Windows 11's Recall is a brand-new headline feature for Copilot+ PCs. While the idea is interesting, researchers say it makes it way too easy to steal everything you viewed or typed on your computer.
Oh, you’re saying that Recall is a privacy nightmare and a sweet target for malware? Surprised_pikachu.jpg
The idea that a feature of this scope would only be gated by having access to your local account is so baffling to me. I’ve been around my share of bad corporate decisions, and even I genuinely have no idea what they were thinking or how it got this far into development without anybdoy raising a flag.
For now it’s an obvious thing to turn off immediately and tell all your friends and relatives to turn off immediately. And yeah, it’s a reason to avoid devices that support it out of the box, at least for less tech-savvy users.
I saw someone suggest that MS has thought about this, which is why they require a TPM chip for Win 11 and have recently started forcing Bitlocker enabled by default. Obviously, however, it’s not nearly enough.
But that’s my point, though. You have to be completely detached from reality to think that securing the login to the local device means the local device is secure. People aren’t going to get busted for this because they lack drive encryption, they’re gonna get busted for this because some nice sounding gentleman on their phone is going to get them to give them remote access and have a mainline to every single thing they did for the past month. Or because their partner is going to use their shared password and find out some stuff they shouldn’t have or whatever.
That’s obvious to anybody who thinks about it for more than two seconds. How could it not be obvious to MS?
The idea that a feature of this scope would only be gated by having access to your local account is so baffling to me. I’ve been around my share of bad corporate decisions, and even I genuinely have no idea what they were thinking or how it got this far into development without anybdoy raising a flag.
For now it’s an obvious thing to turn off immediately and tell all your friends and relatives to turn off immediately. And yeah, it’s a reason to avoid devices that support it out of the box, at least for less tech-savvy users.
I saw someone suggest that MS has thought about this, which is why they require a TPM chip for Win 11 and have recently started forcing Bitlocker enabled by default. Obviously, however, it’s not nearly enough.
But that’s my point, though. You have to be completely detached from reality to think that securing the login to the local device means the local device is secure. People aren’t going to get busted for this because they lack drive encryption, they’re gonna get busted for this because some nice sounding gentleman on their phone is going to get them to give them remote access and have a mainline to every single thing they did for the past month. Or because their partner is going to use their shared password and find out some stuff they shouldn’t have or whatever.
That’s obvious to anybody who thinks about it for more than two seconds. How could it not be obvious to MS?