to linux.
This feature needs to have a giant hack reported in the news before Microsoft gives a crap.
There are actually Python script specialized in extracting data from Recall called Total Recall. Imagine adding it into your very spicy "software" ;). Sooner or later, someone would implement into their data "borrowing" software.
@@nerd0Chija oh wow, I didn't know, maybe that should've been included in the video 🤔
@@HietakissaIt was mentioned
@@quinnherden sarcasm.
@@Hietakissa 👌
As a Linux user, some distros are trying to implement AI. Please for the love of god learn from Windows failure and never clone that company's decision
Why, unlike Microsoft, they don't have investors to please -.-
AI is inevitable, and potentially very useful. We just need to implement it appropriately
@@NataliePinewhat is that even mean AI is inevitable? If you mean large language models dominating society, that's not going to turn out to be true. Lol. We've been using AI in various ways for decades so yes we will continue to use it but this idea that LLMs are going to change society forever is wildly exaggerated to increase investor hype..chat gpt is wrong 52% of the time, Gemini has been a complete embarrassment, Microsoft just had to admit that their emissions are up 30% and they can't meet their 20-30 goal of being carbon neutral because of these AI servers. LLMs are going to be a huge bubble that is bursting. It's one reason why the humane pin and the rabbit pin were such an embarrassment. But they got investment because people fooled themselves into thinking anything with the words AI will make them money.
Not saying AI has no utility, like I said we've been using it for decades, but so far all the consumer facing products involving large language models have been a disaster.
Ubuntu was the first one to put ads in their distro. before windows lol.
@@NataliePine It doesn't matter if it's useful if nobody wants it
Just gonna point out password managers are now going to get compromised due to Microshaft.
Large shaft
Time for hardware wallets
So, in order to do corporate espionage all you need to do is place your man as system admin in an organisation and run a search. Like, what sort of toxic glue has Microsoft been eating on their pizza sauce?
This is already really easy for sysadmins of a company to do, since they own both the computers and network routers. This just lowered the technical competency bar from low (install off-the-shelf software) to basically 0.
Never do anything personal or private on a work computer, your sysadmins will know.
@@Darticus42 not as blatant as Recall. Now it's actually literally a keylogger for everyone to see
201* keylogger is a malware 2024 keylogger is a windows feature
Ah, the classical accidental capital "8", yeah, 2018 and before would've seen this as a malicious keylogger, now in 2024, it's a "feature", a feature of pushing more people towards bearing with Linux for most things and only VM windows 11 for that one task that can only happen on Winblows 11.
@@dedr4mCould also mean 201x
windows 10 already had a key logger.
@@ChrisWijtmanstell more
@@dedr4m "...and only VM windows 11 for that one task that can only happen on Winblows 11" - That *ONE* task? You clearly don't work with business or creative software.
If there was a government crackdown on one certain thing they could say “let us see your computer” and go through recall to see if you participated in said “problem” its so authoritarian for absolutely no reason
Windows is now assumed malicious.
Just now?
@@rany0LMFAO FR
w$ IS malicious!
You mean since Windows DOS?? 😂
windows has been malware by definition for a long time
Bill Gates be looking at everyone's homework folder soon
oh shit.
Bill gates when he realises my homework folder actually contains homework: 😮😮😮😮😮😮😮
You mean my "School" folder that has over 300 GB? :D
@@CZghost300GB, I'm a god damn PhD over here. 😂
So john hammond is now paid by microsoft too to promote their spyware, looks like the greed for money just will not stop for this man
"She Chose The Wrong T-Shirt"
She surely did
I don't want to be able to turn this feature off. I don't want this feature even shipped on the Windows install. If it's not possible to remove completely I'm jumping ship 🤓
Or, my fave. All those screenshots of what you were doing constitute gigabytes upon gigabytes of data, which, if sent up the pipe in their native form, would be an unmistakable and unsustainable traffic flow. But now we have Recall, and advertisers, Microsoft and the government can now just access Recall through a back door! Recall can do all the heavy lifting there locally, using the user's very own hardware! "Hey, Recall, does John have any music that he might not have paid for?" "Hey, Recall, does John have any photos or video that your algorithm might classify as 'prurient'?" "Hey, Recall, did John have any double-plus-ungood communication with any unpeople today?" and instead of wads of screenshots, now "Recall API, the Undisclosed Back Door" can now offer a brief, concise opinion of whether John needs to be considered for a nice knock at his door by the Feds or the local gendarmes.
They requiring auth is better than nothing but this features means that every windows install in the feature is now 1 or 2 bugs away of being a keylogger for every windows user.
And no matter how good I think MS developers are, everyone makes mistakes and with a single zero-day attack someone can potentially silently enable this and collect everything. No need to write a hidden logger.
Even though the added security is better than the previous, it's still a nightmare.
Large corporations own the government, so they are the government. This is big brother.
You even have the minutes of hate... Do you condemn...
That's only for America rn. The rest of the world is in a much safer state, for now
@@magicalnoodleseh, not much. We are sucking the US's dong for tech. It's pathetic.
How, what??????@@magicalnoodles
@@magicalnoodles It might not be everywhere, but it’s in more places than not. Open your eyes.
Literal spyware OS, should be banned from sale.
yes, as are the other big proprietary operating systems
Recalling recall sounds like the best option.
If they care about security, they would be reducing the attack surface, not broadening it 🤦🏻♂️
The fact that it's a sqllite database really hints at the fact 1. they are prepared for your recall information to be easily sent to serverside databases If it was meant to be local just why use a database and not just store it in a encrypted file. 2. They didn't really put to much effort into the actual development of recall since anyone with a few years of backend experience can probably setup sql database hook up a ocr make a function call to the windows screenshot api so the only hard part would be creating the ui. Yet they pretend it's this revolutionary technology to mask the obvious spyware.
While I think this feature should be permanently shelved, I think you might be looking too deep into that decision. sqllite is extremely performant for certain things and this seems like a good use case for it. Personally if I was gonna be evil and extract information I’d have used something different.
Sqlite is used for tons of functions of different operating systems, apps etc.
Remember everything is open source if you reverse engineer it
Oh so recall will BE there, ready to use but not enabled. Here's what's wrong with that and it should be obvious. OPT-IN should be "I install it and run it" not "it's all there waiting to be used but you don't have to use it." Imagine a "self repo feature" in your car or truck that you paid for in cash. My car or truck NEVER needs to be repossessed because it's 100% mine and always has been. I don't want that feature but it's BUILT IN and you can't tell them to REMOVE IT.
We live in a world where mistakes are common and normal. I don't need to go any deeper than that. Someone orders a self-repossession on a car or truck and get some entry data wrong and BOOM, my car or truck is no longer in my possession or under my control. Forget about all of the other "But, but, but" anti-commentary, my rights have been violated and I have been harmed because of something that never ever needed to be there in the first place. "I'm sorry your car or life has been damaged... it was just a mistake." A mistake happens when you didn't reasonably know that it could happen. If you REASONABLY KNOW it COULD happen, it's no longer simply an honest mistake -- it is placing people at RISK with intention of private benefit.
This is EXACTLY what Microsoft's recall is. This is EXACTLY what Adobe's terms of service is.
Who in their right mind gave Recall the Green light for development given the obvious privacy and security issues of the entire concept.
C suite executives who don't know or care
@@Mekelainabasically
"Who in their right mind gave Recall the Green light for development given the obvious privacy and security issues of the entire concept" - The people who understand that the general public doesn't care about privacy or security. Look at how many people, including many people in IT, contort themselves to defend companies like Microsoft, Apple, Google, etc. They know their personal information and data is being collected and sold, but they don't care as long as the "product" they use/consume is convenient or beneficial to them. Those of us who actually care about privacy and security are in the minority.
Give you a hint, it's a three letter agency.
هام
*IS
Malware will simply enable the recall feature so they don’t need to code an AI keylogger/screen grabber themselves.
I know that’s what I’d be doing at least if I was a malware dev.
Not malware but microsoft
And they can get the stuff from before you installed the malware too
why doesn't anyone realize this lmao
So basically a keylogger that takes snapshots
Microsoft will always "Recall" this moment.
Haven't used Windows for the past 8 years😅. Stay away from Microsoft folks, run.
theres no way. When you opened the image folder i thought "surely you cant just rename the file" and then you did just that. amazing.
M$ keeps adding BS to their OS...
Yeah it's a called a GUI
"M$ keeps adding BS to their OS..." - Remember Windows 95? Under 100 MB fully installed. Now Windows fills up a 32 GB disk once you download the required updates and have been running for a very short time. And they choose to call that "progress".
You literally picked the only four videos I watched about Recall. Hilarious. I’ll never use recall because I’m on Linux but it’s juicy drama
happened to me as well😂
@@victor5.- I was thinking for the fourth video, “it’s gonna be muta, aaaaannnnndddd it is…” lmao
Yeah, but people you associate with will. All your emails you send them, all your private messages/DMs, all your behavioral patterns for those you interact with and how.
NSA, CIA, FBI are pissed that their wish to have this developed and “sold to” the world as good, has fallen on its face, and SO OBVIOUS
thats crazy. New malware doesnt need to bring its own info stealer, we have recall for that now. Which will not be detected by Antivirus, because its from microsoft itself.
it makes me uncomfortable that windows will ship with all of the DLLs there to do extremely advanced infosec allowing a hacker to ship an extremely small payload and potentially utilize those functions to do some of these features without the encryption features and the UI
I'm still reluctant to have this available for company computers but that's just me 😅
Wonder if it companies that are pushing for these features to make sure their employees/slaves are only doing work-related stuff?
Who else could be interested in this feature, apart from blackhats?
I'm sure this is obvious to everybody here, but Recall was developed for Mid to Large corporation to track employees.
this does not belong on the modern desktop. Recall is some CEO's dream. This should only be available to large companies with intranets and no real access to the web for employees.
Recall is a corporate security team's single worst nightmare made real. An OS integrated piece of malware that stores every single sensitive secret in a single location for random hackers and bribed employees to quickly scrape and ruin the entire business in record time.
NO sane individual wants this.
This was NOT a C Suite customer request. Yes, absolutely for business customers but this was made on request of a weasel of a middle manager.
I heard Recall was made to fix Windows Search from being slow. I'm hoping it's not the official reason because there are numerous searching tools that do better than Windows without being a privacy /nightmare/. They're using Screenshots + OCR on the fly to determine text...Surely, it's possible to read from the call that displays the window name anyway and use that (assuming they didn't want to swap their system).
Ideally, Windows would take "Everything"s approach to being a search tool: Index file names and meta-data only into a local db file. That way searches would be literally comparing text-to-text and would be near instantaneous with our current computing speed. If "Everything" can achieve what is arguably the best file searching tool for Windows several years ago, there is no excuse to fail this hard now.
I would like to see changes to virtual desktop clients so they refuse to start if recall is turned on. Potentially logging company owned data on a non-corporate owned device is just a leak waiting to happen. If you want to work from home, you have to disable recall first.
Let's cut through the B.S.
Post covid, many people are now working from home. Employers want tools to monitor their staff remotely. That's who this is for. It's not so Microsoft can spy on you, it's so your boss can, and that keeps your company firmly on the Windows ecosystem. This feature will be enabled by your organization and will not be something you can opt-out of or disable without admin credentials.
But the end users would flip their shit if Microsoft said that, so they're trying to dress it up as a productivity feature for the user. They want you to think it will make your life easier so you accept it.
Querying a SQL database across a network is trivial, and unlike most collected telemetry data, there won't be specific IP addresses and domains you can just block to prevent it being sent. It's going to be locked down to your specific organization.
So what you need to do now is write a script that injects data into Recall to make it look like you're working, lol. The arms race is on, Lazy bastards unite! We can spoof this data.
i wonder, who in this entire world with 8 billion people thought this feature is good?
microsoft
So much this, I don't see a possible use for recall. If I looked up something online and can't remember where it was I can already look at the browser history, similarly pretty much all software keeps track of recently accessed files. There is literally no need for screenshots lol.
Five Eyes lol
"i wonder, who in this entire world with 8 billion people thought this feature is good?" - Malware creators, governments, advertisers, data brokers... If you meant that exclusively in terms of users, then I can still imagine some people wanting this. People are so stupid now, with 0.3-second attention spans and zero interest in privacy or security, so they have no problem with big brother watching everything they do. Just look at how many people are perfectly happy to let Google and Apple control all of their data. And for businesses, look at how many of them are happy to entrust total control of their companies to "the cloud".
The Most sophisticated spyware I've ever seen.
I mean automated SQL database to record every single event, with searchable and copyable text in a high quality screenshots.
Spywares don’t need to do too much work anymore, everything is ready and organized.
I was thinking the exact same thing
I remember, years ago fantasizing about being able to capture screen shots and keylogs with time stamps. Never knew Microsoft was already on it 😀
Thanks for that John. Interesting to know 😊
"She Chose The Wrong T-Shirt" thanks John!
Windows Recall is absolutely still a security nightmare and it still affects you even if you don't use Windows. Be careful what you share and who you share it with now.
I would have loved this as a productivity tool if it only managed screenshots I manually took.
I remember when I went back to school online to study Medical Administration and I was required to study a tremendous number of problematic medical conditions, which no one could have easily discerned from a search history between personal searches and those for school. Then meeting people online with various issues I had to familiarize myself with repeated the entire experience where the subsequent search results became weighted and distorted, accordingly.
I have not even watched the full video but im glad there is a shoutout to Fireship! Thanks for that John!
Assuming that this will restart itself after any updates like everything else MS does, I would first turn on Recall and then turn it off immediately, just to create the files it uses. Then I keep those files as my standard and every five minutes I would run a scheduled task that replaces that appdata directory with my template files. That way recall won't fail, just has useless data all the time. Maybe deleting files every five minutes would work, but that might make recall blow up in an unexpected way. There are all sorts of triggers and comparisons I could put in the scheduled tasks to see if Recall got turned back on and force that to be turned off by Registry or whatever.
if you go through all this hassle just to protect your privacy in a system that clearly has no respect for that and has other methods of collecting and selling your data, you might as well just switch over to some friendly Linux distro like PopOS. I made the switch and boy is the turf greener
@@psygreg Already on Linux Mint, but there are two programs that don't have equivalents and will be run in a Windows VM instance. That's what I would be protecting with this.
you just demonstrated the whole point at the very beginning, where the screenshot shows "she chose the wrong T-shirt"
someone needs to compare time machine to this, it definitely doesn't take screenshots, but would be interesting to compare
Just when am done with an insight, another one 🙌❤💯🙏.
Great video! Thank you. I'll have to check out more on recall.
As far as I can recall, you didn't make a video about this.
Could this be why Bitlocker is being pushed for Win11?
I switched to linux just a few days ago.
congratulations on becoming a non NPC
I'm doing the same
@@owlmostdead9492 I feel free. *Removes clothes and dances in the rain.*
Breathe the free air again, my friend.
Any version of Recall is a security issue. Such a feature will always be exploited by bad actors.
And the worst of the bad actors being Microsoft/government. High powered fascism.
Yay, Mutahar collaboration with John will be fun
I have a thesis about the origin of recall :)
One day, the developers were sitting in a meeting and talking about how to better monitor the user. One of them said: We could take a screenshot every 5 seconds and send it to our servers! Bill heard that and said: Uhh, that's good, but if it gets out, we're screwed.
They scrapped the plan and just implemented it for the users. :)
That could be how recall came about. :D
Thanks for the video!
It's a perfect feature for employers to look how their employees perform :| ... in one word = concerning
see if you can use a veracrypt container to move that folder to it and making a junction. on boot i guess you'd have to delay the recall startup until the container is mounted. doable?
Microsoft already opened a Pandora box. Even if Recall is dropped altogether, hackers now know it's possible to write this kind of application, and there will be copycats. Maybe part of a rootkit.
For the record, you *can* package that python script into an .exe relatively easily so it can run without the interpreter installed.
Let's be fair and boil it down to this: Recall is literally malware (trojan/spyware), except it's made by Microsoft, so they get to call it "a feature".
Then again, with the amount of telemetry Windows has, the OS itself is probably spyware and comes with a rootkit. Ohwait, I'm sorry, I meant "features".
Ram Eating haCker Assistant LoL
I was just wondering how Microsoft came to the conclusion that users wanted this tool?
This brings back memories of the security disasters that were "active desktop" and "Every Windows 2000 server gets IIS installed and enabled by default"
I have that too, it's called Print Screen.
This is like pegasus, but you’re actually aware it’s on your pc
If there was a need for this, if people wanted a feature like this, people/ companies would have already made software for it. IMO
I don’t believe the whole “it’s an opt-in feature”. “You can choose who sees what”.
To me it looks like baby steps to more and more access and control over your computer.
Man you are the best security research explainer on RUclips💚💚
I recall windows being a nightmare a long time ago, still happily using linux
I will by honest my concern is and always will be where this intersects corporate security because you see it all the time, all it takes is a single sloppy employee and boom the users pay the price and I am a bit sick of paying, in too many cases a monthly subscription, to be on the losing end of that fight between two parties I have zero control over.
The problem is that their way of implementing Recall is 'security last'. Security for the sake of not getting grilled too much on Twitter and RUclips. It's just pathetic, a good time to consider switching to another OS for serious tasks.
This is a great example of why you should never introduce an attack vector unless it's really worth it and you make sure it's very, very secure.
i cant imagine why i would want this as a user.
Whatever form this "feature" has, and whatever security measures it has, as long as it is seeing what you're looking at, it will always be a security/privacy nightmare.
You can always add encryption, etc, but at some point, the user has to decrypt the data to be able to see it, and the computer has no way of knowing who is sitting in front of the screen, or even have administrator access.
Also, Microsoft, having control over it, makes it even worse. They are storing it on the device for now, but I am sure they would love to have access to that data, and they could easily give themself access to it.
This is the saddest thing I have ever seen, society goes on believing not every single privacy BASIC human RIGHT hasn't been violated. I remember using Windows Paint (the one with the 3d option) and drawing pyramids, and as soon as I saved my paint file and named it "pyramids", I hop on my phone and getting a video recommendation about pyramids. (It was a song) Surely it must be a coincidence.
Recall just only became available to the average user, but the concept has been there for I would say years. It's almost like they ALWAYS had some sort of TeamViewer style Share Screen for EVERY machine that operates their OS :). And why wouldn't they? They all ready collect all your data through whatever means. Why would they stop there?
"I don't recall searching for music and found this video..." 2:24
Definitely a red flag the supreme court needs to get involved in this because if Recall steals debit/credit card information and social security Microsoft is facing massive class action lawsuits.
someone needs to make a meme of an A.I. bot surfing john's hair wave, cause that is a good looking swell right there
So. Everything else aside, let's assume that those coordinates are clicks or even window layouts on a screen over time. Super useful information for malware hackers. Pop UNC, move to that person's common coordinates based on analysis. Bang job done.
THEY EVEN DID NOT TRY TO OBFUSCATE IMAGES WTFFFF? ARE THEY PROGRAMMERS WORK FOR 200K IN YEAR?????
So this is simply in a folder that you share with Microsoft via One-drive... ?!
It's not on OneDrive ... YET!
Crazy thing is that LG TVs do a similar thing but instead of it being a feature that can benefit the user, they send screenshots of whatever is displayed to the cloud and do marketing analysis. So if you use an LG TV for sensitive things make sure it's opted out or even better, completely offline. How is that even legal? It's on by default. I can imagine that being the next step for Microsoft, they must be drooling over the idea.
What kind of resource utilization is seen by this? I'm asking because if you hash or generally encrypt the data that is captured and put into the database with something that takes a long time to parse unless you have a secret key or something it could greatly diminish the value the data has to threat actors. I'm happy with what has happened so far but, being a bit naive still from a security standpoint, I'm curious if there is anything more that could be done. I was actually considering switching to linux or back to windows 10, even though I run x86, just because I saw how serious a privacy and security risk it was as soon as I heard about it and feared it'd be released on my platform whether I liked it or not. The main reason I haven't switched is because most of the things I use my computer for have either only been developed for windows or simply run better or have a less convoluted setup on windows (admittedly most of this is games with KL-AC or similar such as destiny 2).
How much does this compliment video cost?
How many times Microsoft turned on metadata collection by OS updates even if they were turned off? Innumerable
Utterly insane. I can't believe someone thought it was a good idea.
I stand by that I work with too many elderly tech illiterate people who get scammed daily to think this is a remotely good idea. Even if they require a password to access recall, these people will just type it in for them!!!!
The only thing they got right was the name “Recall” because that’s what they will need to do, once lawyers get involved.
Not a fan of the feature but definitely good to mention that it's pre-release software. Hopefully they make it easier to disable during installation and improve the general security overall.
What was Microsoft thinking! John, thanks as always for flagging this and showcasing from both sides of the coin / fench.