Sort of but AI PCs are going to be more expensive than normal PCs so most users won't and will continue to not have a PC that does this. Pushing it out to existing machines would be a very different tier of problem.
Currently an Inspiron 7440 (non-Copilot+) starts at $849 and an Inspiron 7441 (with Copilot+) starts at $1,099. That's a $250 premium to get an "AI PC".
The part where you are pointing out a dev kit and about how well it runs Linux is really just admitting you don't understand the conversation we are having here.
Most users buy a cheap HP from Costco for $300. Businesses will buy the same standard line OptiPlex they bought last year. Very, very few people will magically end up with Windows Recall who didn't intend to.
i.e. PC hardware for AI inference will not be limited to Windows.
> Most users buy a cheap HP from Costco for $300. Businesses will buy the same standard line OptiPlex they bought last year.
Both Intel and AMD announced upcoming chips with NPUs. Mediatek and Nvidia will likely join the Arm AI PC competition in 2025. Apple's 2024 OS updates are focused on AI features, both on-device and cloud partnership with OpenAI. Intel's Computex tagline a few weeks ago was literally "AI Everywhere".
In a few years, silicon for on-device AI inference will likely be pervasive in retail PCs, including Costco, HP and Dell Optiplex. It has been shipping in Apple Silicon Macbooks and iPads since 2020, mostly unused by software until now.
I wonder if MS will then just make it a online processing version, so it just ships all your data "for free!!!!" to MS servers and then processed remotely for you!
I also wonder how "knowledge transfer" will happen when you get a new machine in the future? What about backups, do they sit in the cloud already? These all sounds like ways that this "local" AI PC will share data with the MS cloud in one form or another. With Apple doing similar things already on iPhones (I know there are differences, but its still analyzing your data etc), I wonder if Linux might actually become a more mainstream OS in the future.
Could also be that people stop using computers as much and just use tablets with docking stations + keyboard & monitors (again, there is work to be done, but its a possibility from a HW level). That would leave us with MacOS & Windows for business desktops (with some Chromebook & Linux sprinkled in there). Education would probably be more Tablet & Chromebook style compute, and gaming is already moving to the cloud (I guess the positive here is that we might finally be able to get rid of AntiCheat software:) ).
> I wonder if MS will then just make it a online processing version, so it just ships all your data "for free!!!!" to MS servers and then processed remotely for you!
> I also wonder how "knowledge transfer" will happen when you get a new machine in the future? What about backups, do they sit in the cloud already?
Honestly, I guess this will become very expensive for Microsoft, and they won't find a good business case what to do with the collected data. So Microsoft is wasting a huge load of money, and additionally their AI spyware causes a huge reputation damage for Microsoft: a lose-lose situation. :-(
No idea about this specific feature, but billions are being spent to train models in the cloud (including Azure), with the expectation that some models will be used for on-device inference. It remains to be seen whether those investments will return dividends. In the meantime, cloud and GPU vendors are making money on model training.
If it works like any other electronics product I've bought in the last ten years, the "AI" version will soon be cheaper thanks to subsidies from advertisers, while the "normal PC" will be twice as expensive and the domain of tinkerers and cranks.
It’s enabled by default on a select number of laptops they sell, and no one else has access to it yet. But they plan to roll it out further. I’d personally hoped for some kind of “Secure Enclave” such that only certain processes could be run, but this is about what I would expect of someone shipping a minimum viable product because AI is a hot buzzword. Weirdly, even AI could theoretically solve some of the privacy issues simply by looking for PII and removing them. Extra weirdly, this would have been more secure if they uploaded screenshots to the cloud, because access could be better monitored there and exfiltration limited.
If anything, it's likely they imagine the PII being useful. Imagine being able to ask your computer for your bank account number instead of digging it out of a website or file. Obviously useful... but also obviously exploitable.
There's a phase in between where it's reset every time you leave the settings menu and can't see them resetting it (I forget which privacy policy it was anymore, but that was the straw that kicked me over to Linux for good).
> This is something you have to specifically enable right? Right?!
lol, lmao even. Some might even be so inclined to say rofl.
It is actually kind of depressing the state in which Windows is and is going. For me personally the only actual "advantage" Windows has over my homegrown Archlinux install is app/game support. And basically all of the ones that don't work, don't work by design because they don't want the user to own their hardware/software.
Regardless of the new Recall feature, the Windows Timeline already collects vast amounts of data and is enabled by default, and I've seen the database file grow even when disabled. A trove of information for any forensic analysis.
First it's gonna be an obvious setting, then it's gonna be a setting deep in the "features" of windows, then it's gonna be a register you have to edit, then it's gonna be an obscure powershell script you have to execute, and in the end, it will be a default feature that you have no control on :)
In 2001, image sensors and the electronics to drive them were far larger then they are today, an endoscope-style fibre optic isn't necessarily ridiculous if you only had a tiny hole to sneak through a thick obstruction.
Even today, a non-CIA-grade camera head is probably 2-3mm across and the optics on a fibre optic can be far narrower.
You can only have a pinhole spy cam if you have a void directly behind the pinhole.
Well, I assume they can do better than a £10 USB endoscope from AliExpress!
But even if you have some ultratiny thing hot out of a classified lab, fibre optics also keep the active electronics further away and harder to detect.
They probably don’t even have to bother, just hack the targets phone, tv, iPad, laptop to get every bit of content they consume and conversation they have.
When I watched this film, I immediately thought during the finale of this film that the story of this film is so "wrong" because the public will barely care about the misdeeds of NURV (or rather: those who do care basically already "know").
From todays's perspective, considering for example the Snowden and Wikileaks revelations that caused exactly these barely-nil reactions in the public, I know that I was right regarding this feeling.
I wouldn't say they caused barely-nil reactions. Maybe to the general public and to a random bystander if asked, but they still had implications for the public's overall trust in the government. And for users in the affected spaces (tech, security, etc.) the reaction was stronger and longer lasting.
> but they still had implications for the public's overall trust in the government.
In my observation it really was as I described:
- those who already deeply distrusted the government continued to do so
- the others (the huge majority) simply did barely care or even attempted to justify the crimes
Concerning your point about tech and security sectors: those who form the inner core of the people working in these sectors basically already knew what was happening since at least the 90s.
Nobody votes for net neutrality or internet rights or privacy focused groups. I agree that there were almost no reactions. June 6th people will vote for European elections, lets see how many seats the pirate party gets.
It depends on what you see as an appropriate reaction to wikileaks and Snowden. It was a structural problem, and no governing parties ever tried to stop it so voting it out for instance wasn't a solution.
Perhaps Trump's support could be a far reaction to it, with no clear direction but just a strong wish to screw it all. We see the same in other countries where people go to the extremes as discomfort rises with no actionable way.
They did it, out in public people wrote about it, everyone shrugged and went on with their lives. All Snowden did was give it a face, some (program) names, but any one with any sense stayed away already.
The American public has been warned twice, and did not care. It's gonna take something major leaking for them to do anything about it.
Klein said he is relieved another person -- Snowden -- could corroborate his story, but with actual government documents.
"When he first came out, I was delighted. It was, first of all, vindication for what I was saying," Klein said. "He also revealed the programs they were doing were vastly bigger than I ever understood at the time."
The idea other people with access to the device could see a photographic memory is.. very scary to a great many people on a deeply personal level. Windows is a personal experience. This shatters that belief.
>The objective of the LifeLog concept was "to be able to trace the 'threads' of an individual's life in terms of events, states, and relationships", and it has the ability to "take in all of a subject's experience, from phone numbers dialed and e-mail messages viewed to every breath taken, step made and place gone".
> The SenseCam is a personal, wearable camera developed by Microsoft Research in Cambridge, UK, and used as a lifelogging device in projects like MyLifeBits.. is based on wearing the SenseCam for lifelogging of ‘events’ during your day, and generating a fast-forward movie of the event as the memory recall interface.
> Lifelogging technologies can capture both mundane and important experiences in our daily lives, resulting in a rich record of the places we visit and the things we see.. Previous work has demonstrated that Lifelogs can aid recall, but that they do many other things too. They can help us look back at the past in new ways, or to reconstruct what we did in our lives, even if we don’t recall exact details.
> MyLifeBits is a life-logging experiment begun in 2001. It is a Microsoft Research project inspired by Vannevar Bush's hypothetical Memex computer system.. The "experimental subject" of the project is computer scientist Gordon Bell.. For this, Bell has digitized all documents he has read or produced, CDs, emails, and so on. He continues to do so, gathering web pages browsed, phone and instant messaging conversations and the like more or less automatically. The book Total Recall describes the vision and implications for a personal, lifetime e-memory for recall, work, health, education, and immortality.
It’s just a matter of time until they introduce an InTune feature to enforce this setting and send AI-written summaries of all employee behaviour to management.
Let me be clear: I will literally burn any computer equipped with this technology I am forced to use and post the aftermath online.
This is societal cancer. Total information monitoring is the death of any semblance of human independence and should be violently resisted.
I have never been more disgusted by a management team. How clueless can you be? Combined with digital intelligence, this technology is profoundly dangerous to anyone who works with a computer or technology (which is almost everyone).
The only silver lining on this is that, previously, the idea that your computer might visually spy on everything you do and index it for easy searching was the domain of paranoid conspiracy theorists.
So I guess at least marketing that as a feature now makes it obvious that it is possible, I guess.
But now they will claim you have a way to turn it off. Who knows ! There is so much telemetry being recorded anyway.
This is like people preferring Macbooks from 2016 because it was pre-touchbar. I honestly consider good tech from previous years to be far more secure than what’s around now. Who knows what’s in your products now?
That was very well written and reasonable, neither minimizing the risks nor succumbing to hysteria.
The idea behind Recall, universal, machine-assisted search, is a good one but it's embarrassingly clear that in terms of implementation, this ain't it, chief. Microsoft should do what Google has done with Sky -- withdraw the product, take the hit, and hope that something can be salvaged from this debacle, both in terms of an improved product, and better company-wide testing and rollout practices.
I think the idea is a good one, I just have zero trust in Microsoft to have my interests in mind so it becomes a question of when, not if, it becomes abused, if not by them then some bad actor.
If you get malware, these malware will only begin to record things once they are installed. They do not automatically get years of computer use history. Until Recall.
It seems like you live in the same kind of detached echo chambers as the people at Microsoft who approved this feature. No wonder you find this nonsensical. I bet the product managers responsible for this also find this article nonsensical.
Right, the malware will only able to get all the documents you wrote during the years of using the computer, all the emails you ever got or sent, all your chat conversations, your bank account details, photos and videos you made, complete browsing history, access to your work account(s).
Of course it is critical that it does not also know what porn you watched in incognito, or what you had in snapchat messages.
Wait, scratch the snapchat. I don't think they have desktop client.
If majority wants to use Ctrl+C to copy, and the rest want to use Alt+M or don't care either way, then the most sensible thing to do is have Ctrl+C copy by default, and make a setting for the rest, which is exactly what is done here.
Because you reference the behavior of the majority as a counter-argument.
So if 40% of people use delete for more than a dupe photo and thus would benefit from this even if they were hacked (vs Recall), how does the fact that the majority doesn't do that counter the benefit for this non-majority group? If you only care about the majority, this makes sense
Your analogy is wrong in both characterizing the problem and offering a solution:
1. The majority doesn't want this just because they fail to protect their data properly
2. Defaults matter and having an option doesn't imply perfect awareness/disabling by that non-majority group
So at most you've somewhat reduced the affected group while still not addressing the original issue why you think it's ok to ignore the non-majority (It also doesn't address the video calls)
1 basically contradicts the whole premise from 6 or so levels above that for majority this does not present any additional risks to their data, because they never delete it anyway.
2 addressed above
"ignoring" non-majirity addressed in Ctrl+C comment.
1. was about a different flaw in your argument, not 6 above. That one is also wrong, see X levels above re video calls which you don't need to explicitly delete for them to disappear from malware's view without Recall
2 addresses above, including Ctrl+C, so you need something new to address it
There are a number of things that do disappear. But when you put them in the line next to bank credentials, private pictures, passwords, and private documents, they pale in comparison.
Re: awareness. Are you saying the only MS problem is they are not marketing capabilities enough? Assuming the video calls point is addressed, your whole "feature is extremely bad" argument is that it is on by default, and one has to know to do something to turn it off if they don't want it?
> In practice, that audience’s needs are a very small (tiny, in fact) portion of Windows userbase — and frankly talking about screenshotting the things people in the real world, not executive world, is basically like punching customers in the face. The echo chamber effect inside Microsoft is real here, and oh boy… just oh boy. It’s a rare misfire, I think.
> I think it’s an interesting entirely, really optional feature with a niche initial user base that would require incredibly careful communication, cybersecurity, engineering and implementation. Copilot+ Recall doesn’t have these. The work hasn’t been done properly to package it together, clearly.
My hot take on this has been that although the tech community universally hates this - the sales and management types that drive these decisions will love it, and recall will go down as a resounding success for Microsoft. You're also going to find disabling it reduces your 'azure score' which is absolutely used by such types as a measure of their sysadmins skills.
The management types who think they love this, because they can monitor their employees more effectively, will change their minds in a hurry when a competitor sues them, discovery starts, and the competitors' lawyers get to go through everything that Recall saves.
I am "on about" the fact that HN is frequently a bubble that doesn't reflect business. As an example, there has been many threads full of assertions that no good manager would ever deploy "bossware", and yet companies selling these products are reporting sales going through the roof.
Those third party apps are not enabled by default, won't modify their functionality without your permission, and two of the three are open source.
And for me it's not so much that I trust Microsoft less than any other company. It's that using their services require so much trust, yet they give so little trust in return.
Work computers are like this, a bit, but typically they don't exfiltrate their own data outside their own corporate borders. That's a big deal/difference.
The other issue, the vendors tend not to leave glaring security holes in their software, both because of IT desire to maintain control of the operating environment, but also because there is intense awareness that corporate espionage is a constant, real, and ongoing threat.
It sounds like the MS folks rushed out a "feature" and wanted to pretend we all live in some utopia where nobody does anything bad, ever. Possibly all snorting coke or something...
I'm confused. According to the article, several days working results in a 90kb compressed DB. If that's the case, it can't be capturing all the text you see, including web pages - perhaps "working" here doesn't involve general web browsing? What am I missing?
Presumably the snapshots it takes and summarises are periodic, but at what interval I'm not sure. Alternatively (and this is a technical possibility) it could be hooked into WebViews and HWNDs to get notified when it's worth taking a screenshot.
Given that you can exempt particular website (in addition to private browsing modes in "supported browsers" already being exempted [1]), that implies some integration between a browsing context and Recall.
Eventually they can just re-enable it as part of an "important update". They can even stop you from being able to disable it entirely. If you're using Windows, it's not really your computer. At least you aren't the administrator of that device. Microsoft can access any file, install any software, change any setting, or remove any access at any time for any reason with no notice or indication to you that it happened. They can even shutdown your computer. Any device which works like that is not one that's under your control.
Every internet connected windows computer is insecure by design and cannot be trusted to protect your privacy or security.
> Microsoft can access any file, install any software, change any setting, or remove any access at any time for any reason with no notice or indication to you that it happened. They can even just shutdown your device. Any device which works like that is not one under your control.
Having this power is inherent in making the OS. Whoever is the vendor of your particular Linux distribution has the same powers, it is just that you trust them not to use them (or, in a very small theoretical minority of cases, you’ve audited the code and binaries yourself).
So yes, you shouldn’t use an OS from a vendor you don’t trust, I agree completely.
I don’t understand why people are acting like this is earth shattering news though, this has always been the case since people started using software they didn’t write themselves.
No, it really isn't. For decades I owned computers with operating systems which didn't have that capability. Once installed and configured, the OS was consistent and (reasonably) stable. Someone would literally have to break into my house or office to modify my settings or install software against my wishes.
Even after I started connecting my devices to the internet the OS itself had no ability to do these things and couldn't gain that ability unless I explicitly chose to install updates that enabled that behavior. That's entirely different from the situation today where MS forces updates and restarts, installs unwanted software on our computers, and has files and folders that we (even using administrator accounts) don't have access to.
Linux too is very different. Linux is transparent about what it does, adds, or changes. You have the power to choose which updates to apply or not. You have the power to modify any part of your OS so that it does what you want. I can't speak to all distros out there, but I've never seen a linux system force a restart in the middle of the day, or reinstall applications users removed without notice. Can't say the same for Windows. Unlike Windows, linux typically respects its users and their wishes.
You really don't have to write your own software in order to have software that respects you and leaves you in control of your own devices. It's kind of crazy that you'd think there could be no other way.
> My point is that there isn’t a technical reason that prevents Linus distros, or any other OS, from restarting your computer whenever it feels like it.
Go install MS-DOS 6.22 on a computer. You can leave that system up and wait your whole life and you'll never see it suddenly restart your computer without asking. The technical reason why it can't is because there is no code in that OS designed to check for and accept an order from someone at Microsoft to restart your machine without asking. It doesn't exist. You could choose to find or write and then install new software that gives that OS the capability to do it, but that capability just isn't there otherwise.
There's no rule that an OS has to include code to violate the rights and will of the people who install it on their devices. That's a choice that MS made. Far too many people have accepted that behavior from them so they keep pushing and pushing with new and increasingly user-hostile code and behavior but none of that is inevitable or unavoidable. That is what's a very recent development. For a very very long time no operating system would have dared to violate their users that way. None of them did.
Yes, at a certain level you have to be able to place some level your trust in your OS. Especially one with internet access. MS has shown themselves to be entirely untrustworthy, but they could still change all of that. They could strip out every line of code that allows them to remotely access your system without your explicit permission. They could be 100% transparent about what their updates will do to your computer if they are installed and they could give you the ability to not install any update you didn't like and revert to any previous state. They could give you full access to every file and directory and process and give you the ability to control every aspect of their OS. They could vow to never modify a setting after you've changed it. They just choose not to do those things, because they don't care about you or your privacy or your wishes, or your rights. As long as people continue to use windows, Microsoft stands to make a lot of money by ignoring those things.
> My point is that there isn’t a technical reason that prevents Linus distros, or any other OS, from restarting your computer whenever it feels like it.
Wrong, the point of the operating system is to manage local state, hardware, etc.
The point of viruses, malware, and spyware is to exfiltrate data and control from a set of systems. This is getting to the point where Windows itself is a worse virus than just downloading the random shady program from the internet, with all anti-virus turned off...
And the technical distinction? You can turn off everything in linux, you can make it so the computer cannot update itself. The Operating System is unable to change itself in this configuration, the only way around this is for you to choose to update it.
This cannot be done with Windows, not without resorting to technical tricks that look at lot like what malware and viruses have to do. This a is pretty, and important technical distinction:
Operating Systems don't have built-in backdoors that you cannot turn off by design.
Malware and botnets, have built-in backdoors that you cannot turn off by design.
> Wrong, the point of the operating system is to manage local state, hardware, etc.
Yes, and to manage local state and hardware it needs to be able to control the hardware and other software.
You can build an OS that doesn’t take advantage of those capabilities but you can’t build an OS that doesn’t have them. Hence why the key is trusting your OS vendor.
> And the technical distinction? You can turn off everything in linux, you can make it so the computer cannot update itself. The Operating System is unable to change itself in this configuration, the only way around this is for you to choose to update it.
Sure you can do all that but what you can’t do is make it so your Linux based OS can’t control your hardware and software. At the end of the day, the key is still trust, either in your vendor or in your own audit.
You have presented a great many reasons why Linux is more trustworthy than Windows to many people but you cannot get around the problem of having to trust someone.
> but you cannot get around the problem of having to trust someone.
You still don't get it...
At the end of the day, I don't have to trust anyone with an OS that I fully control, with hardware that I fully control, because I can verify every bit of hardware, every bit of software, even stop the kernel from doing things if I want to (yes its possible, technically).
Sure, I can place some temporary trust in some components, but it doesn't matter really, because I can always swap/disable/remove audit/reaudit any component. You can choose to trust, as much or as little as you want. I don't have to use the kernel at all if I don't want to, I could swap in another one and still be good to go (more or less).
This is different from the case here, where by default, not of my choosing, actively and persistently nearly every aspect of a Windows computer is obfuscated, un-auditable, actively and without consent doing things that are not operating system things but spyware, bloatware, crapware, or just straight up malware. You can wave your hands around as much as you like waffling about "trusting someone" but there is a big big difference between someone acting reasonably, and choosing to allow them into your home, and "trusting" someone with a knife to your back not to shiv you.
One is reasonable, a choice, and low risk, the other is clearly none of those things. You don't have to "trust" low risk situations, they are just low risk, no trust involved.
Right. There is no technical reason why the OS vendor couldn’t attack you in the past, but software industry norms have changed over the years. What has changed is trust.
Today, you have to consider commercial OS vendors (and third party application developers) to be remote attackers in your threat model. More and more, they write their software to serve themselves rather than their users, and to make computers do what they want them to do, not what the users want them to do. This was not the case decades ago, even if the technical ability was there all along.
> More and more, they write their software to serve themselves rather than their users
Well said! I really miss when our products served us but I can't think of a recent purchase of anything internet capable that wasn't designed to work for someone else (and against me no less). I don't see "never own an internet capable product again" as a viable option here, and I'm not sure what else we can do to protest this besides push for government intervention. In the meantime, I try to firewall off whatever I can.
Yes, if you compile your own binaries, audit the source code, and for good measure audit your compiler and the system you are using to compile it, then there is a meaningful difference*.
Since 99% of users don’t actually do any of that, then in practice there isn’t actually a difference.
* I am aware that there are shades of grey between the scenario I describe and proprietary software - I am just being hyperbolic for rhetorical reasons.
> Since 99% of users don’t actually do any of that, then in practice there isn’t actually a difference.
I understand the hyperbole, but in practice we have strong evidence that MS is willing to intentionally use their OS against you, while we don't for your typical linux OS. That really means a lot.
When linux distros disrespect their users even a little (see for example https://www.pcworld.com/article/436097/ubuntus-unity-8-deskt...) users really don't put up with it and they can switch to another distro with very very little effort/change and even have the ability to modify the source and fork the OS. That helps to keep people a little more honest.
The backdoored compiler problem is a bit harder. We can write our own, but it's turtles all the way down. Increasingly we also have to put a lot of trust in our hardware. There are only a small number of companies making CPUs and wireless chips. I imagine they're under enormous pressure from governments to compromise the privacy and security of the people using that hardware and we have less trust in our own devices the more we have "trusted computing" forced on us.
There's still a big difference between "a surreptitious hack is technically possible with future development and getting you to accept a bad patch" versus "the company is actively using sketchy powers and trying to make them constant and socially normalized."
In one case, someone discovering sketchy secret backdoor code causes a huge flap and damage to the company's brand and stock price etc.
In the other, some corporate drone bafflegabs about it enabling superior customer satisfaction synergies, while pointing to a tiny clause in an enormous contract of adhesion to claim everybody knowingly agreed to it.
Yeah this is my problem with windows. I’ll delete or disable things that were added to my machine only to have windows update restart my computer and those things show up again. I’m using a legit copy of Windows 11 Pro and it’s absurd that I’ve had to delete or disable random shit like social media apps multiple times.
I know how you feel. I was a fan of DOS, Win89SE, Windows 2000 Pro, and Windows 7 Pro (until 7's updates started including Win10's invasive telemetry). The good news is that alternatives are better than ever and the few windows applications I still use can run using wine (or worst case a VM)
Law enforcement, attorneys, and three letter agencies must be extremely excited about Recall. Now they won't have to hope that MS has records of everything you've typed while using your device, because with Recall all of that evidence will be stored on the device itself.
"If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged." imagine could be found using everything a person ever types on their computer.
As far as I can see based on the data already posted online, this is literally the Windows 10 Timeline feature, it even (re)uses the same API from that feature (that was deprecated just 3 months ago) and apparently shares the implementation as well (that feature also used a sqlite DB in your AppData and a subfolder with jpegs).
They just put a little AI lipstick on that old pig in the form of OCR and some image classification.
The Windows 10 Timeline feature has been around for 6 years. It is a bit surprising there is so much pushback this time around for effectively the same thing. I wonder if it's because Microsoft has been burning away people's trust through ads and dark patterns and all that bullshit, and this is the direct result of that.
Actually Timeline was a semantic store from what I understand-- it didn't store screenshots of what you were doing, instead apps that used the Microsoft Graph API could contribute information about what you were doing to be included in the Timeline.
As far as I know, nothing used it except for MS' own apps. This new solution bypasses that problem by having no requirement for apps to use the Graph API-- it will just use an AI to deduce what the tasks were, and provide a search-like conversational experience on top of the collected images.
390 comments
[ 3.4 ms ] story [ 313 ms ] threadThe Qualcomm Oryon SoC is about half the price of an Intel CPU.
It's a brand new device family. OEM price competition should improve as more devices ship in Aug/Sep.
Oryon should run Linux with good performance-per-watt. Hopefully the NPU can be disabled to save energy.
Most users buy a cheap HP from Costco for $300. Businesses will buy the same standard line OptiPlex they bought last year. Very, very few people will magically end up with Windows Recall who didn't intend to.
i.e. PC hardware for AI inference will not be limited to Windows.
> Most users buy a cheap HP from Costco for $300. Businesses will buy the same standard line OptiPlex they bought last year.
Both Intel and AMD announced upcoming chips with NPUs. Mediatek and Nvidia will likely join the Arm AI PC competition in 2025. Apple's 2024 OS updates are focused on AI features, both on-device and cloud partnership with OpenAI. Intel's Computex tagline a few weeks ago was literally "AI Everywhere".
In a few years, silicon for on-device AI inference will likely be pervasive in retail PCs, including Costco, HP and Dell Optiplex. It has been shipping in Apple Silicon Macbooks and iPads since 2020, mostly unused by software until now.
I also wonder how "knowledge transfer" will happen when you get a new machine in the future? What about backups, do they sit in the cloud already? These all sounds like ways that this "local" AI PC will share data with the MS cloud in one form or another. With Apple doing similar things already on iPhones (I know there are differences, but its still analyzing your data etc), I wonder if Linux might actually become a more mainstream OS in the future.
Could also be that people stop using computers as much and just use tablets with docking stations + keyboard & monitors (again, there is work to be done, but its a possibility from a HW level). That would leave us with MacOS & Windows for business desktops (with some Chromebook & Linux sprinkled in there). Education would probably be more Tablet & Chromebook style compute, and gaming is already moving to the cloud (I guess the positive here is that we might finally be able to get rid of AntiCheat software:) ).
> I also wonder how "knowledge transfer" will happen when you get a new machine in the future? What about backups, do they sit in the cloud already?
Honestly, I guess this will become very expensive for Microsoft, and they won't find a good business case what to do with the collected data. So Microsoft is wasting a huge load of money, and additionally their AI spyware causes a huge reputation damage for Microsoft: a lose-lose situation. :-(
Nevetheless I still have difficulties seeing how this is supposed to make money for Microsoft.
No idea about this specific feature, but billions are being spent to train models in the cloud (including Azure), with the expectation that some models will be used for on-device inference. It remains to be seen whether those investments will return dividends. In the meantime, cloud and GPU vendors are making money on model training.
ads.
they've been clear about windows becoming more ads oriented.
guess they are testing the water to try and get a competitive edge over google in a few years with this new data trove.
Considering the global market share of Windows, there would be a need to roll out such a grandiose service slowly, too.
"Giving Windows total recall of everything a user does is a privacy minefield", 41 comments, https://news.ycombinator.com/item?id=40470806
"AI PCs are the final nail in the coffin of open computing", 60 comments, https://news.ycombinator.com/item?id=40436975
"How the new Microsoft Recall feature fundamentally undermines Windows security", 50 comments, https://news.ycombinator.com/item?id=40433884
"Windows Recall sounds like a privacy nightmare", 298 comments, https://news.ycombinator.com/item?id=40443682
I’m sick of brain dead execs and product managers. What world do these people live in?
Getting promoted by other execs based on the visibility of delivered features.
The default progression of this sort of "feature" and business practice.
lol, lmao even. Some might even be so inclined to say rofl.
It is actually kind of depressing the state in which Windows is and is going. For me personally the only actual "advantage" Windows has over my homegrown Archlinux install is app/game support. And basically all of the ones that don't work, don't work by design because they don't want the user to own their hardware/software.
https://kacos2000.github.io/WindowsTimeline/WindowsTimeline....
23 years later and here we are.
Even today, a non-CIA-grade camera head is probably 2-3mm across and the optics on a fibre optic can be far narrower.
You can only have a pinhole spy cam if you have a void directly behind the pinhole.
But even if you have some ultratiny thing hot out of a classified lab, fibre optics also keep the active electronics further away and harder to detect.
From todays's perspective, considering for example the Snowden and Wikileaks revelations that caused exactly these barely-nil reactions in the public, I know that I was right regarding this feeling.
In my observation it really was as I described:
- those who already deeply distrusted the government continued to do so
- the others (the huge majority) simply did barely care or even attempted to justify the crimes
Concerning your point about tech and security sectors: those who form the inner core of the people working in these sectors basically already knew what was happening since at least the 90s.
Perhaps Trump's support could be a far reaction to it, with no clear direction but just a strong wish to screw it all. We see the same in other countries where people go to the extremes as discomfort rises with no actionable way.
Every time someone points at this and acts like it was a revlation I shake my head.
https://en.wikipedia.org/wiki/Room_641A
https://en.wikipedia.org/wiki/Joseph_Nacchio (Every one screams about conspiracy's but the only people who told the Bush II government no went to prison).
https://www.politico.com/blogs/politico-now/2008/02/senate-p...
They did it, out in public people wrote about it, everyone shrugged and went on with their lives. All Snowden did was give it a face, some (program) names, but any one with any sense stayed away already.
The American public has been warned twice, and did not care. It's gonna take something major leaking for them to do anything about it.
"When he first came out, I was delighted. It was, first of all, vindication for what I was saying," Klein said. "He also revealed the programs they were doing were vastly bigger than I ever understood at the time."
https://www.nbcbayarea.com/news/local/bay-area-whistleblower...
2003, https://en.wikipedia.org/wiki/DARPA_LifeLog
>The objective of the LifeLog concept was "to be able to trace the 'threads' of an individual's life in terms of events, states, and relationships", and it has the ability to "take in all of a subject's experience, from phone numbers dialed and e-mail messages viewed to every breath taken, step made and place gone".
2007 Microsoft Research, https://www.microsoft.com/en-us/research/video/the-microsoft...
> The SenseCam is a personal, wearable camera developed by Microsoft Research in Cambridge, UK, and used as a lifelogging device in projects like MyLifeBits.. is based on wearing the SenseCam for lifelogging of ‘events’ during your day, and generating a fast-forward movie of the event as the memory recall interface.
2010 Microsoft Research, https://www.microsoft.com/en-us/research/publication/now-let...
> Lifelogging technologies can capture both mundane and important experiences in our daily lives, resulting in a rich record of the places we visit and the things we see.. Previous work has demonstrated that Lifelogs can aid recall, but that they do many other things too. They can help us look back at the past in new ways, or to reconstruct what we did in our lives, even if we don’t recall exact details.
https://www.microsoft.com/en-us/research/project/mylifebits/ & https://en.wikipedia.org/wiki/MyLifeBits
> MyLifeBits is a life-logging experiment begun in 2001. It is a Microsoft Research project inspired by Vannevar Bush's hypothetical Memex computer system.. The "experimental subject" of the project is computer scientist Gordon Bell.. For this, Bell has digitized all documents he has read or produced, CDs, emails, and so on. He continues to do so, gathering web pages browsed, phone and instant messaging conversations and the like more or less automatically. The book Total Recall describes the vision and implications for a personal, lifetime e-memory for recall, work, health, education, and immortality.
Lifelogging was referenced by 10,000 academic papers over two decades, https://scholar.google.com/scholar?q=lifelogging
https://x.com/AlexBlechman/status/1457842724128833538?lang=e...
This is societal cancer. Total information monitoring is the death of any semblance of human independence and should be violently resisted.
I have never been more disgusted by a management team. How clueless can you be? Combined with digital intelligence, this technology is profoundly dangerous to anyone who works with a computer or technology (which is almost everyone).
You might want to consider an alternative plan, as doing that to an employer's / government's computer could get you in a lot of trouble.
It began to wane as soon as programming and in particular working in big tech became an opportunity to get rich.
So I guess at least marketing that as a feature now makes it obvious that it is possible, I guess.
But now they will claim you have a way to turn it off. Who knows ! There is so much telemetry being recorded anyway.
This is like people preferring Macbooks from 2016 because it was pre-touchbar. I honestly consider good tech from previous years to be far more secure than what’s around now. Who knows what’s in your products now?
The idea behind Recall, universal, machine-assisted search, is a good one but it's embarrassingly clear that in terms of implementation, this ain't it, chief. Microsoft should do what Google has done with Sky -- withdraw the product, take the hit, and hope that something can be salvaged from this debacle, both in terms of an improved product, and better company-wide testing and rollout practices.
Also a clickbait: nobody is stealing anything.
If you get malware or you have other admins on your computer, they can already record anything you do at their will.
The data is NOT uploaded to M$.
The whole fuss is stupid and I am impressed 90% comments here seem to think otherwise.
It seems like you live in the same kind of detached echo chambers as the people at Microsoft who approved this feature. No wonder you find this nonsensical. I bet the product managers responsible for this also find this article nonsensical.
Of course it is critical that it does not also know what porn you watched in incognito, or what you had in snapchat messages.
Wait, scratch the snapchat. I don't think they have desktop client.
Also, majority is using voice/video calls which aren't stored anywhere
If majority wants to use Ctrl+C to copy, and the rest want to use Alt+M or don't care either way, then the most sensible thing to do is have Ctrl+C copy by default, and make a setting for the rest, which is exactly what is done here.
So if 40% of people use delete for more than a dupe photo and thus would benefit from this even if they were hacked (vs Recall), how does the fact that the majority doesn't do that counter the benefit for this non-majority group? If you only care about the majority, this makes sense
1. The majority doesn't want this just because they fail to protect their data properly
2. Defaults matter and having an option doesn't imply perfect awareness/disabling by that non-majority group
So at most you've somewhat reduced the affected group while still not addressing the original issue why you think it's ok to ignore the non-majority (It also doesn't address the video calls)
So no, your comment answered none of my points
2 addressed above
"ignoring" non-majirity addressed in Ctrl+C comment.
2 addresses above, including Ctrl+C, so you need something new to address it
Re: awareness. Are you saying the only MS problem is they are not marketing capabilities enough? Assuming the video calls point is addressed, your whole "feature is extremely bad" argument is that it is on by default, and one has to know to do something to turn it off if they don't want it?
> I think it’s an interesting entirely, really optional feature with a niche initial user base that would require incredibly careful communication, cybersecurity, engineering and implementation. Copilot+ Recall doesn’t have these. The work hasn’t been done properly to package it together, clearly.
Definitely needed some copy editing however.
"Show HN: Rem: Remember Everything (open source)", 196 comments, https://news.ycombinator.com/item?id=38787892
"I made an open source Windows app to rewind and search everything on screen", 166 comments, https://news.ycombinator.com/item?id=40105371
"Rewind: The Search Engine for Your Life", 92 comments, https://news.ycombinator.com/item?id=33421751
I guess people trust Microsoft a lot less.
And for me it's not so much that I trust Microsoft less than any other company. It's that using their services require so much trust, yet they give so little trust in return.
In most sectors the installed corporate spyware is from a different company than Microsoft.
The other issue, the vendors tend not to leave glaring security holes in their software, both because of IT desire to maintain control of the operating environment, but also because there is intense awareness that corporate espionage is a constant, real, and ongoing threat.
It sounds like the MS folks rushed out a "feature" and wanted to pretend we all live in some utopia where nobody does anything bad, ever. Possibly all snorting coke or something...
Given that you can exempt particular website (in addition to private browsing modes in "supported browsers" already being exempted [1]), that implies some integration between a browsing context and Recall.
[1] https://support.microsoft.com/en-us/windows/retrace-your-ste...
Obviously that 90kb doesn't include the separate folder with all the jpegs.
I might seriously quit my job and start a discovery consulting / tech company just for targeting these databases.
Same as
> The Tesla will never crash in FSD
Same as
>out platform is hacker proof
https://x.com/tomwarren/status/1796681578984182066
Every internet connected windows computer is insecure by design and cannot be trusted to protect your privacy or security.
Having this power is inherent in making the OS. Whoever is the vendor of your particular Linux distribution has the same powers, it is just that you trust them not to use them (or, in a very small theoretical minority of cases, you’ve audited the code and binaries yourself).
So yes, you shouldn’t use an OS from a vendor you don’t trust, I agree completely.
I don’t understand why people are acting like this is earth shattering news though, this has always been the case since people started using software they didn’t write themselves.
No, it really isn't. For decades I owned computers with operating systems which didn't have that capability. Once installed and configured, the OS was consistent and (reasonably) stable. Someone would literally have to break into my house or office to modify my settings or install software against my wishes.
Even after I started connecting my devices to the internet the OS itself had no ability to do these things and couldn't gain that ability unless I explicitly chose to install updates that enabled that behavior. That's entirely different from the situation today where MS forces updates and restarts, installs unwanted software on our computers, and has files and folders that we (even using administrator accounts) don't have access to.
Linux too is very different. Linux is transparent about what it does, adds, or changes. You have the power to choose which updates to apply or not. You have the power to modify any part of your OS so that it does what you want. I can't speak to all distros out there, but I've never seen a linux system force a restart in the middle of the day, or reinstall applications users removed without notice. Can't say the same for Windows. Unlike Windows, linux typically respects its users and their wishes.
You really don't have to write your own software in order to have software that respects you and leaves you in control of your own devices. It's kind of crazy that you'd think there could be no other way.
My point is that there isn’t a technical reason that prevents Linus distros, or any other OS, from restarting your computer whenever it feels like it.
By definition the OS has control of the hardware and software and thus whoever writes the OS inherits that control.
I completely agree that there are good reasons to not trust Microsoft and people who don’t should not be using Windows.
I just dislike the framing of this issue as a recent development rather than an inherent problem of running software you didn’t write.
Go install MS-DOS 6.22 on a computer. You can leave that system up and wait your whole life and you'll never see it suddenly restart your computer without asking. The technical reason why it can't is because there is no code in that OS designed to check for and accept an order from someone at Microsoft to restart your machine without asking. It doesn't exist. You could choose to find or write and then install new software that gives that OS the capability to do it, but that capability just isn't there otherwise.
There's no rule that an OS has to include code to violate the rights and will of the people who install it on their devices. That's a choice that MS made. Far too many people have accepted that behavior from them so they keep pushing and pushing with new and increasingly user-hostile code and behavior but none of that is inevitable or unavoidable. That is what's a very recent development. For a very very long time no operating system would have dared to violate their users that way. None of them did.
Yes, at a certain level you have to be able to place some level your trust in your OS. Especially one with internet access. MS has shown themselves to be entirely untrustworthy, but they could still change all of that. They could strip out every line of code that allows them to remotely access your system without your explicit permission. They could be 100% transparent about what their updates will do to your computer if they are installed and they could give you the ability to not install any update you didn't like and revert to any previous state. They could give you full access to every file and directory and process and give you the ability to control every aspect of their OS. They could vow to never modify a setting after you've changed it. They just choose not to do those things, because they don't care about you or your privacy or your wishes, or your rights. As long as people continue to use windows, Microsoft stands to make a lot of money by ignoring those things.
Wrong, the point of the operating system is to manage local state, hardware, etc.
The point of viruses, malware, and spyware is to exfiltrate data and control from a set of systems. This is getting to the point where Windows itself is a worse virus than just downloading the random shady program from the internet, with all anti-virus turned off...
And the technical distinction? You can turn off everything in linux, you can make it so the computer cannot update itself. The Operating System is unable to change itself in this configuration, the only way around this is for you to choose to update it.
This cannot be done with Windows, not without resorting to technical tricks that look at lot like what malware and viruses have to do. This a is pretty, and important technical distinction:
Operating Systems don't have built-in backdoors that you cannot turn off by design.
Malware and botnets, have built-in backdoors that you cannot turn off by design.
Yes, and to manage local state and hardware it needs to be able to control the hardware and other software.
You can build an OS that doesn’t take advantage of those capabilities but you can’t build an OS that doesn’t have them. Hence why the key is trusting your OS vendor.
> And the technical distinction? You can turn off everything in linux, you can make it so the computer cannot update itself. The Operating System is unable to change itself in this configuration, the only way around this is for you to choose to update it.
Sure you can do all that but what you can’t do is make it so your Linux based OS can’t control your hardware and software. At the end of the day, the key is still trust, either in your vendor or in your own audit.
You have presented a great many reasons why Linux is more trustworthy than Windows to many people but you cannot get around the problem of having to trust someone.
You still don't get it...
At the end of the day, I don't have to trust anyone with an OS that I fully control, with hardware that I fully control, because I can verify every bit of hardware, every bit of software, even stop the kernel from doing things if I want to (yes its possible, technically).
Sure, I can place some temporary trust in some components, but it doesn't matter really, because I can always swap/disable/remove audit/reaudit any component. You can choose to trust, as much or as little as you want. I don't have to use the kernel at all if I don't want to, I could swap in another one and still be good to go (more or less).
This is different from the case here, where by default, not of my choosing, actively and persistently nearly every aspect of a Windows computer is obfuscated, un-auditable, actively and without consent doing things that are not operating system things but spyware, bloatware, crapware, or just straight up malware. You can wave your hands around as much as you like waffling about "trusting someone" but there is a big big difference between someone acting reasonably, and choosing to allow them into your home, and "trusting" someone with a knife to your back not to shiv you.
One is reasonable, a choice, and low risk, the other is clearly none of those things. You don't have to "trust" low risk situations, they are just low risk, no trust involved.
Today, you have to consider commercial OS vendors (and third party application developers) to be remote attackers in your threat model. More and more, they write their software to serve themselves rather than their users, and to make computers do what they want them to do, not what the users want them to do. This was not the case decades ago, even if the technical ability was there all along.
Well said! I really miss when our products served us but I can't think of a recent purchase of anything internet capable that wasn't designed to work for someone else (and against me no less). I don't see "never own an internet capable product again" as a viable option here, and I'm not sure what else we can do to protest this besides push for government intervention. In the meantime, I try to firewall off whatever I can.
if you're paranoid about the distribution of your pre-built distro you can compile everything by hand and some do that for fun.
so putting them on the same pedestal is weird mind gymnastics.
Since 99% of users don’t actually do any of that, then in practice there isn’t actually a difference.
* I am aware that there are shades of grey between the scenario I describe and proprietary software - I am just being hyperbolic for rhetorical reasons.
I understand the hyperbole, but in practice we have strong evidence that MS is willing to intentionally use their OS against you, while we don't for your typical linux OS. That really means a lot.
When linux distros disrespect their users even a little (see for example https://www.pcworld.com/article/436097/ubuntus-unity-8-deskt...) users really don't put up with it and they can switch to another distro with very very little effort/change and even have the ability to modify the source and fork the OS. That helps to keep people a little more honest.
The backdoored compiler problem is a bit harder. We can write our own, but it's turtles all the way down. Increasingly we also have to put a lot of trust in our hardware. There are only a small number of companies making CPUs and wireless chips. I imagine they're under enormous pressure from governments to compromise the privacy and security of the people using that hardware and we have less trust in our own devices the more we have "trusted computing" forced on us.
Your partner always has the capability to screw you over, cheat on you, embezzle from the shared account, whatever.
Linux is like a nerdy guy who stays at home, plays with Warhammer figures and cooks you dinner.
Windows is an OnlyFans model who goes on vacations for weeks at a time and ignores your calls.
In one case, someone discovering sketchy secret backdoor code causes a huge flap and damage to the company's brand and stock price etc.
In the other, some corporate drone bafflegabs about it enabling superior customer satisfaction synergies, while pointing to a tiny clause in an enormous contract of adhesion to claim everybody knowingly agreed to it.
It's finally here. It's been fun, I love windows but this is the end IMO.
Law enforcement, attorneys, and three letter agencies must be extremely excited about Recall. Now they won't have to hope that MS has records of everything you've typed while using your device, because with Recall all of that evidence will be stored on the device itself.
"If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged." imagine could be found using everything a person ever types on their computer.
They just put a little AI lipstick on that old pig in the form of OCR and some image classification.
The Windows 10 Timeline feature has been around for 6 years. It is a bit surprising there is so much pushback this time around for effectively the same thing. I wonder if it's because Microsoft has been burning away people's trust through ads and dark patterns and all that bullshit, and this is the direct result of that.
As far as I know, nothing used it except for MS' own apps. This new solution bypasses that problem by having no requirement for apps to use the Graph API-- it will just use an AI to deduce what the tasks were, and provide a search-like conversational experience on top of the collected images.
Malware?
Keyloggers?
Adware?
Rootkit DRM?
Turns out they changed what "it" is, and I'm not even halfway to my pension yet...