PSA, it looks like KB5037850 was taken out of rotation in Windows Updates... so trying to recreate an Azure ARM64 VM to bring Windows 11 24H2 26100.560 up to 26100.712 likely won't come through. I'm not sure why this was removed, perhaps Microsoft not wanting folks to play with it any more 😂 twitter.com/_JohnHammond/status/1799350383506313671
People are applauding that Recall is off by default??? What the hell??? How about NOT INSTALLING that misfeature that nobody but the NSA wanted, thank you very much?
"that misfeature that nobody but the NSA wanted" - Nobody but the NSA? Hardly. Every scammer and ransomware miscreant in the world surely wants that "feature" installed on every computer. More to your point, yes, there should be a way to prevent it from getting installed in the first place. Its installation should be placed behind several blatantly obvious, literal red-flag warnings about the risks it creates, and it should require a Google reCaptcha challenge/response in order to install.
They need it to be installed for when MS "accidentally" pushes a Windows Update that activates Recall without user intervention. Just like all default apps, I've deleted OneDrive and Teams multiple times.
@@thebosscrystal No, it should never ever get built, even! It has only one use case: Spying. There is NO legitimate user that will ever need this, especially not at a level that's worth the risk!
Presenting recall in another softer way, that is like presenting pdfilia in a softer way as minor person attracted, which sounds so much more acceptable than pdf file
@@BillAntIt fixes a real problem but at a very high cost. This feature would have saved me dozens of hours over the years, but if it comes at the cost of hackers and governments being able to check on me whenever they want. I'll gladly waste more hours looking for things the old fashioned way for the rest of my life.
Is there a way to disable/delete all the Recall components instead of just opting-out/not enabling it? I can't sleep well that the Recall code is present on my machine even if it not enabled.
Yeah they are becoming a monopoly in this area. They need to branch off this segment of their company into a new one "Malsoft" to please the regulators.
Windows 10 will be the last Windows I ever use and when Steam stops supporting it I will probably stop supporting Steam and move back to console gaming not thrilled about having to switch to Linux I'm riding out Windows 10 and have already disabled browsing history on my desktop and I have disabled OneDrive and turned off the save screen shot feature it has. I have busted it for saving screenshots without my consistence it doesn't matter if Microsoft has a policy if the policy is illegal or violates the law in any way it CAN be removed.
@@milesprowerxinfinity lil bro your life wont change if they collect ur data for ads or dont, you should stop using internet and smartphones asap if so😂
@@PincKen facts so many companys collect your data and sell it to brokers apple samsung microsft google etc since everything is online in todays world its easy to find someone specifically its only gonna get worse
Microsoft builds and supports a variety of software products for Linux systems and makes them available via Linux. People put too much trust that one product is so much better and safer to use than another. Sometimes companies have many bedfellows.
But dude, this tool is so useful! When you get hacked, not only can a hacker access everything on your computer, but see everything you've done in the past!
It's following very closely the communist methods, which are 1. Introduce absolutely horrendous policies, which will create good advertising for the policy and make it known to people, 2. When people complain then roll it back a little and at first make it optional, 3. When it is now a well known policy, make it mandatory, 4. Now add the original horrendous policies, and make it mandatory policy. So, take two steps forward, one step back, twop steps forward, one step back
@@AntiAtheismIsUnstoppable Communist methods? Its the most blatent showing of a capitalist ideal ruining a company. They want more data to sell, they ruin their product to make more profit for the month
@@atsizbalik if that where true why does kernal level anticheat effect mobile development. Like it's clearly doing more then what it should be doing if it makes android studio stop functioning.
They requiring auth is better than nothing but this features means that every windows install in the feature is now 1 or 2 bugs away of being a keylogger for every windows user. And no matter how good I think MS developers are, everyone makes mistakes and with a single zero-day attack someone can potentially silently enable this and collect everything. No need to write a hidden logger. Even though the added security is better than the previous, it's still a nightmare.
There are actually Python script specialized in extracting data from Recall called Total Recall. Imagine adding it into your very spicy "software" ;). Sooner or later, someone would implement into their data "borrowing" software.
As a Linux user, some distros are trying to implement AI. Please for the love of god learn from Windows failure and never clone that company's decision
@@NataliePinewhat is that even mean AI is inevitable? If you mean large language models dominating society, that's not going to turn out to be true. Lol. We've been using AI in various ways for decades so yes we will continue to use it but this idea that LLMs are going to change society forever is wildly exaggerated to increase investor hype..chat gpt is wrong 52% of the time, Gemini has been a complete embarrassment, Microsoft just had to admit that their emissions are up 30% and they can't meet their 20-30 goal of being carbon neutral because of these AI servers. LLMs are going to be a huge bubble that is bursting. It's one reason why the humane pin and the rabbit pin were such an embarrassment. But they got investment because people fooled themselves into thinking anything with the words AI will make them money. Not saying AI has no utility, like I said we've been using it for decades, but so far all the consumer facing products involving large language models have been a disaster.
So, in order to do corporate espionage all you need to do is place your man as system admin in an organisation and run a search. Like, what sort of toxic glue has Microsoft been eating on their pizza sauce?
This is already really easy for sysadmins of a company to do, since they own both the computers and network routers. This just lowered the technical competency bar from low (install off-the-shelf software) to basically 0. Never do anything personal or private on a work computer, your sysadmins will know.
Oh so recall will BE there, ready to use but not enabled. Here's what's wrong with that and it should be obvious. OPT-IN should be "I install it and run it" not "it's all there waiting to be used but you don't have to use it." Imagine a "self repo feature" in your car or truck that you paid for in cash. My car or truck NEVER needs to be repossessed because it's 100% mine and always has been. I don't want that feature but it's BUILT IN and you can't tell them to REMOVE IT. We live in a world where mistakes are common and normal. I don't need to go any deeper than that. Someone orders a self-repossession on a car or truck and get some entry data wrong and BOOM, my car or truck is no longer in my possession or under my control. Forget about all of the other "But, but, but" anti-commentary, my rights have been violated and I have been harmed because of something that never ever needed to be there in the first place. "I'm sorry your car or life has been damaged... it was just a mistake." A mistake happens when you didn't reasonably know that it could happen. If you REASONABLY KNOW it COULD happen, it's no longer simply an honest mistake -- it is placing people at RISK with intention of private benefit. This is EXACTLY what Microsoft's recall is. This is EXACTLY what Adobe's terms of service is.
If there was a government crackdown on one certain thing they could say “let us see your computer” and go through recall to see if you participated in said “problem” its so authoritarian for absolutely no reason
The fact that it's a sqllite database really hints at the fact 1. they are prepared for your recall information to be easily sent to serverside databases If it was meant to be local just why use a database and not just store it in a encrypted file. 2. They didn't really put to much effort into the actual development of recall since anyone with a few years of backend experience can probably setup sql database hook up a ocr make a function call to the windows screenshot api so the only hard part would be creating the ui. Yet they pretend it's this revolutionary technology to mask the obvious spyware.
While I think this feature should be permanently shelved, I think you might be looking too deep into that decision. sqllite is extremely performant for certain things and this seems like a good use case for it. Personally if I was gonna be evil and extract information I’d have used something different.
@@dedr4m "...and only VM windows 11 for that one task that can only happen on Winblows 11" - That *ONE* task? You clearly don't work with business or creative software.
"Who in their right mind gave Recall the Green light for development given the obvious privacy and security issues of the entire concept" - The people who understand that the general public doesn't care about privacy or security. Look at how many people, including many people in IT, contort themselves to defend companies like Microsoft, Apple, Google, etc. They know their personal information and data is being collected and sold, but they don't care as long as the "product" they use/consume is convenient or beneficial to them. Those of us who actually care about privacy and security are in the minority.
"M$ keeps adding BS to their OS..." - Remember Windows 95? Under 100 MB fully installed. Now Windows fills up a 32 GB disk once you download the required updates and have been running for a very short time. And they choose to call that "progress".
Yeah, but people you associate with will. All your emails you send them, all your private messages/DMs, all your behavioral patterns for those you interact with and how.
I'm sure this is obvious to everybody here, but Recall was developed for Mid to Large corporation to track employees. this does not belong on the modern desktop. Recall is some CEO's dream. This should only be available to large companies with intranets and no real access to the web for employees.
Recall is a corporate security team's single worst nightmare made real. An OS integrated piece of malware that stores every single sensitive secret in a single location for random hackers and bribed employees to quickly scrape and ruin the entire business in record time. NO sane individual wants this.
I heard Recall was made to fix Windows Search from being slow. I'm hoping it's not the official reason because there are numerous searching tools that do better than Windows without being a privacy /nightmare/. They're using Screenshots + OCR on the fly to determine text...Surely, it's possible to read from the call that displays the window name anyway and use that (assuming they didn't want to swap their system). Ideally, Windows would take "Everything"s approach to being a search tool: Index file names and meta-data only into a local db file. That way searches would be literally comparing text-to-text and would be near instantaneous with our current computing speed. If "Everything" can achieve what is arguably the best file searching tool for Windows several years ago, there is no excuse to fail this hard now.
Wonder if it companies that are pushing for these features to make sure their employees/slaves are only doing work-related stuff? Who else could be interested in this feature, apart from blackhats?
thats crazy. New malware doesnt need to bring its own info stealer, we have recall for that now. Which will not be detected by Antivirus, because its from microsoft itself.
Let's cut through the B.S. Post covid, many people are now working from home. Employers want tools to monitor their staff remotely. That's who this is for. It's not so Microsoft can spy on you, it's so your boss can, and that keeps your company firmly on the Windows ecosystem. This feature will be enabled by your organization and will not be something you can opt-out of or disable without admin credentials. But the end users would flip their shit if Microsoft said that, so they're trying to dress it up as a productivity feature for the user. They want you to think it will make your life easier so you accept it. Querying a SQL database across a network is trivial, and unlike most collected telemetry data, there won't be specific IP addresses and domains you can just block to prevent it being sent. It's going to be locked down to your specific organization. So what you need to do now is write a script that injects data into Recall to make it look like you're working, lol. The arms race is on, Lazy bastards unite! We can spoof this data.
Man, this makes total sense now. I remember back in a day working in a 3D studio, and we had always issues with IT guys, because we where killing their spyware .exe file in processes. They once logged in to my workstation, I lost control over my mouse and they began to close facebook and other browsers on my second screen. In EU you are forbidden to spy and overwatch every step of your employees work. With Recall they don't need to place cameras behinds employees back, which makes employees suspicious. They can now spy in a hidden way, by letting recall record all employees activities and then extract it, overview it, with all the following reprocautions and penalties. In other words a tool for total dictatorship.
I don't want to be able to turn this feature off. I don't want this feature even shipped on the Windows install. If it's not possible to remove completely I'm jumping ship 🤓
I mean automated SQL database to record every single event, with searchable and copyable text in a high quality screenshots. Spywares don’t need to do too much work anymore, everything is ready and organized.
*IS Malware will simply enable the recall feature so they don’t need to code an AI keylogger/screen grabber themselves. I know that’s what I’d be doing at least if I was a malware dev.
it makes me uncomfortable that windows will ship with all of the DLLs there to do extremely advanced infosec allowing a hacker to ship an extremely small payload and potentially utilize those functions to do some of these features without the encryption features and the UI
I would like to see changes to virtual desktop clients so they refuse to start if recall is turned on. Potentially logging company owned data on a non-corporate owned device is just a leak waiting to happen. If you want to work from home, you have to disable recall first.
So much this, I don't see a possible use for recall. If I looked up something online and can't remember where it was I can already look at the browser history, similarly pretty much all software keeps track of recently accessed files. There is literally no need for screenshots lol.
"i wonder, who in this entire world with 8 billion people thought this feature is good?" - Malware creators, governments, advertisers, data brokers... If you meant that exclusively in terms of users, then I can still imagine some people wanting this. People are so stupid now, with 0.3-second attention spans and zero interest in privacy or security, so they have no problem with big brother watching everything they do. Just look at how many people are perfectly happy to let Google and Apple control all of their data. And for businesses, look at how many of them are happy to entrust total control of their companies to "the cloud".
Microsoft already opened a Pandora box. Even if Recall is dropped altogether, hackers now know it's possible to write this kind of application, and there will be copycats. Maybe part of a rootkit.
Windows Recall is absolutely still a security nightmare and it still affects you even if you don't use Windows. Be careful what you share and who you share it with now.
It DIDN'T "fall on it's face!" That's just it: It's still being implemented, AND shipped with Windows! The fact the switch is off for now, is insignificant, even irrelevant.
I remember when I went back to school online to study Medical Administration and I was required to study a tremendous number of problematic medical conditions, which no one could have easily discerned from a search history between personal searches and those for school. Then meeting people online with various issues I had to familiarize myself with repeated the entire experience where the subsequent search results became weighted and distorted, accordingly.
The problem is that their way of implementing Recall is 'security last'. Security for the sake of not getting grilled too much on Twitter and UA-cam. It's just pathetic, a good time to consider switching to another OS for serious tasks.
I'm glad Microsoft made the change, but it's not enough. They need to listen to the vast majority of their userbase who have been saying the same thing: WE DON'T WANT THIS SHIT. We don't want copilot, we don't want recall, we don't want any of that AI bloatware bullshit. We just want an OS that works.
Recall main feature is to take screenshots of Windows 11 Users bank account and automatically send these screenshots to Satya Nadela relatives in India.
I have a thesis about the origin of recall :) One day, the developers were sitting in a meeting and talking about how to better monitor the user. One of them said: We could take a screenshot every 5 seconds and send it to our servers! Bill heard that and said: Uhh, that's good, but if it gets out, we're screwed. They scrapped the plan and just implemented it for the users. :) That could be how recall came about. :D Thanks for the video!
This brings back memories of the security disasters that were "active desktop" and "Every Windows 2000 server gets IIS installed and enabled by default"
What the heck. If I put a spyware on my partner's phone, it wouldn't be tolerated and I could even be charged for doing so. Even if the information was stored locally and encrypted. Even if I said her security was my priority. Microsoft is putting a spyware on my machine without consent and without context. This is so wrong.
I knew this was invasive but I did not know that they were storing screenshots IN PLAIN JPG with a database of everything you've opened and websites you visited IN PLAIN SQL TABLES. This is madness.
see if you can use a veracrypt container to move that folder to it and making a junction. on boot i guess you'd have to delay the recall startup until the container is mounted. doable?
I already see Recall leading to multiple massive lawsuits against Windows from the very companies that were salivating over this "feature" They want it because the people in charge see it as a perfect way to "ensure productivity" They will hate it as soon as the very real security risks are exploited; all it'd take is a few machines getting hacked and a whole company could likely be totally taken down via Recall, and I don't mean the average pleb employee, I mean a single exec getting a virus that could very discreetly copy and send images of EVERYTHING they do for months or years, totally compromising the company inside and out, exposing EVERYTHING they do that is criminal, insane, or inhuman to their employees. For example, imagine if a few key Boeing executives got some new modern malware that doesn't even require the user to click a link, download a sus file, or go to a spoofed website; boom, company is compromised top to bottom, and since the malware is a feature of the company computer, it'll likely go unnoticed for as long as the hacker remains silent collecting data. There is no world where it isn't going to result in massive data breaches, leaks, and HUGE corporate espionage attacks.
So. Everything else aside, let's assume that those coordinates are clicks or even window layouts on a screen over time. Super useful information for malware hackers. Pop UNC, move to that person's common coordinates based on analysis. Bang job done.
To claim it "was" a security nightmare is just on a trolling or clickbaiting level. This is basically about how much can we get away with now and just see how much info we can steal as we please later when they "accidentally" enable features and apps and snuck in the right legal covers into a 300 page legalese "agreement". Windows will look like what was envisioned in Ready Player One at this rate. It'll become a non-opt out core feature soon enough I imagine. Probably already within windows 11 life-cycle. Who needs consent when they have a monopoly after all.
Definitely a red flag the supreme court needs to get involved in this because if Recall steals debit/credit card information and social security Microsoft is facing massive class action lawsuits.
Whilst its nice that Microsoft has listened to feedback and made changes, this doesn't alter the fact that senior people at Microsoft didn't (a) spot the very obvious high risk flaws in this idea or (b) do anything about it until the community pointed out the dangers. If they can make this kind of serious error, what else might they do that could create further data protection problems in the future? Where is the critical thinking, peer review and oversight at Microsoft?
I will by honest my concern is and always will be where this intersects corporate security because you see it all the time, all it takes is a single sloppy employee and boom the users pay the price and I am a bit sick of paying, in too many cases a monthly subscription, to be on the losing end of that fight between two parties I have zero control over.
🤯 Good lord what was MS thinking?? Thanks for the demo of this in more detail. Unbelievable. Hope Apple doesn't get any ideas and plan anything like it either.
@@ramondewilde05 "Definetly mint" if you like to fiddling with Ubuntu-only support pages and Ubuntu-related packages and services which are modified in Mint.
On Mint now. Try to take a day or so to learn about the differences and how to run Windows applications (Using Wine, Proton, ProtonQT, Lutris etc) but now, i'll never go back.
I would try out as many as you can in order to find what works for you. Not everyone is the same. Some like to use more the terminal others like it more close to windows. I would suggest a little of both. It is always a good thing to know how to use "sudo". Many switching or on Linux don't mention the many benefits nor do they mention keeping your own pockets fat instead these sorry good for nothing greedy corporations. If you don't mind (volunteerly) it is good to do a donation to many good open source projects that have the best interest of the public. Note: keep in mind some Linux are harder on a computer than others. Some need more ram, CPU, etc.. Good luck!
PSA, it looks like KB5037850 was taken out of rotation in Windows Updates... so trying to recreate an Azure ARM64 VM to bring Windows 11 24H2 26100.560 up to 26100.712 likely won't come through. I'm not sure why this was removed, perhaps Microsoft not wanting folks to play with it any more 😂 twitter.com/_JohnHammond/status/1799350383506313671
NSA is watchinng you LMAO!
They didn't want your video to be any more damning 😂
"I don't mean to dogpile on Microsoft" - so pathetic! Corporations treat us like dirt and people like you fawn all over them.
MOM IM ON TV
nice
i'm watching all of you (including SOG). thanks to reminding me...
I knew you would make it
@@randomdude5634I also use Arch btw.
Fireship reference...
People are applauding that Recall is off by default??? What the hell??? How about NOT INSTALLING that misfeature that nobody but the NSA wanted, thank you very much?
Should be behind an additional feature flag that results in separate download and install at minimum
"that misfeature that nobody but the NSA wanted" - Nobody but the NSA? Hardly. Every scammer and ransomware miscreant in the world surely wants that "feature" installed on every computer. More to your point, yes, there should be a way to prevent it from getting installed in the first place. Its installation should be placed behind several blatantly obvious, literal red-flag warnings about the risks it creates, and it should require a Google reCaptcha challenge/response in order to install.
Yuuuup see what i think is it should be removed entirely and they people who approved of adding it should get 2yrs of prison time 😅
They need it to be installed for when MS "accidentally" pushes a Windows Update that activates Recall without user intervention. Just like all default apps, I've deleted OneDrive and Teams multiple times.
@@thebosscrystal No, it should never ever get built, even! It has only one use case: Spying. There is NO legitimate user that will ever need this, especially not at a level that's worth the risk!
Recall is a classic example of just because you could, doesn't mean you should.
Or "Trying to fix a problem which doesn't exists". heh
@GHOSTSTARSCREAM - Or going to the Moon or Mars, and wasting billion$ instead of fixing issues here on Earth first. smh
@@BillAnt The world doesn't revolve around you.
Presenting recall in another softer way, that is like presenting pdfilia in a softer way as minor person attracted, which sounds so much more acceptable than pdf file
@@BillAntIt fixes a real problem but at a very high cost. This feature would have saved me dozens of hours over the years, but if it comes at the cost of hackers and governments being able to check on me whenever they want. I'll gladly waste more hours looking for things the old fashioned way for the rest of my life.
“Thank you, thank you, thank you Microsoft.” -hackers, government, cops, FBI, CCP, Google, Apple, Facebook, kidnappers, etc.
fr tho
Forgot scammers
And you also forgot Linux users
@@chri-k Thank you
Is there a way to disable/delete all the Recall components instead of just opting-out/not enabling it?
I can't sleep well that the Recall code is present on my machine even if it not enabled.
Windows Recall is (still) a Security Nightmare
Use AI to extract text from an image but still can't copy a windows error popup to find what the error code is.. priorities guys come on
Haha you can now, just let recall take a photo 😂
Huh? Yes you can. You can litterally ctrl+c on a windows error pop-up to copy what's in it .. that's been a thing forever. Sorry.
Never knew this @@LiEnby
I'm literally a SOC analyst and I had no idea this was a thing, thanks! @@LiEnby
@@LiEnbybruh never knew
Time for another antitrust case… Microsoft has no right to put malware companies out of business by bundling it with windows 😂
LOL
"no right" it's their operating system, they can do whatever they want. Companies need to be cautious when choosing the right OS.
@@BigOrangeManr/whoosh
They should be compelled to split it from their OS! Time for a new antitrust case! ☝️🤭
Yeah they are becoming a monopoly in this area. They need to branch off this segment of their company into a new one "Malsoft" to please the regulators.
Still is. That garbage should have never made it into the OS.
It's there and it's not going anywhere. No matter what Microsoft says.
Windows 10 will be the last Windows I ever use and when Steam stops supporting it I will probably stop supporting Steam and move back to console gaming not thrilled about having to switch to Linux I'm riding out Windows 10 and have already disabled browsing history on my desktop and I have disabled OneDrive and turned off the save screen shot feature it has. I have busted it for saving screenshots without my consistence it doesn't matter if Microsoft has a policy if the policy is illegal or violates the law in any way it CAN be removed.
@@milesprowerxinfinity lil bro your life wont change if they collect ur data for ads or dont, you should stop using internet and smartphones asap if so😂
@@PincKen facts so many companys collect your data and sell it to brokers apple samsung microsft google etc since everything is online in todays world its easy to find someone specifically its only gonna get worse
"She Chose The Wrong T-Shirt"
...
yep you really demonstrated it John
hehe, boobs!
Need a link 😅 asking for a friend 😊
Even turned off i do not want this feature in my windows installation. I'll be switching to linux.
Welcome to the club brotha 💪
Ignoring it is non negotiable ~~ ???
Microsoft builds and supports a variety of software products for Linux systems and makes them available via Linux. People put too much trust that one product is so much better and safer to use than another. Sometimes companies have many bedfellows.
@Mario583a yes it is non negotiable. I simply do not want that sh it on my computer not even if it's turned off.
But dude, this tool is so useful!
When you get hacked, not only can a hacker access everything on your computer, but see everything you've done in the past!
Crazy how microsoft added its own post exploitation screenlogging module into its OS so I don't have to write my own anymore 💀💀💀
It's following very closely the communist methods, which are 1. Introduce absolutely horrendous policies, which will create good advertising for the policy and make it known to people, 2. When people complain then roll it back a little and at first make it optional, 3. When it is now a well known policy, make it mandatory, 4. Now add the original horrendous policies, and make it mandatory policy. So, take two steps forward, one step back, twop steps forward, one step back
@@AntiAtheismIsUnstoppable Atheism is Satanism. Ognosticism isn't
@@AntiAtheismIsUnstoppable Communist methods? Its the most blatent showing of a capitalist ideal ruining a company. They want more data to sell, they ruin their product to make more profit for the month
@@AntiAtheismIsUnstoppable"Communism is when capitalism"
Just gonna point out password managers are now going to get compromised due to Microshaft.
Large shaft
Time for hardware wallets
The people who support this feature have the same level of brain-rot to support kernel-level anticheat.
kernel level anticheats at least do something good. this feature is straight up spyware
@@atsizbalik found one brain-rot here guys
@@atsizbalik if that where true why does kernal level anticheat effect mobile development. Like it's clearly doing more then what it should be doing if it makes android studio stop functioning.
@@atsizbalik you have been PWNED. All your data belongs to them. The attack vector was social engineering!
There's the people that support the gov putting cameras inside everyone's houses as well.
They requiring auth is better than nothing but this features means that every windows install in the feature is now 1 or 2 bugs away of being a keylogger for every windows user.
And no matter how good I think MS developers are, everyone makes mistakes and with a single zero-day attack someone can potentially silently enable this and collect everything. No need to write a hidden logger.
Even though the added security is better than the previous, it's still a nightmare.
This feature needs to have a giant hack reported in the news before Microsoft gives a crap.
There are actually Python script specialized in extracting data from Recall called Total Recall. Imagine adding it into your very spicy "software" ;). Sooner or later, someone would implement into their data "borrowing" software.
@@nerd0Chija oh wow, I didn't know, maybe that should've been included in the video 🤔
@@HietakissaIt was mentioned
@@herdenq sarcasm.
@@Hietakissa 👌
As a Linux user, some distros are trying to implement AI. Please for the love of god learn from Windows failure and never clone that company's decision
Why, unlike Microsoft, they don't have investors to please -.-
AI is inevitable, and potentially very useful. We just need to implement it appropriately
@@NataliePinewhat is that even mean AI is inevitable? If you mean large language models dominating society, that's not going to turn out to be true. Lol. We've been using AI in various ways for decades so yes we will continue to use it but this idea that LLMs are going to change society forever is wildly exaggerated to increase investor hype..chat gpt is wrong 52% of the time, Gemini has been a complete embarrassment, Microsoft just had to admit that their emissions are up 30% and they can't meet their 20-30 goal of being carbon neutral because of these AI servers. LLMs are going to be a huge bubble that is bursting. It's one reason why the humane pin and the rabbit pin were such an embarrassment. But they got investment because people fooled themselves into thinking anything with the words AI will make them money.
Not saying AI has no utility, like I said we've been using it for decades, but so far all the consumer facing products involving large language models have been a disaster.
Ubuntu was the first one to put ads in their distro. before windows lol.
@@NataliePine It doesn't matter if it's useful if nobody wants it
Literal spyware OS, should be banned from sale.
yes, as are the other big proprietary operating systems
Windows is now assumed malicious.
Just now?
@@rany0LMFAO FR
w$ IS malicious!
You mean since Windows DOS?? 😂
windows has been malware by definition for a long time
So, in order to do corporate espionage all you need to do is place your man as system admin in an organisation and run a search. Like, what sort of toxic glue has Microsoft been eating on their pizza sauce?
This is already really easy for sysadmins of a company to do, since they own both the computers and network routers. This just lowered the technical competency bar from low (install off-the-shelf software) to basically 0.
Never do anything personal or private on a work computer, your sysadmins will know.
@@Darticus42 not as blatant as Recall. Now it's actually literally a keylogger for everyone to see
Oh so recall will BE there, ready to use but not enabled. Here's what's wrong with that and it should be obvious. OPT-IN should be "I install it and run it" not "it's all there waiting to be used but you don't have to use it." Imagine a "self repo feature" in your car or truck that you paid for in cash. My car or truck NEVER needs to be repossessed because it's 100% mine and always has been. I don't want that feature but it's BUILT IN and you can't tell them to REMOVE IT.
We live in a world where mistakes are common and normal. I don't need to go any deeper than that. Someone orders a self-repossession on a car or truck and get some entry data wrong and BOOM, my car or truck is no longer in my possession or under my control. Forget about all of the other "But, but, but" anti-commentary, my rights have been violated and I have been harmed because of something that never ever needed to be there in the first place. "I'm sorry your car or life has been damaged... it was just a mistake." A mistake happens when you didn't reasonably know that it could happen. If you REASONABLY KNOW it COULD happen, it's no longer simply an honest mistake -- it is placing people at RISK with intention of private benefit.
This is EXACTLY what Microsoft's recall is. This is EXACTLY what Adobe's terms of service is.
If there was a government crackdown on one certain thing they could say “let us see your computer” and go through recall to see if you participated in said “problem” its so authoritarian for absolutely no reason
Bill Gates be looking at everyone's homework folder soon
oh shit.
Bill gates when he realises my homework folder actually contains homework: 😮😮😮😮😮😮😮
You mean my "School" folder that has over 300 GB? :D
@@CZghost300GB, I'm a god damn PhD over here. 😂
So john hammond is now paid by microsoft too to promote their spyware, looks like the greed for money just will not stop for this man
Recalling recall sounds like the best option.
If they care about security, they would be reducing the attack surface, not broadening it 🤦🏻♂️
The fact that it's a sqllite database really hints at the fact 1. they are prepared for your recall information to be easily sent to serverside databases If it was meant to be local just why use a database and not just store it in a encrypted file. 2. They didn't really put to much effort into the actual development of recall since anyone with a few years of backend experience can probably setup sql database hook up a ocr make a function call to the windows screenshot api so the only hard part would be creating the ui. Yet they pretend it's this revolutionary technology to mask the obvious spyware.
While I think this feature should be permanently shelved, I think you might be looking too deep into that decision. sqllite is extremely performant for certain things and this seems like a good use case for it. Personally if I was gonna be evil and extract information I’d have used something different.
Sqlite is used for tons of functions of different operating systems, apps etc.
201* keylogger is a malware 2024 keylogger is a windows feature
@@dedr4mCould also mean 201x
windows 10 already had a key logger.
@@ChrisWijtmanstell more
@@dedr4m "...and only VM windows 11 for that one task that can only happen on Winblows 11" - That *ONE* task? You clearly don't work with business or creative software.
Large corporations own the government, so they are the government. This is big brother.
You even have the minutes of hate... Do you condemn...
That's only for America rn. The rest of the world is in a much safer state, for now
@@magicalnoodleseh, not much. We are sucking the US's dong for tech. It's pathetic.
How, what??????@@magicalnoodles
@@magicalnoodles It might not be everywhere, but it’s in more places than not. Open your eyes.
theres no way. When you opened the image folder i thought "surely you cant just rename the file" and then you did just that. amazing.
Who in their right mind gave Recall the Green light for development given the obvious privacy and security issues of the entire concept.
C suite executives who don't know or care
@@Mekelainabasically
"Who in their right mind gave Recall the Green light for development given the obvious privacy and security issues of the entire concept" - The people who understand that the general public doesn't care about privacy or security. Look at how many people, including many people in IT, contort themselves to defend companies like Microsoft, Apple, Google, etc. They know their personal information and data is being collected and sold, but they don't care as long as the "product" they use/consume is convenient or beneficial to them. Those of us who actually care about privacy and security are in the minority.
Give you a hint, it's a three letter agency.
هام
"She Chose The Wrong T-Shirt"
She surely did
M$ keeps adding BS to their OS...
Yeah it's a called a GUI
"M$ keeps adding BS to their OS..." - Remember Windows 95? Under 100 MB fully installed. Now Windows fills up a 32 GB disk once you download the required updates and have been running for a very short time. And they choose to call that "progress".
You literally picked the only four videos I watched about Recall. Hilarious. I’ll never use recall because I’m on Linux but it’s juicy drama
happened to me as well😂
@@victor5.- I was thinking for the fourth video, “it’s gonna be muta, aaaaannnnndddd it is…” lmao
Yeah, but people you associate with will. All your emails you send them, all your private messages/DMs, all your behavioral patterns for those you interact with and how.
Haven't used Windows for the past 8 years😅. Stay away from Microsoft folks, run.
I'm sure this is obvious to everybody here, but Recall was developed for Mid to Large corporation to track employees.
this does not belong on the modern desktop. Recall is some CEO's dream. This should only be available to large companies with intranets and no real access to the web for employees.
Recall is a corporate security team's single worst nightmare made real. An OS integrated piece of malware that stores every single sensitive secret in a single location for random hackers and bribed employees to quickly scrape and ruin the entire business in record time.
NO sane individual wants this.
This was NOT a C Suite customer request. Yes, absolutely for business customers but this was made on request of a weasel of a middle manager.
I heard Recall was made to fix Windows Search from being slow. I'm hoping it's not the official reason because there are numerous searching tools that do better than Windows without being a privacy /nightmare/. They're using Screenshots + OCR on the fly to determine text...Surely, it's possible to read from the call that displays the window name anyway and use that (assuming they didn't want to swap their system).
Ideally, Windows would take "Everything"s approach to being a search tool: Index file names and meta-data only into a local db file. That way searches would be literally comparing text-to-text and would be near instantaneous with our current computing speed. If "Everything" can achieve what is arguably the best file searching tool for Windows several years ago, there is no excuse to fail this hard now.
I'm still reluctant to have this available for company computers but that's just me 😅
Wonder if it companies that are pushing for these features to make sure their employees/slaves are only doing work-related stuff?
Who else could be interested in this feature, apart from blackhats?
Remember everything is open source if you reverse engineer it
Microsoft will always "Recall" this moment.
thats crazy. New malware doesnt need to bring its own info stealer, we have recall for that now. Which will not be detected by Antivirus, because its from microsoft itself.
Let's cut through the B.S.
Post covid, many people are now working from home. Employers want tools to monitor their staff remotely. That's who this is for. It's not so Microsoft can spy on you, it's so your boss can, and that keeps your company firmly on the Windows ecosystem. This feature will be enabled by your organization and will not be something you can opt-out of or disable without admin credentials.
But the end users would flip their shit if Microsoft said that, so they're trying to dress it up as a productivity feature for the user. They want you to think it will make your life easier so you accept it.
Querying a SQL database across a network is trivial, and unlike most collected telemetry data, there won't be specific IP addresses and domains you can just block to prevent it being sent. It's going to be locked down to your specific organization.
So what you need to do now is write a script that injects data into Recall to make it look like you're working, lol. The arms race is on, Lazy bastards unite! We can spoof this data.
Man, this makes total sense now.
I remember back in a day working in a 3D studio, and we had always issues with IT guys, because we where killing their spyware .exe file in processes. They once logged in to my workstation, I lost control over my mouse and they began to close facebook and other browsers on my second screen.
In EU you are forbidden to spy and overwatch every step of your employees work.
With Recall they don't need to place cameras behinds employees back, which makes employees suspicious.
They can now spy in a hidden way, by letting recall record all employees activities and then extract it, overview it, with all the following reprocautions and penalties.
In other words a tool for total dictatorship.
I don't want to be able to turn this feature off. I don't want this feature even shipped on the Windows install. If it's not possible to remove completely I'm jumping ship 🤓
The Most sophisticated spyware I've ever seen.
I mean automated SQL database to record every single event, with searchable and copyable text in a high quality screenshots.
Spywares don’t need to do too much work anymore, everything is ready and organized.
I was thinking the exact same thing
*IS
Malware will simply enable the recall feature so they don’t need to code an AI keylogger/screen grabber themselves.
I know that’s what I’d be doing at least if I was a malware dev.
Not malware but microsoft
And they can get the stuff from before you installed the malware too
why doesn't anyone realize this lmao
it makes me uncomfortable that windows will ship with all of the DLLs there to do extremely advanced infosec allowing a hacker to ship an extremely small payload and potentially utilize those functions to do some of these features without the encryption features and the UI
I would like to see changes to virtual desktop clients so they refuse to start if recall is turned on. Potentially logging company owned data on a non-corporate owned device is just a leak waiting to happen. If you want to work from home, you have to disable recall first.
I would have loved this as a productivity tool if it only managed screenshots I manually took.
i wonder, who in this entire world with 8 billion people thought this feature is good?
microsoft
So much this, I don't see a possible use for recall. If I looked up something online and can't remember where it was I can already look at the browser history, similarly pretty much all software keeps track of recently accessed files. There is literally no need for screenshots lol.
Five Eyes lol
"i wonder, who in this entire world with 8 billion people thought this feature is good?" - Malware creators, governments, advertisers, data brokers... If you meant that exclusively in terms of users, then I can still imagine some people wanting this. People are so stupid now, with 0.3-second attention spans and zero interest in privacy or security, so they have no problem with big brother watching everything they do. Just look at how many people are perfectly happy to let Google and Apple control all of their data. And for businesses, look at how many of them are happy to entrust total control of their companies to "the cloud".
The Indian CEO
I remember, years ago fantasizing about being able to capture screen shots and keylogs with time stamps. Never knew Microsoft was already on it 😀
Microsoft already opened a Pandora box. Even if Recall is dropped altogether, hackers now know it's possible to write this kind of application, and there will be copycats. Maybe part of a rootkit.
This aged like fine wine. As 24H2 is now rolling out with Recall being a dependency on Windows Explorer
Windows Recall is absolutely still a security nightmare and it still affects you even if you don't use Windows. Be careful what you share and who you share it with now.
NSA, CIA, FBI are pissed that their wish to have this developed and “sold to” the world as good, has fallen on its face, and SO OBVIOUS
It DIDN'T "fall on it's face!" That's just it: It's still being implemented, AND shipped with Windows! The fact the switch is off for now, is insignificant, even irrelevant.
"She Chose The Wrong T-Shirt" thanks John!
Yay, Mutahar collaboration with John will be fun
I remember when I went back to school online to study Medical Administration and I was required to study a tremendous number of problematic medical conditions, which no one could have easily discerned from a search history between personal searches and those for school. Then meeting people online with various issues I had to familiarize myself with repeated the entire experience where the subsequent search results became weighted and distorted, accordingly.
The problem is that their way of implementing Recall is 'security last'. Security for the sake of not getting grilled too much on Twitter and UA-cam. It's just pathetic, a good time to consider switching to another OS for serious tasks.
So basically a keylogger that takes snapshots
A key- and screenlogger. 🤷
I'm glad Microsoft made the change, but it's not enough. They need to listen to the vast majority of their userbase who have been saying the same thing: WE DON'T WANT THIS SHIT. We don't want copilot, we don't want recall, we don't want any of that AI bloatware bullshit. We just want an OS that works.
I recall windows being a nightmare a long time ago, still happily using linux
Recall main feature is to take screenshots of Windows 11 Users bank account and automatically send these screenshots to Satya Nadela relatives in India.
This is Microsoft. It will be on, whether you switch it off or not. Anyone who thinks that they'll just let this one pass by users is very naive
I just installed LINUX this past weekend.
GOODBYE Microsoft.
Congrats!
you just demonstrated the whole point at the very beginning, where the screenshot shows "she chose the wrong T-shirt"
and the best part .......... ITS BACK!!!!!!!!!!
Could this be why Bitlocker is being pushed for Win11?
As far as I can recall, you didn't make a video about this.
For the record, you *can* package that python script into an .exe relatively easily so it can run without the interpreter installed.
I have a thesis about the origin of recall :)
One day, the developers were sitting in a meeting and talking about how to better monitor the user. One of them said: We could take a screenshot every 5 seconds and send it to our servers! Bill heard that and said: Uhh, that's good, but if it gets out, we're screwed.
They scrapped the plan and just implemented it for the users. :)
That could be how recall came about. :D
Thanks for the video!
Utterly insane. I can't believe someone thought it was a good idea.
I wrote a simple app to take a screen shot every n seconds and OCR them but I realized the security implications and stopped using it.
someone needs to compare time machine to this, it definitely doesn't take screenshots, but would be interesting to compare
This brings back memories of the security disasters that were "active desktop" and "Every Windows 2000 server gets IIS installed and enabled by default"
What the heck. If I put a spyware on my partner's phone, it wouldn't be tolerated and I could even be charged for doing so. Even if the information was stored locally and encrypted. Even if I said her security was my priority. Microsoft is putting a spyware on my machine without consent and without context. This is so wrong.
I knew this was invasive but I did not know that they were storing screenshots IN PLAIN JPG with a database of everything you've opened and websites you visited IN PLAIN SQL TABLES. This is madness.
Windows Recall is a hacker's dream come true. Recall is malware made by Microsoft.
This convinced me to learn linux
Nadella about prioritization: "Security first!"
LOL
I have not even watched the full video but im glad there is a shoutout to Fireship! Thanks for that John!
someone needs to make a meme of an A.I. bot surfing john's hair wave, cause that is a good looking swell right there
Moving to Linux when Windows 10 EOL 🗣️📢🔥
Oh my god, does that mean, my search history is also recorded?
can't tell if you're making a joke lmao
see if you can use a veracrypt container to move that folder to it and making a junction. on boot i guess you'd have to delay the recall startup until the container is mounted. doable?
This is a great example of why you should never introduce an attack vector unless it's really worth it and you make sure it's very, very secure.
I switched to linux just a few days ago.
congratulations on becoming a non NPC
I'm doing the same
@@owlmostdead9492 I feel free. *Removes clothes and dances in the rain.*
Breathe the free air again, my friend.
Any version of Recall is a security issue. Such a feature will always be exploited by bad actors.
And the worst of the bad actors being Microsoft/government. High powered fascism.
It's a perfect feature for employers to look how their employees perform :| ... in one word = concerning
I already see Recall leading to multiple massive lawsuits against Windows from the very companies that were salivating over this "feature"
They want it because the people in charge see it as a perfect way to "ensure productivity"
They will hate it as soon as the very real security risks are exploited; all it'd take is a few machines getting hacked and a whole company could likely be totally taken down via Recall, and I don't mean the average pleb employee, I mean a single exec getting a virus that could very discreetly copy and send images of EVERYTHING they do for months or years, totally compromising the company inside and out, exposing EVERYTHING they do that is criminal, insane, or inhuman to their employees.
For example, imagine if a few key Boeing executives got some new modern malware that doesn't even require the user to click a link, download a sus file, or go to a spoofed website; boom, company is compromised top to bottom, and since the malware is a feature of the company computer, it'll likely go unnoticed for as long as the hacker remains silent collecting data.
There is no world where it isn't going to result in massive data breaches, leaks, and HUGE corporate espionage attacks.
So. Everything else aside, let's assume that those coordinates are clicks or even window layouts on a screen over time. Super useful information for malware hackers. Pop UNC, move to that person's common coordinates based on analysis. Bang job done.
To claim it "was" a security nightmare is just on a trolling or clickbaiting level. This is basically about how much can we get away with now and just see how much info we can steal as we please later when they "accidentally" enable features and apps and snuck in the right legal covers into a 300 page legalese "agreement". Windows will look like what was envisioned in Ready Player One at this rate. It'll become a non-opt out core feature soon enough I imagine. Probably already within windows 11 life-cycle. Who needs consent when they have a monopoly after all.
Man you are the best security research explainer on UA-cam💚💚
Definitely a red flag the supreme court needs to get involved in this because if Recall steals debit/credit card information and social security Microsoft is facing massive class action lawsuits.
This so-called government is just as much to blame because they're the biggest violators of them all.
I have that too, it's called Print Screen.
Whilst its nice that Microsoft has listened to feedback and made changes, this doesn't alter the fact that senior people at Microsoft didn't (a) spot the very obvious high risk flaws in this idea or (b) do anything about it until the community pointed out the dangers. If they can make this kind of serious error, what else might they do that could create further data protection problems in the future? Where is the critical thinking, peer review and oversight at Microsoft?
They were fired before the launch of Win 8
So this is simply in a folder that you share with Microsoft via One-drive... ?!
It's not on OneDrive ... YET!
big shout out from the hacking community to windows for building a screen crab into the OS that saves me like 200 bucks!
"I don't recall searching for music and found this video..." 2:24
I will by honest my concern is and always will be where this intersects corporate security because you see it all the time, all it takes is a single sloppy employee and boom the users pay the price and I am a bit sick of paying, in too many cases a monthly subscription, to be on the losing end of that fight between two parties I have zero control over.
🤯 Good lord what was MS thinking?? Thanks for the demo of this in more detail. Unbelievable. Hope Apple doesn't get any ideas and plan anything like it either.
Time to move to LINUX! Any recommendations on distros for newcomers?
Definetly mint
@@ramondewilde05 "Definetly mint" if you like to fiddling with Ubuntu-only support pages and Ubuntu-related packages and services which are modified in Mint.
On Mint now. Try to take a day or so to learn about the differences and how to run Windows applications (Using Wine, Proton, ProtonQT, Lutris etc) but now, i'll never go back.
Manjaro xfce
I would try out as many as you can in order to find what works for you. Not everyone is the same. Some like to use more the terminal others like it more close to windows. I would suggest a little of both. It is always a good thing to know how to use "sudo". Many switching or on Linux don't mention the many benefits nor do they mention keeping your own pockets fat instead these sorry good for nothing greedy corporations. If you don't mind (volunteerly) it is good to do a donation to many good open source projects that have the best interest of the public.
Note: keep in mind some Linux are harder on a computer than others. Some need more ram, CPU, etc.. Good luck!
This was the final nail in the coffin for me . Time for me to move to linux. Or in the very least move my main computer there.
A minute in: Today I'm going to show you windows recall
What a hero o7