Kevin BeaumontMay 21, 2024

For those who aren’t aware, Microsoft have decided to bake essentially an infostealer into base Windows OS and enable by default.

From the Microsoft FAQ: “Note that Recall does not perform content moderation. It will not hide information such as passwords or financial account numbers."

Info is stored locally - but rather than something like Redline stealing your local browser password vault, now they can just steal the last 3 months of everything you’ve typed and viewed in one database.

Show threadKevin BeaumontMay 21, 2024

I've written up my thoughts on the Copilot Recall feature in Microsoft Copilot+ PCs

I think it will enable fraud and endanger users, and is not the sign of a company who are committed to security first.

https://doublepulsar.com/how-the-new-microsoft-recall-feature-fundamentally-undermines-windows-security-aa072829f218

How the new Microsoft Recall feature fundamentally undermines Windows security

Yesterday, Microsoft CEO Satya Nadella sat down with the media to introduce a new feature called Recall, as part of their Copilot+ PCs. It takes screenshots of what you’re doing on constantly, by…

DoublePulsar
Show threadKevin BeaumontMay 22, 2024
The UK’s ICO have opened an investigation into Copilot+ Recall. https://www.bbc.co.uk/news/articles/cpwwqp6nx14o
Microsoft Copilot+ Recall feature 'privacy nightmare'

The ICO wants to know the safeguards around Recall, which can take screengrabs of your screen every few seconds.

BBC News
Show threadKevin BeaumontMay 22, 2024

Copilot+ Recall has been enabled by default globally in Microsoft Intune managed users, for businesses.

You need to enable DisableAIDataAnalysis to switch it off. https://learn.microsoft.com/en-us/windows/client-management/manage-recall

Manage Recall for Windows clients

Learn how to manage Recall for commercial environments and about Recall features.

Show threadNick Taylor

@GossiTheDog Its one saving grace seems to be that it requires specific hardware, so as long as I never, ever buy a Copilot+ computer I'm safe? Or have I misread that?

(hardware anti-marketing by badly thought-out features. Only in tech.)

May 22, 2024 at 12:29pmWeb
Show threadMarjorieRMay 22, 2024
@tienelle @GossiTheDog what you do know is that if your workplace suddenly decided that you all require new Copilot+ computers then they want it so they can spy on you and what you are doing: remembering that on a corporate network all your passwords belong to them.
Show threadRandom Damage 🌻May 23, 2024
@marjolica @tienelle @GossiTheDog software to do that has been around for ages, and doesn't require special hardware