metatronJan 10, 2025
Stefano Marinelli

UPDATE: I haven't seen Recall in action there. I was just asking the doctor how they'll deal with it.

This morning, I went to the doctor for a scheduled appointment. While she was looking at the results of blood tests from two years ago on the screen (and suggested repeating them for a follow-up), I realized she was using Windows 11. A detail came to mind. The doctor is extremely polite and friendly, so I asked her, "How do you handle the feature called Recall?" The doctor was taken aback and had no idea what I was talking about. I was about to drop the conversation, but she, being a serious professional, immediately called the technicians who manage their PCs to ask for clarification. They downplayed it, saying it's not an issue and that it's a feature "on all PCs, so we can't do anything about it." She started to express that she didn’t like it and wanted it deactivated. No luck: they won’t proceed because, according to them, even deactivating it is "a hack that could compromise future updates." She’s furious and will talk to her colleagues and the decision-makers. She wants secure systems because "there’s patient data involved."

In reality, patient data is stored on servers (which I haven't investigated), but everything that appears on the screen is, in my opinion, at risk.

I’ve offered to help them find a solution—because, if I'm right, all they need is LibreOffice and a browser. In that case, I’ll suggest one of the *BSD or Linux systems and do it for free.

I don’t want to make money off my doctor. I just want patient data to be (sufficiently) secure.

#IT #Recall #Windows #OwnYourData #Security #Privacy #RunBSD #Linux

Jan 10, 2025 at 10:48amWeb
Show threadRadio AzureusJan 10, 2025

@stefano

This is one of the nightmare scenarios. Medical data collected through this pesky OS written by greedy closed source companies. Recall should be illegal if your country of origin is in the EU. Medicals pro's should sue microsoft, since turning it off is (almost) impossible

#Recall #IT #Win64 #OwnYourData #Security #Privacy #RunBSD #Linux

Show threadMarcos DioneJan 10, 2025
@stefano how do you recognize Win11? I haven't even seen screenshots, and last windows I honestly touched was ME, with some glances at Win... 7? from my ex.
Show threadChloé RaccoonJan 10, 2025
@mdione @stefano @VulpineAmethyst normally (by default) the start menu is on the left of the active icons on the task bar in windows 11, not in the corner like everything except for early windows 8 machines
Show threadHenriJan 10, 2025
@stefano Recall is still a preview feature in the Insider build and it requires compatible hardware. Also, it is disabled on enterprise installs.
Show threadSharp LeavesJan 10, 2025
@stefano Good on you for raising this. Maybe talk to your relevant Medical Association and tell them about the risks this represents to their duty of confidentiality ‐ an upstream solution is more likely to get doctors to migrate to safer software, and a medical association has enough lawyers to know how serious this is. (Or be a real pest and start emailing insurance companies "did you realise the legal risks involved when surgeries use Windows 11?")
Show threadPaul Wilde    Jan 10, 2025
@stefano Really Interesting. I'd hope Recall might assist in migrating people away from desktop Windows, I really hope so. Like you, not for "ew Windows" reasons, but for "people's data needs to be protected" reasons.
Good samaritan reasons.
I am in the middle of a "Big IT Company downplaying risk of data privacy as the person who reported it (me) must be a hacker" debate at moment. If you want my badly written post-mortem it's here: https://paulwilde.uk/ponderings/robots-aint-hacking/
(Shameless Plug)
Accused of Hacking | Paul's Site of Stuff

Show threadMotaJan 10, 2025

@stefano

DISM /ONLINE /DISABLE-FEATURE /FEATURENAME:RECALL

Show threadMyza Nil RedJan 10, 2025

@stefano It would be hilarious to see Microsoft completely lose their market share of the medical industry because of their insistence on a feature that no one asked for.

Please, it would be *so* funny.

Show threaddodothedev🦤💻Jan 10, 2025

@stefano @nixCraft

I work for an ambulance service and asked our higher up managers about this. I was initially fobbed off with "that won't be an issue because Microsoft won't enable it." When I pushed and said what if, I was told it wouldn't happen, because Microsoft has withdrawn it. When I pushed one last time and suggested a Linux or other OSS alternative would resolve the issue, the head of IT security said "the NHS doesn't like Open Source because it could be hiding malicious code" 🤦🏻‍♂️

Show threadBashStKidJan 10, 2025
@DodoTheDev @stefano @nixCraft Yep, multiple facepalm emojis.
Show threadJames BasooJan 10, 2025
@stefano On a somewhat related note of how modern tech is compromising medical care, I had an appointment recently where after I asked a question the nurse googled for clarification and advised me based on the AI summary. I couldn't help but point out the hallucination problem but it really highlighted to me that the general person really has no idea what the tech they use every day is doing.
Show threadAubrey JonesJan 10, 2025

@stefano

Worked in software for 20 years, open source for most of it, but for the last 10 years of my career I did medical software.

If you're in the us... There is *no way* "LibreOffice and a browser" fulfills regulations around electronic medical records, unless you're saying their EMR system is web based and they just need a client.

Show threadhakayovaJan 10, 2025
@stefano Switching to Windows 11 was an institutional mistake in this example in my opinion. Microsoft does not have the legal authority to have access to patient data let alone storing it. I suspect that they will have to have Enterprise versions of Windows 11 stripped from Recall to avoid law suits, if they haven't already had them.
Show threadXavier Ashe Jan 10, 2025
@stefano IT orgs can (and do) turn off copilot and recall via Group Policy. Now, in Office 365, it's a bit harder, but doable.
Show threadbovazJan 10, 2025
@stefano the little I read about Recall, it shouldn't be active by default on every device with win11, but only on specific ones. I may be wrong about this.
Show threadAmber Jan 10, 2025
@bovaz @stefano If I remember correctly, it requires an ai "coprocessor" (NPU). https://www.microsoft.com/en-us/windows/copilot-plus-pcs which microsoft markets as "Copilot+" computers. Usually I'd downplay this (because most of the clients I work with purchase through dell, lenovo and so on never Microsoft) but considering the context... yeah I could see doctors wanting a surface or similar device. It also seems that they expanded it from Microsoft computers to other vendors https://www.dell.com/en-us/lp/copilotpc.
Shop Copilot+ PCs: Windows AI PCs and Laptop Devices | Microsoft Windows

Shop Copilot+ PCs, the fastest, most intelligent Windows PCs ever. Explore Windows AI tools and features built into the latest PCs, desktops, and laptop devices.

Windows
Show threadmirabilosJan 10, 2025

@stefano I was thinking similarly, but over here they need all kinds of integration with rhe analysis devices (proprietary of course) and the invoicing systems of the health provider (again proprietary), so no chance 😾🤬

At least most of the devices run on WiXP and the doctors on Win7 AFAICT (I don’t know the post-2000 MS world too well).

Show threadGiacomo TesioJan 10, 2025
@[email protected]

I'm afraid you'll learn they need a patient management system that only run on windows.

However the response if the technicians sound moot...how can it be impossible to disable?

@[email protected]
Show threadGiacomo TesioJan 10, 2025
@[email protected]

here the first result from ddg: https://pureinfotech.com/disable-recall-windows-11/

@[email protected] @[email protected] @[email protected]
How to disable Recall (AI timeline) on Windows 11 - Pureinfotech

To disable Recall on Windows 11 (24H2), open Settings > Privacy & security > Recall & snapshots and turn off the "Save snapshots" option.

Pureinfotech • Windows 10 & Windows 11 help for humans
Show threadrastinzaJan 10, 2025
@stefano patients data is stored on servers? Where do you live, in Mars 2679?
I regularly see excel files with all patients information being sent around by email.
Show threadPeter KovářJan 10, 2025
@stefano https://www.imdb.com/title/tt0100802/
Total Recall (1990) ⭐ 7.5 | Action, Adventure, Sci-Fi

1h 53m | R

IMDb
Show threadDan Neuman 🇨🇦Jan 10, 2025
@stefano My spouse has patient data on her managed computer and it is a real hassle. I don't know why Microsoft hasn't already been sued for HIPAA violations.
Show threadGrant Me StrengthJan 10, 2025
@stefano Weird scare tactics. This feature hasn’t even shipped. When it does, it’s off by default and can be disabled across any org for those who don’t want it. Why are you spreading lies?
Show threadKandyJan 10, 2025
@stefano kudos to you ! 👍
Show threadChrisJan 11, 2025
@stefano Recall is not released yet. Only Windows Insider with a Dev Build can test it at the moment. Recall is completely offline and needs a special NPU chip to work. And on top of that, you can deactivate Recall in the settings. I tested it. So this doctor does not have Recall on the PC and nothing is collecting any data.
Show threadtoadjauneJan 11, 2025

@stefano I'm confused, afaict, even on a non-managed install, it can still be deactivated in system settings by the local user.

Is this not the case ?

Show threadPaul ChernoffJan 12, 2025
@stefano It seems easy to uninstall and turn off https://www.windowscentral.com/software-apps/windows-11/how-to-disable-windows-recall
How to disable or uninstall Windows Recall

Want to turn off or remove Windows 11's built-in Recall feature? Here's how.

Windows Central