I disagree, the fact is that is not today. It isn't tomorrow, it isn't this week, or even next week.
This is a feature that is still in preview.
I fully agree that the feature is poorly conceived and we need a response. But "radio silent" is severe over-exaggeration for a feature that the general population does not have access too.
If we don't get a response by mid next week, even a simple "we are delaying the release and will have more information soon", than I would agree.
But this is not an actively exploited thing running on un-expecting users.
I still wouldn't use the term radio silent, but the expectation of a response has to be tied to the urgency of the problem.
Given this is pre-release, the urgency of the problem is basically non-existent at this point in time, except for the media that really wants to capitalize on this news. As we get closer to release, sure it becomes more urgent.
We've made an open source alternative OpenRecall to address some of the concerns https://github.com/openrecall/openrecall We want to make it fully auditable, privacy focused and aim to have a better security model. Everything runs and is stored locally and only analyzed using open source models.
Nice, I might check this out since it works on Linux and is coded in Python.
Honestly, if Microsoft came out tomorrow and just said "Look, here's the source code to Recall, we will not diverge it from this codebase in any way, and you should be able to create builds that match what's on your machine" that would be fine.
Microsoft, STOP FORCING GARBAGE MARKETING AND NEW FEATURES ON USERS. You have a high quality product you're trashing up. I've sworn off Windows since Windows 10/11. I am a daily Linux user thanks to all the nonsense. The only time you see me on Windows is my employer pays for it, but given a choice, I'd just ask for a Mac or Linux device instead. I'm done. When you make an OS that's just that, an OS. Come talk to me. I would gladly pay money out of my own pocket for "Windows Core OS" and its just stripped down, and NEVER forces to advertise Office, or OneDrive, or Cortana or any of the things we never asked for.
Been a Linux user on and off, but mainly used Windows for gaming. Linux has gotten good enough, especially Ubuntu and POP OS, its just a breeze to use.
What if the real purpose was not simply the function of Microsoft's Recall to run AI on snapshots and create functionality for the end-users, but to train AI on how to perform the most common functions of the average employee? Point being that it is not likely they developed this as a feature to entice end-users at all, and the other purposes are more sinister and invasive, unless one can stop the ex filtration of data usage back to Microsoft.
I feel I'm one step closer to being buried with a shiny hat, but I agree.
Training on commodity things at scale, surveillance, there are just too many useful bits of data for the government to not use the same procurement channel as usual: private businesses
One can freely spy on us, the other "can't". They can exchange money and information, though. So it's a distinction without a difference.
> I would gladly pay money out of my own pocket for "Windows Core OS" and its just stripped down, and NEVER forces to advertise Office, or OneDrive, or Cortana or any of the things we never asked for.
i'm only going from win10 LTSC to either a similar version of 11, or debian
for me it was the purposely depressing news articles just showing up all over the start menu :(
I make software, I don't want my OS restarting without my telling it to do, or tricking me into restarting for updates I don't need immediately. I'm stuck on Linux until Microsoft makes a version of their OS for power users.
Win 11 lstc so far isn't bad, but I saw there is a tab for ai components, which means Microsoft is still probably going to hawk copilot and recall even for lstc.
Recall has local storage too, and lack of auditing or open source models are not the primary complaints. It’s the existence of this data store at all. If you can find a way to let the user see it without letting Infostealer (or the user’s boss, or the user’s abusive spouse) see it, you’re getting somewhere.
Recall is kind of the same expectation violation as when Snapchat users figured out you could take screenshots.
Not sure how this addresses some of the real concerns behind Recall, an example being if my password manager is open and showing data I don't want saved anywhere else.
On macOS (I assume a similar feature is on Windows) I believe an app/window can specify that it has secrets or is "private". I think is this what rewind.ai uses to skip capture, or maybe it's that the screen capture API's in macOS already filter out those private windows.
That had better be something that I have to opt-in on.
If it's not, I'm done with Windows after 10's mainline support gives up the ghost in 2025. I only use it for ham radio stuff at this point, and Mac/Linux gaming is now officially Good Enough™.
Windows Recall feels like having £100million worth of gold in your roofspace and telling everybody about it.
Sooner or later, somebody is going to figure out how to steal it.
Also, it just struck me, it used to be normal to install anti-virus on Windows, because it didn't have it's own one. Anti-virus would find software like this (spyware) and block it from running.
Then, Microsoft introduced their own, built in, anti-virus, and it was really good, so we basically stopped installing our own.
Now they have added literal spyware right into their OS, that their anti-virus will be totally cool with.
I've always liked and defended MS, but I dunno anymore...
I mean, when you get down to it, if you do not trust the maker of your OS, you’re kind of already in a really bad spot. If you don’t trust Microsoft/Windows, you need to not be using it. I’m not sure this feature changes any real facts about this, only the optics
Windows is an amalgam of interests and capabilities within Microsoft. I trust different parts different ways because different motivations drive them. I think it's reasonable to assume this is well-intentioned but not trust that they've given enough thought to the threat models surrounding it. It's also reasonable to assume the AV team will add an exception to it with all the best intentions.
No malice or evil is needed, just good but misguided intentions.
The revelations of the security problems with recall finally made me go all Linux. Whatever problems you can think of with Linux it pales in comparison with having CCTV in your OS.
Would it be secure? The machine still needs some API key to utilize it so that user can get the most of it. That key must be in machine in order that database could be accessed. Whoever exploits that machine, is still able to get the same data as the user of that machine.
It will be possible, but enabled by default. And given how a lot of other features in Windows 10 and 11 have magically re-enabled themselves after updates it's likely the same will happen with this.
Microsoft's plan is to make it opt-out, so you should be able to disable it. And you can avoid it entirely by not using an NPU-equipped machine.
Opt-out is a terrible idea for this sort of thing -- something as intrusive and dangerous as this should absolutely be opt-in -- but at least they're planning on giving that much.
I'm not one to defend Microsoft or Windows but I'm not really surprised they couldn't get the necessary info gathered (gathering engineering details, security inspection, possibly discussing changes to internal plans or engineering details, figuring out which parts they're ready to be public about, translated across departments to the PR team who then has to translate the details into a PR statement, more cross-checking to make sure nothing inaccurate is said, etc) before the articles were published.
I wouldn't really call it "radio silence," that's just the speed something like this moves at. And it's not regarding a feature already live or anything so... it's fine if they take their time?
Sure feels like a symptom of them not thinking through the trivially obvious and enormous security problems they created. Competent people would have thought through things like eg wow, it would be super, super bad if someone exfiltrated this before announcing features.
2 days is “radio silent” is a bit much. They may just need time.
If this was live and running on a bunch of systems, sure. But let’s not jump to additional clickbait for no reason.
Criticize the feature. Call out its problems. Keep reporting on that. But let’s be realistic about communication.