Mastodawn

Alex G May 21, 2025

We're ready for Microsoft Recall and the automatic screenshots it takes of everything on your desktop.

Signal Desktop on Windows now includes support for a new "Screen security" feature designed to block screenshots of your Signal chats.

https://signal.org/blog/signal-doesnt-recall/

By Default, Signal Doesn't Recall

Signal Desktop now includes support for a new “Screen security” setting that is designed to help prevent your own computer from capturing screenshots of your Signal chats on Windows. This setting is automatically enabled by default in Signal Desktop on Windows 11. If you’re wondering why we’re on...

Signal Messenger

Tanguy ⧓ Herrmann May 21, 2025

@signalapp I was quite annoyed when I heard about Recall.

You guys delivered! Thank you!

Tanguy ⧓ Herrmann May 21, 2025

@signalapp just read it.

The fact that you use a feature made to protect content corp data (DRM) as a way to protect individuals is :chefkiss:

It also highlights where the priorities of those corps are, and it is really distasteful.

Rastal May 21, 2025

@dolanor @signalapp The real solution isn't a one program fix, the real solution is to ditch Windows...

Tanguy ⧓ Herrmann May 21, 2025

@Rastal @signalapp That is totally true.
I've been doing that for more than 20 years.

I can still applaud when companies/individuals resist whatever crap is thrown at them for shitty reasons.

potion_genderqueer

@dolanor @Rastal @signalapp Yep, both of these things can be true. Some folks have to use WindBlows for whatever reasons.

Frankly, I think the Signal screen should show up as "FUCK YOU MICROSOFT" in Recall... or similar... or maybe Johnny Cash or Carrie Fisher in signature poses 🖕 ... As an option, of course.

Epistomai May 22, 2025

@Rastal @dolanor @signalapp Microsoft*

ZogG May 22, 2025

@epistomai @Rastal @dolanor @signalapp planet Earth*

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 22, 2025

@Rastal @dolanor @signalapp easier said than done for corp IT fleets that are heavily invested in Windows — I agree with you but switching several thousand endpoints to a different operating system is just not cost effective. Signal understands that.

Dima Pasechnik 🇺🇦 🇳🇱May 22, 2025

@bh @Rastal @dolanor @signalapp
being sued out of existence for leaks caused by an insecure platform isn't cost-effective either.

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 22, 2025

@dimpase @Rastal @dolanor @signalapp I’m not understanding your reply. Are you suggesting organizations that heavily use Windows could possibly be sued due to Windows Recall?

Dima Pasechnik 🇺🇦 🇳🇱May 22, 2025

@bh @Rastal @dolanor @signalapp
organisations and businesses often have to deal with classified materials, trade secrets, privacy-related issues, etc.

Forget Recall, even using the autosave feature of recent releases of Word saves stuff to OneDrive.

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 22, 2025

@dimpase @Rastal @dolanor @signalapp agreed, which is why suggesting to ‘ditch Windows’ is not very feasible for those orgs due to the lack of auditable mobile device management systems that comply with regulatory requirements.

As far as I know, Microsoft Intune is the only MDM that runs well enough on Linux that doesn’t give a sysadmin headaches, but that’s not really moving off the platform that runs Windows.

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 22, 2025

@dimpase @Rastal @dolanor @signalapp you can change the default location of where Office saves files with group policy — no way to do that with Linux so I understand how Linux doesn’t operate the same way, but my point still stands. Changing operating systems is a nightmare.

https://support.microsoft.com/en-us/topic/what-administrators-need-to-know-about-the-new-save-experience-in-office-c1f1a8a7-967b-45b3-a9df-910fbf93311f

What Administrators need to know about the new Save experience in Office - Microsoft Support

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 22, 2025

@dimpase @Rastal @dolanor @signalapp btw I used to work at NUIT so I know first hand what it’s like to force tenure faculty to do anything they don’t want to do… 😉

Dima Pasechnik 🇺🇦 🇳🇱May 23, 2025

@bh @Rastal @dolanor @signalapp
This is BS. M$ tools are simply not fit for academia, or any place that has to interoperate with the larger non-M$ world out there. E.g. they actively prevent us to conduct an intelligent discussion via email.

E.g. Outlook is simply not capable of property formatting in-text reply emails, and similarly email clients out there are not capable to deal with the mess M$ creates in their HTML emails (thanks, M$, for giving birth to this pile of crap).

At one of my university employers they lost years of my Exchange-managed emails, cause even backups are not something this software renting business is capable to provide. I did have personal backups of most of them, though.

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 23, 2025

@dimpase @Rastal @dolanor @signalapp yes this is BS (that is me, my initials) and I couldn’t agree more with your sentiment to M$. I’ve hated administrating anything Microsoft owns and that is why our corporate fleet is all macOS (I work in parking now)

Also, my condolences to you and the difficult experiences you had with university IT. Lack of backups is simply unacceptable and glad you do your own. M$ Exchange is just garbage.

Dima Pasechnik 🇺🇦 🇳🇱May 23, 2025

@bh @Rastal @dolanor @signalapp
No way?
It's trivial to set a global default location for autosave files of, say, vi, on Unix, it's in a text file in /etc, you know. M$ got to stop bragging about them being oh so sophisticated wrt to user management.

PS. group policy, shmoop policy. Universities bought into M$ cause the suits were assured they can lay off IT people, and let their functions be performed by totally IT-illiterate secretaries. Over in Oxford they never managed to configure my Teams so that I can initiate calls. The M$ system tools are overdesigned, and too complex for anyone with IQ below 120 to do anything non-trivial.

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 23, 2025

@dimpase @Rastal @dolanor @signalapp agree with your point. M$ Exchange was the only way to have securely reliable email services on premise for academia. But when the cloud ☁️ appeared, then magically the cost of support and licensing for on-prem got really expensive. The shift to “hybrid” began and IT teams were forced to learn and support new technologies and M$ didn’t keep up with quality software

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 23, 2025

@dimpase @Rastal @dolanor @signalapp but now M$ is deliberately using AI to help Israel commit genocide, so we can see where their ethics are. Fuck them https://www.theverge.com/tech/672312/microsoft-block-palestine-gaza-email

Microsoft blocks emails that contain ‘Palestine’ after employee protests

Microsoft employees are reporting that emails that mention Palestine are being blocked. Microsoft has confirmed it has made some changes to its email systems.

The Verge

Dima Pasechnik 🇺🇦 🇳🇱May 23, 2025

@bh @Rastal @dolanor @signalapp
Before Exchange got born, people were running email servers on premises just fine, I don't see what you mean by "the only way". That is M$ propaganda.

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 23, 2025

@dimpase @Rastal @dolanor @signalapp who was managing the security of those on-prem servers?

Dima Pasechnik 🇺🇦 🇳🇱May 23, 2025

@bh @Rastal @dolanor @signalapp
hmm, do you honestly think that this is such an impossible task, manage security of on-prem servers? I am running my own email servers for over 25 years, and I don't think I ever had a security breach.
What's so complicated about it, that only M$ on their crapOS can achieve?

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 23, 2025

@dimpase @Rastal @dolanor @signalapp its easy to self-manage and self-host for a handful of users but IT teams need to account for scalability. In theory it seems easy, but when you’re tasked with patching ~200 servers one by one, and it takes away time from your life — you really want a centralized service that can help with those efforts of and maintaining reliability and security.

what would indicate a breach of email service?

Tanguy ⧓ Herrmann May 23, 2025

@bh @dimpase @Rastal @signalapp I don't see how patching 200 windows on premise servers is easier than 200 linux on premise servers.
I would argue the total inverse.

I'm also very sure that gmail doesn't run on windows server.

And when hotmail, who was run on BSD, if I'm not mistaken, got bought by Microsoft and they forced the switch to exchange servers, the migration really went bad for a while.

So I don't think I agree with your point.

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 23, 2025

@dolanor @dimpase @Rastal @signalapp I’m only speaking from my own experience

NewDay May 21, 2025

@signalapp Just use Signal on #Linux and you will not have headache caused by Microsoft.

Django May 21, 2025

@NewDay14 @signalapp But if your communication partner uses Windows, how is your end-to-end encryption, because everything is recorded there and made accessible to third parties in the M$ cloud?

Thomas P. Moonis May 21, 2025

@Dj4n90 @NewDay14 @signalapp Just cut off all your friends who don’t use Linux, duh.

Django May 21, 2025

@MisterMoo @NewDay14 @signalapp _MY_ friends uses arch, btw! 😎

NewDay May 21, 2025

@Dj4n90 @signalapp The e2e encryption is OS independent. If you are writing to someone who is not using the same OS as you, you should not be bothered. I have not found any information that Signal stores the messages using Microsoft's cloud.

Django May 21, 2025

@NewDay14 @signalapp Do you really trust that nobody but yourself has/will have access to your recall folder?

NewDay May 21, 2025

@Dj4n90 @signalapp No, but Signal will not give Recall access to your screen or I did not really understand the new feature above.

Jason Evangelho 🐧🎒May 21, 2025

@NewDay14 @signalapp I agree with you. But that's not a realistic possibility for many, many people for a variety of reasons.

Tobias Frisch May 21, 2025

@killyourfm @NewDay14 @signalapp Honestly the true privacy option would be dropping Windows support because it's a security risk for all other users at this point. I doubt this workaround will keep anything protected long-term.

NotBlackMagic May 21, 2025

@NewDay14 @signalapp Communication takes a partner.

IrishMASMS May 22, 2025

@NewDay14 @signalapp

The Evil Chocolate Cookie May 21, 2025

@signalapp of course the proper thing would be for Microsoft to like not take screenshots of your screen in the first place because that’s creepy

r0k May 21, 2025

@signalapp I'm glad there is a solution to this frustrating problem.

I can't help but wonder if the setting could be made stronger, like disappearing messages. Now, if I don't want my messages captured by Recall, I have to hope that others in the chat don't disable this setting on their end.

@r0k @signalapp
That's the security hole in all encryption applications: you can't control what recipients do. But that's not an encryption problem, it's an opsec problem.

Colin H.May 21, 2025

@r0k @signalapp An option to reject talking to any other Signal client with Screen Security disabled would seem a logical next step.

Christoph Brodesser May 21, 2025

@signalapp bekanntlich soll der neue Microsoft-Dienst „Recall“ Screenshots von allem machen, was auf dem Bildschirm geschieht - also auch von Desktops von Messengern wie #WhatsApp, #Telegram und Co.
#Signal hat darauf reagiert und will jetzt eine neue Funktion „Bildschirmsicherheit“ in sein System einfügen, die Screenshots der Signal-Chats blockiert und damit die Kommunikation nicht in die USA nach Redmond schickt.
Für mich zwei Erkenntnisse:
- Microsoft soll so bald wie möglich endgültig vom Rechner verschwinden; leider nutze ich aber noch ein paar wenige proprietäre Programme, die zwingend MS Windows zur Funktion benötigen, so dass ich noch nicht ganz „clean“ sein kann
- WhatsApp, Telegram und Co. werde ich für die wenigen Fälle, in denen ich sie heute noch nutze, aufgeben; hauptsächlich gibts nur noch Signal und innerhalb der Nextcloud-Benutzergruppe Talk. Matrix wäre zwar auch schön, erfüllt aber mein Anforderungsprofil (noch) nicht umfänglich.

kontrollierterWahnwitz May 21, 2025

@cbr Aus Interesse und Spieltrieb: Welche Programme setzen für dich noch Windows voraus?

Christoph Brodesser May 21, 2025

@kontrollierterWahnwitz StarMoney in der Cloud.

Sarah A May 21, 2025

@signalapp I love signal, however no ios backups which is not good as I might have to transfer devices in case mine brakes and is unable to boot back up.

Talya (she/her) 🏳️‍⚧️✡️May 22, 2025

@ke7zum @signalapp well good things they are in active development *right now*

Jo (lesbian is my persona era)May 21, 2025

This paragraph is amazing!

Xerz 💗May 21, 2025

@signalapp the only good use case for DRM

COMPU73E ❄️May 21, 2025

@signalapp someday you'll be able to make a post like this on Mastodon without a load of "just use Linux" reply-guy dickheads showing up. but not today 🙄

Michael 🐸May 21, 2025

To put it that way: Blocklist goes brrr.
Those "just use Linux" guys are the biggest group on my blocklist.

Veedems May 21, 2025

@signalapp that’s big news. Great work to the team executing on this!

Northants Greens May 21, 2025

@signalapp This will be excellent for our online meetups in the future!

Moving to @[email protected]May 21, 2025

@signalapp While I'm 100% behind anything that tells Microsoft's data devouring new "feature" to piss off. I have to wonder, does this only work against Recall? I can think of personal reasons someone might want to screen cap a chat.

CpyJx 🍉May 21, 2025

@xoagray @signalapp The setting prevents anything from taking screenshots. You'll need to disable it in the app's Privacy settings if you want to take a screenshot. If you want to stay protected, then you need to enable it again afterwards.

Terminhell May 21, 2025

@signalapp now share with the rest of the class how ya did it XD

Ilias May 21, 2025

@signalapp jUsT uSE LiNuX. Oh shut up. Most desktop Loonix distributions are very insecure.

⁂ Jnk ∞ 📎May 21, 2025

@ilias @signalapp you could also create a filter to hide the word 'linux' instead of posting a brain-dead comment crying about it (while also showing off how little you know about the topic).

Just a suggestion

tekhedd May 21, 2025

@signalapp I need this Recall "Screen security" for the entire desktop.

tekhedd May 21, 2025

@signalapp Let me guess, blocking Recall will also block my screen capture capability. If I was nefarious that's how I'd design it.

Grant Joseph May 21, 2025

@tekhedd Recall is opt in.