They shipped it, as terribly user-hostile, and stupidly insecurely, as they did, for some reason. Did they just not care? Think we wouldn't notice? Conveniently shipped a gaping hole for 3-letter-agencies?
That feature, with its shit security, was designed, aplroved, implemented, reviewed, and see by COUNTLESS PMs, engineers, and managers.
No one cared. That culture is rotten to its fucking core. Microsoft never gave a shit about good engineering when I was there, highly preferring to gaslight and go over peoples heads, dare they say that the entire (initial) design of VMSS is flawed, or that maybe just maybe Azure would benefit from a metadata service and machine identities. Literally "controversial" shit that resulted in my manager getting emailed.
Every, single engineer, bar one, that I respected at that company has left. Says something.
I know it's a hot take but people are out of their minds trusting a Microsoft platform if they care at all about personal or business privacy.
Honestly I think that Microsoft has such a stranglehold on the business (and therefore home because we're already familiar with it at work) market that they think they can do literally anything they want.
Are the millions of businesses that really on Ms products going to change systems? No.
Not sure what I'm getting at with this. Maybe just trying to logic my way through this decision?
I'm very excited for this feature and bought a Copilot+PC for this feature.
I spend so so much time looking for information I saw in the past...a document, a conversation, a website, etc. This will be a big time saver and have a ton of utility.
To those that are scared of it: don't use it. I can make my own choices.
Yeah, Rewind is super useful and this is just a clone of it for Windows. It's your browser history but works for everything.
You can not trust Microsoft and that's totally valid, I don't, but I also don't use Windows. It's a really stupid line to draw if this is the straw. They control the entire OS, basically force online accounts, have been confusing the line between remote and local storage for
years, exfiltrate local searches to Bing, track everything for in-app and in-os advertising and send undisableable telemetry. Does this feature just lay bare the reality you've been living under for years?
I think it's not that people don't trust Microsoft with their data (they obviously do if they use Windows, as you note), it's that they don't trust Microsoft to have performed basic diligence on data control within this feature.
If I remember correctly, one of the original concerns was that the feature didn't respect user boundaries on the host machine itself. In other words: multiple users sharing a machine could inadvertently (or intentionally) retrieve information about each other.
That would be a straightforward example of "can't read the browser history for a user, but could read it indirectly via the agent."
Per the GP, there's a great deal of evidence that people have a revealed preference for trusting Microsoft, if they're already in the Microsoft ecosystem.
(I don't particularly trust Microsoft, but I'm also not in their ecosystem.)
25 years ago (or even 15 years ago), I would have probably agreed. But I don't think that's true anymore; to my understanding, students in public schools are equally as likely to use Chromebooks as they are to use Windows or Mac machines.
Yes, the point was that the "you don't have a choice but to use Windows" market is smaller than ever, meaning that the slice of the pie that's "I want to use Windows or don't care what I use" is larger.
I've read the new "security" features they've put in place. There is an option to do X, an option to disable Y, an option to...
Look, it's all good and dandy, but when I hear "option" from Microsoft, I just _recall_ how often they are reset on every update. Do we have to list the number of "oups, that was a bug, sorry" incidents that have happened with Edge?
Microsoft did a pretty good job to ruin the little confidence we had in their name. They kind of dig their own grave.
Honestly that sounds like how that one MS employee said that Windows 10 was "the last version of Windows" but that statement didn't actually have MS's blessing and everyone took it literally and flipped when Win11 came out.
I've heard differently. You can turn Recall off but not remove it. And if it's anything like other privacy settings, Windows Updates tend to, er, adjust those settings... to the ones Microsoft prefers you'd be using.
I'm frankly stunned that Microsoft managed to turn this around (and so quickly). I think most of us were expecting this to quietly disappear, never to be heard from again. Time will tell whether the security features are what they're claimed to be, but things are honestly looking better.
On the contrary, I expected that after the outrage last time, MS would just lie low until the fury died down, then plow ahead. We need some killebygoogle love for Recall here.
Not being a security expert, this looks great at first glance and I am very happy Microsoft put in the security effort they told everyone they would. It does however raise a few discussion points:
This wasn't so hard, was it? Why wasn't it done before? To me, the fact that the new recall architecture wasn't in the initial release says that there are still huge security culture issues. But organizational culture is slow to change, and Recall has happened in parallel with the new security reforms, so you can't expect them to get rid of their old ways over night.
As others in the thread have pointed out, it seems Microsoft are promising things that are very non-Microsoft-y, like promising to never re-activate, promising an easy opt-out to never be bothered again, and promising that activating the service in the first place is an opt-in-during-install feature. Microsoft have a reputation for being a pushy company that doesn't take no for an answer, and coupled with the recent security culture issues, I have personally started recommending non-tech people to just switch to Apple now before things get worse. Can we trust that Microsoft won't backpedal on their promises? Fool me once, shame on you, fool me twice...
>Microsoft have a reputation for being a pushy company that doesn't take no for an answer
Exactly, this Recall feature exists in the context of all the user-hostile crap Microsoft has been pushing for the past decade or so. Those design decisions are a direct reflection of Microsoft's values and culture. Even if Recall itself is indeed perfectly fine, I wouldn't use it because the service operator is demonstrably disrespectful of their users' agency.
With Microsoft promising to fix their shit and promising no bad user patterns in only some cases where there has been enough backlash, it's an even worse situation than being outright bad. It makes them more unpredictable.
I bet it would also ensnare more well-wishing sysadmins and non-tech consumers who take singular instances of apologizing/fixing at face value.
That's been something I don't get. Someone at Microsoft must be aware that they've completely killed user excitement for new features over the last 10 or so years by pushing them relentlessly, the features mostly not being strictly a good deal for the users and them being hard to disable and even coming back after you've explicitly denied consent.
Surely that isn't good for MS in the long term? Having a userbase that likes using your product must be better for business than a userbase that has been taught to be wary of anything you do, and to dismiss anything you come out with based on previous "features".
Is it the typical hacker news theory of management looking for short term user number growth to get promoted, or something else entirely?
When apple releases features, most of their userbase is excited. They have learned that in most cases it's either something cool they can use straight away or an optional service that they might or might not need. Apple still does some annoyances to push their services, but not nearly as bad as MS.
Operating systems are supposed to be boring, very much like databases or virtualization software. Improvements are nice and welcomed, but changes for the sake of changes are likely to upset people.
Microsoft is free to create new software for their OS, but they shouldn't make them a dependency of said OS.
A TPM ensures the right software was run, not that the software is running right. Once the TPM unseals the key, software is free to do whatever with it. To imply that the TPM protects keys resident in the OS memory space is misguided.
That's certainly more than I expected and as much as one can likely do while keeping the feature useful. Only open-sourcing the whole thing would be a another step up from here.
Still not going to use that or windows for anything serious, but credit where credit is due.
I want to know how this works for an enterprise work laptop. Can my employer choose to turn it on and access the information? It's the only time I am forced to use Windows.
You're already forced to use Microsoft's AI shenanigans. If you've been using Office suite, Microsoft recently installed an AI agent as an application update which launches on system startup. God knows what it does in the background.
I think you should assume that a company provided laptop is already using a tool to key log and screenshot your computer usage. That such tooling is now first party from Microsoft changes little.
This reminds me of RDP. It's opt in. There's visibility. It's encrypted. So incredibly secure!
Yet it acts like an amazing built in tool for scammers that has fooled millions of people.
MS will never apparently learn that visibility and logging mean nothing to anyone unless they actually understand what the heck is going on. The same with that the countless "press yes now, no, don't read this box because it's meaningless, what you need to do is press yes to get on with life" boxes.
Giving people more complexity. More tools no one will understand or use. Like the ability to filter out specific websites. It's just the same ridiculous MS approach to everything. Except that now when people's machines are compromised it will be even worse for them.
The whole point of AI is to make things simpler for users. Not to add yet another massive layer of complexity.
In reality, no one will believe anything Microsoft says about Recall. All I know is this is yet another reason to avoid Windows no matter what.
The only way to make people believe Recall is not a privacy nightmare is to fully release the full source of Windows for examination by the Free Software Community. Anything short of that will be branded as "marketing speak" or even lies.
>Weston argues that this design protects against malware and unauthorized access through rate-limiting
What about "authorized access", who defines that. If Microsoft, there in lies the problem.
> > Weston argues that this design protects against malware and unauthorized access through rate-limiting, [...]
> What about "authorized access", who defines that.
I don't think the intent is that they distinguish between unauthorized and authorized access and then only rate-limit the former, but rather that they're implementing a rate-limit on all access low enough to hinder malware extracting all snapshots while high enough to hopefully not impact normal usage.
But I agree that releasing the source code would be useful to let people properly verify these properties.
47 comments
[ 2.7 ms ] story [ 94.9 ms ] threadThat feature, with its shit security, was designed, aplroved, implemented, reviewed, and see by COUNTLESS PMs, engineers, and managers.
No one cared. That culture is rotten to its fucking core. Microsoft never gave a shit about good engineering when I was there, highly preferring to gaslight and go over peoples heads, dare they say that the entire (initial) design of VMSS is flawed, or that maybe just maybe Azure would benefit from a metadata service and machine identities. Literally "controversial" shit that resulted in my manager getting emailed.
Every, single engineer, bar one, that I respected at that company has left. Says something.
I know it's a hot take but people are out of their minds trusting a Microsoft platform if they care at all about personal or business privacy.
Are the millions of businesses that really on Ms products going to change systems? No.
Not sure what I'm getting at with this. Maybe just trying to logic my way through this decision?
MS has the largest and most well guarded moat in existence. They're simply wringing out the profits now.
Microsoft's entire org structure and mode of operation leads to these same results over and over across windows and azure.
I spend so so much time looking for information I saw in the past...a document, a conversation, a website, etc. This will be a big time saver and have a ton of utility.
To those that are scared of it: don't use it. I can make my own choices.
You can not trust Microsoft and that's totally valid, I don't, but I also don't use Windows. It's a really stupid line to draw if this is the straw. They control the entire OS, basically force online accounts, have been confusing the line between remote and local storage for years, exfiltrate local searches to Bing, track everything for in-app and in-os advertising and send undisableable telemetry. Does this feature just lay bare the reality you've been living under for years?
That would be a straightforward example of "can't read the browser history for a user, but could read it indirectly via the agent."
Let me fix that... People don't trust Microsoft.
(I don't particularly trust Microsoft, but I'm also not in their ecosystem.)
Look, it's all good and dandy, but when I hear "option" from Microsoft, I just _recall_ how often they are reset on every update. Do we have to list the number of "oups, that was a bug, sorry" incidents that have happened with Edge?
Microsoft did a pretty good job to ruin the little confidence we had in their name. They kind of dig their own grave.
That should be the headline, if true.
An indication of the state of online publishing. Even when a story has a compelling point, it can be lost in getting it out quickly for clicks.
I've heard differently. You can turn Recall off but not remove it. And if it's anything like other privacy settings, Windows Updates tend to, er, adjust those settings... to the ones Microsoft prefers you'd be using.
From where?
https://www.windowscentral.com/software-apps/windows-11/turn...
The next jump in computer interfaces is going to be Star Trek style stuff and for that you need access to see what the user sees.
This wasn't so hard, was it? Why wasn't it done before? To me, the fact that the new recall architecture wasn't in the initial release says that there are still huge security culture issues. But organizational culture is slow to change, and Recall has happened in parallel with the new security reforms, so you can't expect them to get rid of their old ways over night.
As others in the thread have pointed out, it seems Microsoft are promising things that are very non-Microsoft-y, like promising to never re-activate, promising an easy opt-out to never be bothered again, and promising that activating the service in the first place is an opt-in-during-install feature. Microsoft have a reputation for being a pushy company that doesn't take no for an answer, and coupled with the recent security culture issues, I have personally started recommending non-tech people to just switch to Apple now before things get worse. Can we trust that Microsoft won't backpedal on their promises? Fool me once, shame on you, fool me twice...
Exactly, this Recall feature exists in the context of all the user-hostile crap Microsoft has been pushing for the past decade or so. Those design decisions are a direct reflection of Microsoft's values and culture. Even if Recall itself is indeed perfectly fine, I wouldn't use it because the service operator is demonstrably disrespectful of their users' agency.
I bet it would also ensnare more well-wishing sysadmins and non-tech consumers who take singular instances of apologizing/fixing at face value.
Surely that isn't good for MS in the long term? Having a userbase that likes using your product must be better for business than a userbase that has been taught to be wary of anything you do, and to dismiss anything you come out with based on previous "features".
Is it the typical hacker news theory of management looking for short term user number growth to get promoted, or something else entirely?
When apple releases features, most of their userbase is excited. They have learned that in most cases it's either something cool they can use straight away or an optional service that they might or might not need. Apple still does some annoyances to push their services, but not nearly as bad as MS.
Microsoft is free to create new software for their OS, but they shouldn't make them a dependency of said OS.
Got to get the ‘feature’ out before the bubble bursts, regardless of how broken it is.
Still not going to use that or windows for anything serious, but credit where credit is due.
Yet it acts like an amazing built in tool for scammers that has fooled millions of people.
MS will never apparently learn that visibility and logging mean nothing to anyone unless they actually understand what the heck is going on. The same with that the countless "press yes now, no, don't read this box because it's meaningless, what you need to do is press yes to get on with life" boxes.
Giving people more complexity. More tools no one will understand or use. Like the ability to filter out specific websites. It's just the same ridiculous MS approach to everything. Except that now when people's machines are compromised it will be even worse for them.
The whole point of AI is to make things simpler for users. Not to add yet another massive layer of complexity.
The only way to make people believe Recall is not a privacy nightmare is to fully release the full source of Windows for examination by the Free Software Community. Anything short of that will be branded as "marketing speak" or even lies.
>Weston argues that this design protects against malware and unauthorized access through rate-limiting
What about "authorized access", who defines that. If Microsoft, there in lies the problem.
> What about "authorized access", who defines that.
I don't think the intent is that they distinguish between unauthorized and authorized access and then only rate-limit the former, but rather that they're implementing a rate-limit on all access low enough to hinder malware extracting all snapshots while high enough to hopefully not impact normal usage.
But I agree that releasing the source code would be useful to let people properly verify these properties.