It’s a nightmare scenario for Microsoft. The headlining feature of its new Copilot+ PC initiative, which is supposed to drive millions of PC sales over the next couple of years, is under significant fire for being what many say is a major breach of privacy and security on Windows. That feature in question is Windows Recall, a new AI tool designed to remember everything you do on Windows. The feature that we never asked and never wanted it.

Microsoft, has done a lot to degrade the Windows user experience over the last few years. Everything from obtrusive advertisements to full-screen popups, ignoring app defaults, forcing a Microsoft Account, and more have eroded the trust relationship between Windows users and Microsoft.

It’s no surprise that users are already assuming that Microsoft will eventually end up collecting that data and using it to shape advertisements for you. That really would be a huge invasion of privacy, and people fully expect Microsoft to do it, and it’s those bad Windows practices that have led people to this conclusion.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    68
    arrow-down
    10
    ·
    5 months ago

    Not really

    For the retail market, most people just have phones not computers anymore. Microsoft has already lost The Battle of Windows phone.

    For the Enterprise market none of this recent b******* is going to enterprise customers anyway, they would have group policies and volume licensing deals to avoid all the b*******.

    For those poor retail customers who still run Windows, they suffer, but they’re minor, not significant

    • Jo Miran@lemmy.ml
      link
      fedilink
      English
      arrow-up
      21
      arrow-down
      1
      ·
      5 months ago

      This is for the enterprise market more than anything. Large companies are already logging and mining everything. Slack, Teams chat, Teams voice, email, keystrokes…literally everything. Microsoft’s problem is that Enterprises are using third party products to do so. Recall solves that competitive issue for MS. I have no doubt that it will be tied to their cloud offerings, and I have no doubt that MS will retain the right to use it all of the data from the consumer side for AI training.

      • jet@hackertalks.com
        link
        fedilink
        English
        arrow-up
        36
        ·
        edit-2
        5 months ago

        I’ve worked extensively in the Enterprise environment, and data exfiltration is a massive concern for any company with intellectual property, which is most of them.

        Having data leak at all, another vector for exfiltration, is a huge huge risk.

        Heck, I’d be surprised if Microsoft itself let its own developers run Total recall

        • Jo Miran@lemmy.ml
          link
          fedilink
          English
          arrow-up
          20
          ·
          edit-2
          5 months ago

          As an infosec professional for way longer than I care to remember, you are preaching to the choir. That said, all of our clients are both large enterprise and critical infrastructure, and they all log (and mine) everything. Not only that, they are shipping this directly to third parties. It makes me break out into a cold sweat every time I think about it, but here we are.

          PS: OK, all the US based ones. Our EU based client does not do this to my knowledge and I assume it has to do with EU regulations, but that’s just a wild guess.

          • jet@hackertalks.com
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            5 months ago

            Good point. But the companies are at least controlling the data pathway, being aware of it, signing off on it, doing it for their benefit.

            And I imagine at least for the US companies, every company they exfiltrate data to, is contractually obligated to keep their data private

    • Lmaydev@programming.dev
      link
      fedilink
      English
      arrow-up
      4
      ·
      5 months ago

      For the majority of commercial users they literally don’t give a fuck either. It’s on techies that really care about his stuff sadly.

      • jet@hackertalks.com
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        1
        ·
        5 months ago

        Possibly. But I’m also definitely lazy, and my voice to text automatically censors. And I don’t feel like changing it. So f*** it