Am I the only one who doesn't think that recall is a bad thing? Of course Microsoft's implementation is a buggy privacy nightmare, but the core idea of being able to see what happened a week/month ago and process it using LLMs looks really useful. I'm looking forward to something like this, but local, FOSS and for Linux.
The whole concept is so fundamentally flawed that no amount of tweaking or improvement can save it. Of course the implementation is terrible, but even if the implementation was perfect it would be awful. Even if it ran locally-only, even if the implementation were pure free software, even if the LLM used was guaranteed to operate in your best interest.
Even then, we're still talking about a perfect surveillance engine that allows any future person to observe your behaviour across your past. Imagine what it would mean for the police to retroactively search your entire life for the past 30 days when they arrest someone. Or how this might affect people living with abusive partners, or LGBTQ+ kids in non-supportive households.
This technology, no matter the implementation, puts vulnerable people at risk.
I promise you there are better ways to manipulate people in this situation. Like a keylogger. That way, your hypothetical LGBTQ child can't evade your monitoring by using an incogneto tab or simply pausing recall when they login.
steal their browser data. i haven't wiped my browser history in years, and that is just easy to search list of URLs dont need to be parsed out of some db blob (not something many anti-LGBTQ parents know how to / are going to do...). Steal their cookies and access their logged in social media accounts directly. Steal their saved passwords. Browse through the cached images and videos.
> Even then, we're still talking about a perfect surveillance engine
not even close. not going to beat this to a pulp but just to give you an idea, this does not scale well, not at all. are you going to look through 25 gb of photos? what if it's 90% cat pictures.
This is correct technically, but not correct in practice. Yes, keyloggers and stuff are comprehensive. But this ignores accessibility and ease of use aspect. Keylogger is a software which you need to know about, then acquire it without being infected yourself (e.g. know trusted warez sites etc.), and have to install on the victim PC in advance (so no retroactive spying is possible). I wouldn't know where to get keylogger (stealthy one) without some research, despite working in IT for decades. And likely you would rist get sued for that if ti was ever exposed, so a large part of the population not yet sociopathic will balk at installing illegal keylogger.
Now contrast that with a 100% legal and already preinstalled keylogger 2.0, which is not only logging keypresses but everything. And it is on every home and work PC in the world. Of course the number of people tempted to use it to spy on the strangers will be about a 1000 times bigger than amount of people installing keyloggers today. And it will not only replace premediated planned spying, similar to the keylogger. But it will also allow spontaneous spying on every random PC you can see. Like walking past unattended unlocked PC and voila - you can check all history without going back in time to install keylogger in advance.
The scale of the problem is the real problem. That's the point.
There's monitoring software marketed towards parents, which I think for most parents would meet your concerns (ease of use, risk of malware, legality).
If the parent has access to the computer, then they'll generally already have all documents, browser/application history, and chat logs.
> Now contrast that with a 100% legal and already preinstalled keylogger 2.0, which is not only logging keypresses
Windows Recall doesn't log keypresses, to my understanding.
> Like walking past unattended unlocked PC and voila - you can check all history without going back in time to install keylogger in advance.
I feel extracting browser passwords and all their documents would typically be more damaging.
Why would that be worse when you have screenshots of everything they saw, typed, uploaded and broadcast? Passwords give you an account - this gives you everything done with the account. And all documents that were viewed, plus where they came from. This is way beyond passwords.
> Passwords give you an account - this gives you everything done with the account.
Passwords give you control - not just view-only access. You could transfer over much of what they own (money, servers, games, projects, ...) to yourself, use their identity for phishing their friends/colleagues, etc.
Even just for viewing data, I think having all files and passwords can be a greater level of invasion:
* You don't just have screenshots of some files they happened to open recently on this device (which for some formats, like audio, is useless) - you have every file they have saved on this device, every file they have in online/cloud storage, and every file on work network shares they have access to
* You don't just have a screenshot of them typing a subset of recent emails and chat messages - you have their full emails and chatlogs going back years, and can likely make a data access request to get a significantly larger portion of "everything done with the account" than recent snapshots would give you
* You don't just have their location the couple of times recent snapshots show Google Maps open - you have full location history from their phone
If you are worried about somebody reading what you do on your computer, you should to use full disk encryption (I consider it a requirement these days). There are a lot of things besides recall that can be compromised if somebody gets physical access to your machine.
Everyone has different threat models, vulnerable people don't need to use such a feature, assuming that it's all local and implemented perfectly.
It should also be opt out by default for Microsoft.
I personally see a lot of use for this if it was running entirely local. I always find myself in a position where there's things which I've browsed or come across but it's difficult retrieving it from my history.
>vulnerable people don't need to use such a feature
Vulnerable people often do not have a choice in the matter. Pre-installed, widely-advertised features are significantly more dangerous because somebody who is controlling isn't necessarily thinking of new ways to monitor, but they'll sure take advantage of any they know about.
It's the same problem as Apple's AirTags: GPS trackers existed long before them (and are harder to detect), but you can get a 4-pack of AirTags at the store and they're super easy to use.
You are the only one. It's mass surveillance and it's used to train their neural networks to be able to automate people out of their jobs.
No matter what 'guarantees' they offer, they're just an update and group policy setting away from removing them. Maybe they'll offer 'Recall Enterprise' for company owners, and normalize employers spying on their users while selling them the sales pitch of automating away their employees.
If it was a genuine value add, it would be a boxed product, possibly made by a third party, that people would pay money for.
Is it? I thought the screenshots were stored and analyzed locally. This seems like something that can be verified with Wireshark.
If you mean they could sneaikily update Windows in the future to start sending screenshots to their server - I feel they could do that regardless of whether or not this local search tool exists, and it'd still get caught almost immediately. If anything, it'd seem counter-intuitive to draw lots of attention/scrutiny through marketing this feature.
Boxer the horse also wasn't sent to the glue factory the first day Napoleon got in charge.
First, they store it locally - then they merge it to your Microsoft account so you can have the Copilot experience anywhere you go, but they are deeply concerned about your privacy.
Then they start processing it, and voila - they have the AI to replace you.
I'm sure they have plans to undertake these steps, each one innocuous enough to not warrant reaction, but they'll nickel and dime you down, and they'll do it too. If they overreach and there's pushback they'll split the steps into two. Hide it, schmooze the regulators etc.
The plan is in motion the only question is the timetable. I bet those GPU farms will be churning using those screenshots come a year or so.
not the parent, but I'm curious what you place the odds at. It's a 50/50 coin toss from where I'm standing, and your bet should include you losing if those screenshots are sent one-shot "by mistake" or because of some random minor update. Given the Microsoft related shit-show that happened last month, it's a weird approach to risk if the odds of it happening were even less than 50%, as it would be a low probability but high impact event for those who cared.
I'm curious if you yourself would view the event as a big deal if your data had been sent or if you would simply take the "life is short, who gives a shit?" scenic route.
If you read the article, you would see that the earliest release date for standard Windows versions is planned for early 2025, so you're even kinda baiting the parent from a position of cowardice -- a good faith opening bet would suggest Feb 2026 for the date at the least:)
> not the parent, but I'm curious what you place the odds at. It's a 50/50 coin toss from where I'm standing, and your bet should include you losing if those screenshots are sent one-shot "by mistake" or because of some random minor update. Given the Microsoft related shit-show that happened last month
Depends a lot on the criteria that torginus and I agree on (if we do). I believe the given scenario itself, Microsoft issuing an update that breaks their guarantee by exfiltrating your snapshots for training their LLMs/etc., is very unlikely. But torginus may argue it's something Microsoft are likely to do in secret and successfully lie about such that lack of admission/evidence is not sufficient to determine it hasn't happened, so the criteria may need to be something weaker about Microsoft having made changes that make it in theory possible for them to be secretly training LLMs on the snapshots (e.g: setting them to store unencrypted in OneDrive).
> I'm curious if you yourself would view the event as a big deal if your data had been sent or if you would simply take the "life is short, who gives a shit?" scenic route.
I think training generative AI on private data would be a huge violation and a big deal. There's the chance of exact regurgitation (bank account details, passwords, API keys), but even without that it's pretty much inherently teaching the model things it should not know and would now be able to talk about.
> If you read the article, you would see that the earliest release date for standard Windows versions is planned for early 2025, so you're even kinda baiting the parent from a position of cowardice -- a good faith opening bet would suggest Feb 2026 for the date at the least:)
Not entirely sure what you mean - the date I proposed (2026-08-23) is a full two years from now. Even from the launch of Windows Recall on non-Copilot+ PCs, if that's what we're measuring from, it should give more than "a year or so".
>Not entirely sure what you mean - the date I proposed (2026-08-23) is a full two years from now.
My bad, I could have sworn I read 2025-08-23.
>I think training generative AI on private data would be a huge violation and a big deal.
Just to be clear, I think a local LLM user input leak is by itself a big enough deal before getting into using it as training data for a public MS LLM. The former is getting hit by a car, the latter is getting hit by a train depending on how bad a "mixer" the public LLM being trained is.
I would take a $100 bet that has me winning if there is a data leak or shown to accessible by a third party or a case where it has been used as training data by 2026-08-23 provided it's released by Jan 2025.
I think I'm probably more interested in the concerns of novel/systematic abuse around this feature (like a decision to send these snapshots to OpenAI for training), less so in the scenario where there's no change from Microsoft (so files are still stored encrypted locally on-disk) but in some one-off event (malware, 0-day exploits, choosing to sync to Google Drive) a user's files are exposed in the same way their browser's password DB could have been.
> Maybe they'll offer 'Recall Enterprise' for company owners, and normalize employers spying on their users while selling them the sales pitch of automating away their employees.
That would be fine, as long as the employees are told ahead of time and is part of their employment contract (which i assume would be, because software such as crowdstrike already would be just as nominally intrusive).
As for non-enterprise windows users, this should be at best an opt-in feature. Otherwise, it would be a huge breach of privacy.
i get the impression you aren't much aware of the existing ways employers monitor activity of their workforce at scale for both windows and mac users without needing to browse through GBs of screenshots on a regular basis.
It won't be any different. My guess is they'll pull some stunt like Mozilla is with the Anonym with the PII removed to send data over to further turn Windows and Office 365 in to more of an ad platform.
I could be ignorant. I could be paranoid. I could be wrong. I want to be wrong.
But I don't think I am. And you aren't either. That's what's scary.
i think you are wrong. they are trying to convince the average consumer that they need this new laptop with special hardware because they have exclusive magical features (read: OCR) like windows recall. theyre making it intentionally exclusive and locally computed specifically to brag about new capabilities.
And when this feature exists on all machines, and Microsoft has access to the codebase, you don't think other portions of the company will pitch a "+X revenue if we just used it for Y" re-use of the existing data?
Most of Google and Apple's recent user-hostile decisions can be traced directly back to too much potential revenue to refuse (ad tracking data, app store lock-in). Microsoft isn't immune to those same strategic marketing pressures.
Some data is too tempting to use for evil, that the only sane approach is to ensure there's no centralized manner to access it at scale.
i mean... no one is going to convince you of anything if youre speaking of some hypothetical future possibility. But at least acknowledge theyve improved on security. Defender is included with windows, theyve been steady shipping significant and effective protections like device guard and smartscreen. and maybe you hate edge, but it unquestionably better than IE. i can't defend the heavy marketing and ads in windows 11 other than to say power users can disable that shit entirely. If that isn't good enough, then i think youre right and probably won't ever be one of their customers. thankfully there are other choices though :)
Recall, even if run locally, is a security and privacy nightmare. Imagine all of your activities and data stored on one database. It was discussed many times by security experts.
the same argument applies to browser history, password managers and lots like them. Yes, they make it easier for an attacker to scoop up info (a central place with lots of juicy info), but they also make your life so much better overall.
Most people use them, some heavy privacy/security oriented people don't. Even many of those of us who are conscious about the security/privacy issues, use them because we find their use outweighs the risk.
I can't answer what will happen with a recall type feature, but one has to weigh the value vs risk.
Personally, I'm not sure of the significant value (then again, in being really analytical, I'm now unsure of the significant value of the browser history). How often is one going to dig into recall recorded state.
This same logic applies to browser history, how often does on really look at it? It provides 2 forms of value, 1) showing what you already clicked (i.e. a constant low level value) and 2) being able to find URLs you know you saw, but can't seem to find at the moment (a higher value, but much rarer, similar to recall value). Are these valuable enough?
I'm wondering out loud if the first value (of showing links you already visited) could be solved in a more privacy friendly manner of a 1 way hash of url with salt. Store the hashed URLs instead of a the URL string itself. Even if an attacker vacuums up your "history database", all they get is a bunch of hashes. Even if they get the salt, they would have to hash their entire dictionary of URLs against the salt. (A counter argument is that the set of URLs in the dictionary they would want to hash against to blackmail you, might not be "so big" and hence tractable, so this doesn't gain you much).
I have found this logic fallacy many times. "There is not need to fight for privacy, because that ship has already sailed", "There is no need to fight against recall because big tech already harvest data about you."
Does that mean we should not care about our data, and expose every bit and piece to the system? Should we max out data exposure, or still fight against it?
I prefer to think of it this way: if somebody broke my LUKS-encrypted HDD, probably I'd probably have much bigger problems than my browser history (and the risk of that is too small to consider it seriously).
I view it more as an online attack than an offline attack (so LUKS arguably wouldn't come into play here).
ex: they exploit the browser to get to your userspace, which while they can access / modify your files, they can't elevate it to root to make the exploit more persistent. Therefore, they just vacuum up what they can at that moment (not even analyzing it, that's for later, this is just the collection phase) and move onto someone else.
But yes, I agree with you, if one's more concerned about the possibility of offline attacks, there are other ways to mitigate it / you have bigger problems if those mitigations fail.
So basically you don't keep data an erase every single document you create/receive. You keep your imap email box totally empty as well as the mails locally fetched on your mta. You have an always empty instant messaging app except for the messages pending view. You burn the contracts you signed immediately, you don't keep any photo either on your computer, phone, fridge or an album in a bookshelf. You don't use a password manager because every account created is destroyed immediately after use. You create a new hackernews account for every single message you post.
Are all of those things you said, and do, readily available in one easy to siphon up database? Easily searchable and reportable to nation state entities? Can I or LEOs read your Hacker News posts and comments, and easily determine exactly who you are and that your previously open tabs where porn and anarchy related websites?
No. RECALL is a damn privacy and security nightmare. Don't act like it's saving the world, it's intent is to close the walls in around you.
> Can I or LEOs read your Hacker News posts and comments, and easily determine exactly who you are and that your previously open tabs where porn and anarchy related websites?
Not directly but in combination to other information it could.
The fact is, these kind of recording tools are not meant to publish your information to everyone.
> Don't act like it's saving the world,
I am not acting like that. I have no plan to use RECALL (I don't even use a single windows computer) nor any similar software.
However I find it funny that in any news about RECALL you see so many "privacy nightmare, will someone think of the children" comments while similar open source or proprietary projects for MacOs and Linux, or browser extensions predating RECALL were unanimously praised for their usefulness.
As any tool, you have to balance the risk of a leak in case your systems (or those that host your data) are compromised but it isn't in any way different than any other data you have online or locally on your computer.
You have as much if not much more to lose if your primary email account is compromised and you kept received email in the mailbox.
> To help maintain your privacy, Recall processes your content locally on the Copilot+ PC and securely stores it on your device.
its an attempt by microsoft to flex about their new "AI PC" which just means it comes with this npu that is optimized for the processing workloads associated with various ai usecases. an attempt to profit on the AI hype by pitching their users reason to buy a new computer.
To be fair to Microsoft, running that AI stuff on a standard GPU sucks down power like crazy. Laptops without NPUs would lose a stupid amount if battery life if they enabled AI features like these.
Nobody is using the AI components on these devices yet, but I've heard plenty of stories from developers with MacBooks about how nice it is to have NPU acceleration for whatever models they're running. I've got Jetbrains' offline AI code suggestions enabled and I imagine widespread availability of NPUs would save a lot of random CPU usage spikes for that kind of workload.
General consumers probably don't get much out of AI (the models if any value are too big to run on these small client machines) but I can't say I'd hate a world where NPUs are cheap and abundant.
current laptop here is late 2023 mb pro with m3 max, and some things i really like about it, but i miss the x64 arc. 2 days ago I needed to run a kali linux vm and i plugged in an external ssd where i keep a bunch of my VMs. Theyre useless now though since they aren't aarm64 , theyre x64. I have a lot of stuff related to vagrant and packer that cant even be migrated the products themselves dont support or even just shit the bed on execution. Mixed bag.
Well, in a way that is what happens in ChromeOS, and plenty of people swear by their Chromebooks, and having each click going through webservers all over the place, starting with Google's.
The old memex https://en.wikipedia.org/wiki/Memex concept is a different thing and most important a thing is owning the system, another is having a limited usage license with a black box de facto at the vendor mercy.
Personally I have no memex alike, but I use versioned org-mode notes for anything, meaning my NixOS boot into EXWM with the daily note opened and that note is partially auto-generated to summarize things I might want to see in a single place, NixOS config itself as Emacs config are org-mode notes as well, so it's a kind of full-text-searcheable base with history as well. I've not automated things like Firefox places.sqlite and other data source simply because it's too long to being worth the effort and way to specific and might change "suddenly" following upstream decisions, but essentially that's enough for my needs and I've chosen daily notes model for a reason: I still generate too much "noise" to keep an useful and clean note-base. Chronological division allow to keep the noise "might be useful in future" without polluting too much, collecting screnshots like Recall it's definitively way too much for personal usage, while might be a nice mine of behavioral data for deep analysis on someone else CPU and storage...
would you enable it when interviewing candidates for your team. so when you go to complete your assessment you can go back to something they said or some code they wrote?
No, we do interview assessments later in the day, or first thing the day after, plus we don't do live coding during interviews.
Recall is just screenshots too; no audio. If we thought we needed to go back and scrutinize what someone said, we'd record the interview, but we don't.
The issue is control, i.e., who controls whether it is installed or not and whether it is on or off.
As we saw in the recent US v Google decision experts are teaching courts and the public that pre-installation and "default settings" are in effect a means of control.
In theory, any software or "feature" is a "good idea" as long as no one is forced or tricked into installing or using it. In practice, so-called "tech" companies strategically pre-install and remove or obfuscate consumer choice.
> but the core idea of being able to see what happened a week/month ago and process it using LLMs looks really useful
By definition, it's not only you who can recall what happened a month ago, it's also the cops, burglars, your partners, your children... everyone with access to your machine now has access to everything you did.
It was designed for corporate management to prove the WFH employees are goofing off. It’s the only way the lack of security passed any kind of giggle test at MS. Corporate accounts are the only MS customers that matters.
I assume the screenshots are converted into a textual description quite quickly, so presumably the only disk usage would be screenshots in the buffer waiting to be processed.
I got downvoted and patronized pretty hard in a thread a while back for pushing back (as much as I dont ever want to defend microsoft). https://news.ycombinator.com/item?id=40595344
I think it got shipped a bit hastily, but also dont think hackers will find it more attractive than dropping keyloggers, banking trojans, or ransomware. And screenshots can be photoshopped, so I don't know, I really doubt anyone will care to flip through 25 gb of screenshots.
Also, I'd be interested in a feature like this enabled while interviewing candidates as well as interviewing with potential employers, or while taking courses online, probably a lot of stuff ive not yet thought about too.
I really want to try out before dismissing the concept. If implemented correctly that could be fantastic. But I can also see how employers could abuse it by forcing the feature on employees devices.
Employers can already track every activity on an employees device if they wanted to.
If anything, I think employers are more likely to opt out of Recall because of security fears and cost of hardware rather than replace existing device management tools with this
i really don't see this being used in the enterprise environment. first off, employees without a need for an NPU probably wont be given one. its like who right now is giving out hardware to employees with sick graphics cards? i don't think anyone. There are much easier ways to spy on your workforce already, like deep traffic inspection.
