the company says that Recall will be opt-in by default, so users will need to decide to turn it on
I feel for the hundreds of engineers at Microsoft who have been yelling about these security issues since day one, but cannot say “I told you so” because they’d get fired.
I survived a similar incident, telling our CEO at the time “you know our product can’t do that, right?” I had to show my receipts, present usability studies, and faced incredible pressure, but 2 CEOs later, I’m still here… :)
Document everything. Keep good notes. You never know when it will be useful.
Sure but at Microsoft they fire people based on dice rolls
Or no dice rolls! “Bad luck, you! Bye!”
This is exactly what I was thinking. There are plenty of smart people that work there that would have said something before release. They were told to not rock the boat by the yes men and now Microsoft has to backpedal and pretend no one there thought about THOSE implications.
deleted by creator
I’m pretty sure the main picture on the article is what the revised opt in/out message looks like. Previously it was opt in with just a message describing the feature with a check box to have it open Settings when you were finished with the out of box experience so that you can look at the options later.
That’s how this works, isn’t it? Nobody reads past the headline. Everybody feels about it super strongly, just not strongly enough to actually read about it.
This might not be Reddit, but the Reddit behavior is still here.
Meatbags gonna meatbag.
Go easy on them, they’re only a 3 trillion dollar company. It’s hard for them to get the resources to build well thought out and secure software.
Pathetic, so glad I’ve been on Linux for years. I don’t miss Micro$oft one bit.
Right? Before they even officially rolled it out, there are already python scripts on github that can extract your entire recall database. They need to just stop.
Wild for sure. It’s pretty clear that M$ isn’t interested in making their OS anything more than a portal for their cloud products.
The overall percentage of revenue that Windows produces for them directly has been steadily shrinking for years while their Azure and cloud services/licensing has grown dramatically.
I guess it makes sense from that perspective. Call me old fashioned, but I still prefer my OS to be a platform for me to compute locally on and use as I see fit. Not be a bloated ad-ridden portal to a walled garden of proprietary web software.
Windows has gotten so bad in the last year or so, that I’ve actually started telling people, “Try Linux, but if that doesn’t work for you, just go with Apple.”
Both are scummy, evil mega corps that try to lock you into their platform forever. But at least with Apple, the cage is 24K gold with a little cushion, and you’re fed avocado toast & kombucha.
Windows is a rusty, filthy prison cell where the guards randomly come in to rough you up and you’re fed a steady diet of stale bread heels and gruel.
I’m pissed off I have to use Windows for work.
My job is almost entirely SSH-ing onto 40 different Linux servers, and doing some networking/bash script stuff, and sending emails.
It makes zero sense for my workplace to force me to use Windows, but they do. And my god, the laptop is slow. I keep thinking damn I have a laptop 10yrs older than this running Fedora just fine, and Fedora isn’t even pegged as a lightweight distro.
they needed researchers to tell them that?
It’s PR bullshit to give an excuse for backtracking basically
Internally people probably talked about how there were huge issues. Others probably said those issues are over stated and it’s no big deal. They decided to release it and the press says there are issues. Then, the company decides there are issues. That simple.
Having been the guy in an org shouting not to do something only for it to come back to us this way, the finger-pointing that begins is nuts. Often the people who tried to stop the “feature” from rolling out are the first to get blamed for it being shit.
Classic CYA, make sure everything you said is in writing somewhere.
I have as well. I won’t pretend I’m always right - I’ve thought some ideas that worked out incredibly were horrible. Also had the situation you describe happen. It’s okay when you’re working with reasonable people. Show them the slide deck, the email, the analysis, whatever… “Look you didn’t approve this”. "Here is an alternative ". That can work.
Just telling folks “I told you so” isn’t usually a great form of communication.
Well . . . the smart people they ignored when CoPilot was first proposed.
Too fucking late. I’ve already installed Bluefin on two machines and Bazzite on my gaming machine. I’m not going back.
Oh boy, sunk cost fallacy time! They’ll now waste millions of dollars to salvage this popularly unwanted nightmare in an effort to make it juuust acceptable to shove it down everyone’s throats.
Either that or they’ll spend all that money and then pinky-promise that they’ve made it acceptable, only for all their work to be immediately overcome by bad actors (criminals, corporations, governments, law enforcement, is there even a difference) and be the exact same nightmare anyway.
The fact that it took people not involved with Microsoft to point out and initiate internal change should be everything anyone needs to know.
To be fair I think they mentioned a button to temporarily disable the spying. Either for a time or blacklist an entire application.
Still highly recommended people move away from windows.
Right, but the problem is users should be able to use the feature and be confident it’s secure. It most assuredly is not as multiple people with access to the pilot program have demonstrated.
I bet some lower level folks within MS knew this would be an issue and screamed into the void about it.
You’re right, nobody should ever rely on external feedback for anything. 🙄
Not storing this shit unencrypted was pretty fucking obvious dude.
Pretty straightforward systemic failure – Dev team, I would guess, assumed full disk encryption would cover it, and nobody checked the assumptions. Or to rephrase: it was fucking obviously encrypted dude.
Oh, yeah, thanks for these researchers to have provided insightful feedback such as “don’t record private activity”, “don’t store data in a plaintext user-accessible sqlite database”, and “don’t do that automatically to everyone elligible, what are you thinking no stop”. No way anyone could ever figure these out beforehand. Microsoft was totally stumped when these showed up and most certainly is very honest when they say they’re reworking it now, and not at all abusing the PR outrage to slip us something as bad in the meantime.
The damage to their reputation is already done.
With that in mind we are announcing updates that will go into effect before Recall (preview) ships to customers on June 18.
I doubt they can do much with last-minute changes. It being opt-in is better, at least.
our review units of the new Surface hardware are being delayed by a week or so, presumably so Microsoft can update them.
GROAAAAAAAN. I just want to see proper benchmarks of Qualcomm’s new chips and they keep delaying it despite the laptops releasing later this month.
I can never again log into my email or other private account on someone else’s computer.
I mean, it could always have been compromised and had some kind of keylogger or something installed.
But with Windows 11, you are sure it’s compromised.
That’s the Microsoft™️ Guarantee!
To be fair the possibility of compromise was enough not to do it. Being sure of compromise doesn’t change that math all that much.
Yes, but now it definitely does
Not definitely, recall will be opt-in and only available on arm computers with a very specific ARM CPU
Anyone who trusts Microsoft for anything anymore will get what they deserve.
Bullshit.
This whole endeavour is looking like a careful plan to implement a smaller, slightly less horrible idea in Win11, and then creep forward from there.
Remember the model to move the goal line, folks:
- Overreach
- Capitulate publicly and fall back to your true target
- Repeat
Best of all, these large steps can be supplemented by nudging things forward with ‘adjusttments.’
They’ll probably come to the “logical conclusion” that storing the data locally on the machine poses “too much risk” and just move the storage to their servers “for your safety”…
