I enabled Windows Recall on an unsupported PC, how creepy is it?
Vložit
- čas přidán 31. 05. 2024
- I successfully enabled Windows 11's new "recall" feature, it's creepy.
Github For enabling recall - github.com/thebookisclosed/Am...
Official Discord - / discord
Follow me on X - / atericparker
Recall is a new "AI Powered" Feature for Windows 11 "Copilot Plus PCs", of course what I found out is that it's actually possible to enable Recall & other Windows 11 Copilot+ AI PC features on any ARM PC. No NPU needed.
(C) Eric Parker 2024 - Věda a technologie
Can't wait for the inevitable "bug" that auto-enables it. Microsoft is terribly sorry in advance. I'm sure the apology is already written.
The probably used copilot to generate the apology.
Doubtful if you ask me, chances are they will reactivate it every time it updates. Maybe not the first update, but after a few updates, and it do so without warning. I am thinking that they are only testing the water here.
@@plogiii😂😂😂
@@rps215at this point I really feel like the smartest thing I'd have is a dot matrix printer from the 90s. And a sledgehammer sitting next to it in case it starts getting any ideas.
@@sadmac356Hadn’t they already started using dot-encoding to track printers in the 90s?
Recall just a glorified keylogger
What do you think Windows does? You are aware that since Vista it sends out your data to not just Microsoft but also third party data collectors, and since 10 it sends out everything you do constantly. Just check your traffic. Windows is spyware, but they've realized that Windows users have no spine, so they can just blatantly let the surveillance evaluation locally.
*screenlogger
It’s much much worse than that
Glorified backup app from ms bc lots of Backup apps do snapshots lol
Remote access trojan
Recall: Something that is like writing what you did today on notepad, but takes up significantly more space
honestly, like if you really need Recall that much, just write your stuff as a *.TXT document. it works on all architectures, all versions of Windows, doesn't have minimum requirements, it just works!
And is entirely accesible through a network, which a physical notepad simply is not
Can you imagine how many wives are going to search this every day to see what their husband or boyfriend is doing ?
I remember in the days of 95,98,XP I had a lot of wives and girlfriends asking me to see what their husbands and boyfriends and kids were doing on the computer.
I would drill down into the hidden places that were not cleared when you delete your history.
It actually keeps all your pages, files, history, almost everything.
It has done this since Windows 95
I don't remember it being in 3.1 but it was in 95 and everything since
I don't know if you can delete this new tracker. I imagine it is being uploaded to MS constantly.
I have relatives who have an online backup and all their data is constantly being uploaded to this third party company.
@@esraeloh8681I'm pretty sure notepad is referring to the app called notepad, found on every Windows pc since the mid 80s in one form or another
I can imagine MS prompting users to synchronize their recall history using onedrive. That would be funny
One dataleak away from the funniest moment in history
Use the few neurons you have, recall uses more than 150 gb of space locally is a local app not based on cloud for more than several months of collection knowing that, onedrive and windows users are the poorest people and pirate everything, where do you get that they can synchronize in the cloud if they barely have 5 gb for free, sometimes I am surprised how ignorant they can be.
Oh God, it's already bad without that
they will most definitely do that. For now they assure you it's just locally stored, in a few years they'll find a reason to convince you it needs to be stored in a cloud
@@Yes-me4pk They will use the excuse of low storage in the local drive to prompt OneDrive cloud to save space and access it everywhere.
I can't think of a single reason why I would need a visual history of the things I did with my own computer.
But I can think of lots of reasons why corporations, advertisers and government agencies would want it.
Locating deleted files and it might hold a copy of it. System Restore is not good at recovering txts from my experience
You realize that Windows has been sending out your data since Vista, and since 10 everything you do not just to Microsoft but also third party data collection companies. You can easily check this by looking at your traffic. Recall is just making the spying easier, since the surveillance is running on your box locally, and it just notifies Microsoft if it finds you engaging in wrong think.
I can think of plenty of reasons to have an infallible memory of what passed through my system in a given day. I don't always remember to bookmark or screenshot things and search has become wholly unrealiable to try and reproduce search results. I'd rather have it available when I need it than having to rely on remembering exactly what site that article was on.
From a corporate perspective, it'd be bad enough to add it to the already bloated monitoring that exists in some organizations; not to mention the aggregated amount when it comes to several thousand laptops all uploading such data. The government however would LOVE it, and if anyone would be willing to get MS to put hooks into it, to grab such stuff, our current government would certainly do so, and claim it as a matter of national security or something. Businesses would be almost unilaterally against Recall; it leaves too much info on the laptop if lost or stolen; if they're worried about lost work, well, nowadays it's more typical to force redirection of My Documents /Pictures/ desktop to a cloud platform like OneDrive. If they truly believe an employee is screwing off, well, it'd be time for termination anyways.. There's already enough monitoring in place, at least in my work place to see where one goes, and what one does..
Bosses would love the feature; but monitoring their employees' computers is not their primary role; it would take a large amount of time to sift thru screenshots of an underling's computer, let alone if the boss had 10 or 20 underlings; the boss would never have time to fulfill their other responsibilities. Where I work, Security and HR would never confer that level of control to a manager; they'd be hard pressed to get access to an employee's mailbox unless he/she was terminated.
FWIW: I only do "at work" sort of things on my work machines; everything else is on my personal machines, including phones. Only a fool would use a work machine to screw off during the day.. At times, I've seen the monitoring turned up so high that getting actual work done was nearly impossible;
As far as Recall is concerned; if it hits the OS, even in a disabled state, I'm more likely to jump over to Linux instead of having some spyware just sitting there, ready for someone to enable it; Sooner or later, it's coming; MS will just likely cause a bunch of folks to abandon the platform instead.
@@mcwolfbeast would making it readily available because of our infallible memory make our memory worse if memory requires maintaince through frequent use? Like a cobra problem of sorts
This definitely was hastily created to boost MS stock prices, because adding anything "AI" makes the line go up right now, for whatever dumb reason.
The same tech bros that were trying to push NFTs and shitcoins are imo very likely the same tech bros who are like "WOOP YEAH AI, LETS RUIN THE WORLD YEAHHHHH"
I hate publicly traded companies. All they care about is make the line go up :). Share holder monkey like when line go up on graph. Unga Bunga
Oh no its really got AI and the feature isn't for us its for law enforcement.
25 gig buffer, AI combs thru it, sends little bits back to the law. Everyone is now officially a criminal and its all automated.
But where the ai is?
@@reiayanami1441 Where AI comes in is they say you can ask for AI to go back and find some info for you basically.
"Nothing goes back to Microsoft"... yet
You realize that Windows has been sending out your data since Vista, and since 10 everything you do not just to Microsoft but also third party data collection companies. You can easily check this by looking at your traffic. Recall is just making the spying easier, since the surveillance is running on your box locally, and it just notifies Microsoft if it finds you engaging in wrong think.
Yeah sure, this piece of proprietary software made by a large corporation that's designed to capture your activity on your computer definitely doesn't send any data back to Microsoft. Totally believable.
@@tulenich9948 schizo
@@tulenich9948if it ever does go back to microsoft or this feature leads to compromised data, then lawsuits will be blazing to microsoft in a moment’s notice
@@tulenich9948He probably should have opened up wireshark to see if recall was trying to phone home
i don't like recall, i don't need a 100gb ai that has full control of my pc and sees my every move...
Your mastery of the obvious is unparalleled.
@@skycaptain95 lol
and it's forced into my pc
You realize that Windows has been sending out your data since Vista, and since 10 everything you do not just to Microsoft but also third party data collection companies. You can easily check this by looking at your traffic. Recall is just making the spying easier, since the surveillance is running on your box locally, and it just notifies Microsoft if it finds you engaging in wrong think.
The 100gb ai that has full control over ur pc can be used in many good ways, and it is useful actually. Microsoft is the problem, and any other sus company if made something similar to this.
We’re all smart enough to avoid this bullshit but what’s going to happen when 10 gets phased out and everyone is on 11 or 12, and suddenly your accountant is using this. Your insurance agent. It’s in hospitals, etc. 🤷🏻♂️
Legitimately scary. I didn't think about that, it's not just family and friends we have to warn and educate. It's everyone we do business with.
Microsoft is shaping up for a massive lawsuit when recall is responsible for a data leak.
I'm switching to linux after windows 10 suffers from some major exploit.
@@youtubehandlesux You can just get an anti virus.
@@warp36That's like telling someone that has a chronic illness or cancer to just use snake oil
It's 2024 and I somehow missed how Microsoft® is now trying to compete with major cybercrime gangs in writing Trojans.
I mean this kind of feature is the holy grail of RATs, it captures and recognizes everything user does on screen. It's not a new idea by any means but it was used mostly by cyber criminals up until recently.
Police are criminals, politicians are criminals, microsoft are criminals, nothing new here
It's so much better. Until now you had to get a machine infected and then wait for the user to do something you are interested in.
With this, you just get FS access somehow and start downloading what they've been doing for the past year or whatever.
Wow it's even worse than I ever imagined. It's a shame that the only people that are likely to see this video are the kind of people that never would have trusted this anyway. So many people really don't care about their privacy anymore.
You mean Windows and Apple users? Or are we taking this seriously and are actually talking about everyone owning a cell phone?
Also, most of us wouldn't fall for a disguised stealer since we are educated to spot those through vids like these.
It’s okay, Operation End Game is in full effect 😂😂
@@PinkAgaricus reminder that scams work because people think they can't be scammed. that means you, me, scambait watchers and IT experts. basically everyone.
always be vigilant, don't get cocky. there's no shame if you slip, their goal is to take advantage
Microsoft doesn't care about your privacy but everyone posting here does. It's a top-of-the-line malware and spyware built right into your OS, far worse than any other piece of malware ever written. One simply python script of just a few kilobytes seems to be enough to copy your entire database and they have everything you've opened, typed, ordered online for a period of 3 months, all conveniently stored un-encrypted in a simple SQL-lite database file. In there, it also contains all your passwords to every site you've visited, financial data, crypto data and much more. What could go wrong?
Ignoring the massive privacy concern, this being shipped on by default out of box is just another level of Windows bloatware/spyware that will slow down millions of systems to people who aren’t aware of why there system is slow and just leave it on all the time. Dell/HP copilot plus pcs will be a nightmare out of box with all the oem bloatware plus McAfee/Norton
also a potentially massive attack vector for bad actors.
finally a person who talk more about this. as someone who value system resources i hate the fact that this is taking so much of that. i dont want something running without me wanting it
i swear to god this is a fucking privacy and security nightmare.
imagine people in libraries. internet cafes.
if its not deactivated, people will have so much data captured on these...
The data isn't sent over the network. And joining a public network doesn't automatically make every single file on your computer available for everyone to see.
It is a security and privacy nightmare. But atleast use the correct reasons.
most libaries and cafe computers erase all data on restart or use a login system
not every public machine clears data.
there are libraries in the us that don't as well
I also didn't say anything about Network I meant the physical device contains the data and anybody using the device afterward could pull the data
Even if we don't argue your "most" claim, at least we both accept that there are some libraries that are not computer literate.
Today, it'll be the normies that will be screwed. In the future, they'll make it even harder to disable an "option".
what do you have to hide so badly buddy?
Wow, FBI agents replaced by AI. Now we all have Recall watching every our step
*Recall = Class Action Lawsuit*
_This has to be _*_the_*_ dumbest idea from MS. Ever._
kid that tool recall existed in windows 10 and dissapear and comeback with ai stop crying
@@Delker. It did not.
@@Delker. Sorry, the _"kid"_ is the one staring back at you in the mirror. And no crying-only predicting what's likely in store for Microsoft. Not sure why you're seemingly defending them, and ... couldn't care less.
@@LV4EVRhe's somewhat right though. It was called timeline on Windows 10, but lacked the AI and screenshots aspects. It basically had browsing history from edge and previously opened documents, so closer to a glorified quick access vs the RAT we have today. TBF I did turn off timeline since I didn't like it and will do the same for recall.
@@blisphul8084 Yes, but there's a huge difference: Timeline didn't take actual screen shots. Very invasive, but far less of a potentially-catastrophic security and privacy risk than Recall. Still, MS has, and continues to demonstrate that privacy and security are not their priority. Shame ... I actually love Windows, and have for many years. This will almost be the nail in the coffin. Linux is far from perfect, but it's solid and doesn't impose such ill-conceived _features._
So what is the point of this feature exactly? Feels like a solution to a problem that doesn't really exist, that only generates more problems... Honestly sorta like win11 itself...
It's to make do people no longer have to use their brain to remember things, because in the future AI utopia, the brain can no longer be bothered doing what it evolved to do, because that would be inconvenient... Especially to the big AI companies trying to sell you things your brain already does.
The point is for big sister goverment monitoring you and extorting you with cybercrime
The point is so that Microsoft will have your data to train their AI, and work with the NSA to keep spying on consumers.
Money
That's really the sad part, Win11, minus the bloatware, is a really good operating system, and I mean REALLY GOOD (rivalling 7 ime). Why tarnish something that works?
Microsoft be like: yall hate AI, so how about an AI that logs almost everything you do and can be stolen easily?
Now a stealer just needs to skim that folder and its likely to get plenty of good shit if that person doesn't know about it and isnt good with what they download.
I just cannot fathom what makes them think this is an ok idea
Literally just a simple zip and send of that folder would probably be enough. I assume the images are just non-encrypted jpgs. and they're timestampped as well.
it feels like Microsoft wants their users to change OS
They won't. It's like smokers not quitting. They will just accept it and keep living under total surveillance, just like they have since Vista. Just check your outgoing traffic.
They know smart people will be on Linux, they are preying on all the stoopid people like a predator
It's easier to trick someone than convince them they were tricked!
@@callisoncaffreyI can say for me, I will switch to Linux.
I'm not really good at linux yet that's why I revived an old laptop to practice on. Any Recommendations which distro? I currently have Arch installed on it
@@monkaSisLife Linux Mint seems to be pretty decent thus far; but not used it much. For the most part, you can boot a LIVE ISO off from a USB and then install it onto another USB and have fun from there. Some distros are sort of odd after working on Windows for the past 30 years.
Recall was the final shove I needed to wipe Windows from every hard drive I own, and install Linux on all of my computers. Because suddenly, the pain an agony of using Linux just became reasonable.
Linux is only pain and agony if you try to use it like windows. If you learn to actually USE Linux (eg: learn the very most basic terminal commands and learn how to effectively Google things) the process is much smoother
I jumped into the deep end after struggling with Ubuntu for a while, and did Linux From Scratch, which has you compiling your own operating system. Now, I would not recommend anyone do this for any other reason than having spare time, and wanting to learn the ins and outs of the kernel, but the fact is during that process a switch flipped in my head, and when I eventually deleted my LFS install, and reinstalled a mainstream distro (arch BTW) it felt seamless.
Windows is really good at making sure you don’t make bad decisions. Think of windows like living with your parents. They won’t let you drive drunk, and will hide the keys. Linux is like living alone. Your environment and the choices you make are yours and yours alone. If you want to drive drunk that is a dumb decision, everyone tells you it’s a bad decision, and you will likely face consequences for it, but it is to be an adult to face said consequences or make better choices.
Or install Windows 7
@@himmelskibet Windows 7 hasn't had security updates for several years now, so a windows 7 device shouldn't be connected to the internet
@@mathmagician8191 nah its fine. i was on win 7 until a couple of days ago
i honestly don't think linux is that hard... distros like Manjaro have really nice UI (i admit less polished one), but most of the time you will be spending in terminal anyway,
just learn about shell, shell scripting, and common linux file management tools, and you will be good to go
New entry in virus databases: WINDOWS
Lol
Trojan.Win32.Recall
This should be a powertoy, or something that people who go looking for it can install themselves. Having it installed by default is an easy way for novice users to burn themselves.
You're on point with that. PowerToys has useful features that should be default - and some are ON LINUX - but for this experimental Keylogger that they decided to introduce... Nope, it's completely necessary for the user to be there.
You are right. A novice user can burn themselves.
However.
That same novice user will hate anyone who persuaded them to switch to Linux, where they will find themselves unable to make it do what they need.
And if they can make it do what they need, they are savvy enough to understand how to turn off unwanted windows features.
linux users are having a laugh over this bs
Until they do some code and something breaks, oh right there's undo
@@aksGJOANUIFIFJiufjJU21 ?
@@aksGJOANUIFIFJiufjJU21 as a linux user just dont fuck with too much shit and you wont have this problem lma
@@tezcanaslan2877 microsimp cope lmao
@@tezcanaslan2877 Linux is a pretty stable kernel, I wonder if you're actually talking about one of the many distros.
There are distros so shitty it makes MacOS look like an actual operating system. There are distros so invasive it makes windows look like a privacy oriented OS. Some distros are unstable, some are broken from install.
Some distros are so sturdy you can recover your OS if you delete half the files in root, there's some so secure you can distribute drugs worldwide and you may never get caught using it.
Talking shit about Linux in general is like saying blondes are dumb, or third world countries are shit holes. It's uneducated drivel spouted by someone that knows absolutely nothing about what they are speaking about.
Remember when law enforcement had to use their brain? These days are long gone.
Or even had to get off their asses? Now they can see if you are committing crimes while they sit at home in their underwear!
Are the Gestapo and Secret Police really law enforcement?
Never thought I'd be so upset about a Windows recall.
Worst recall on the market
What a disaster this is shaping up to be.
Whoever is using Windows these days can't be helped anyway. The spying has been going on since Vista, and since 10 constantly. Just check your traffic. It sends out everything you do not just to Microsoft but also third party data collectors.
Babe wake up, Microsoft-endorsed keylogger just dropped! 😂
Turn off? Pretty sure Microsoft would make it mandatory in near future
yeah "cybersecurity" laws like cars... either comply or go bankrupt
*coughs* use enterprise *coughs* and use group policy to disable it
This should be illegal. I would want my government to actually intervene and outlaw this nonsense so that no other developer or OS vendor would dare try this.
It will definitely be illegal in EU.
What an awful idea. That's actually a reason for me not to buy an ARM device any time soon... or to install and trust Win 11. Not even having a No button at setup?!
x64 versions coming soon: South park cable guy
I hope this will be made illegal by law. No compassion.
By EU it will, USA might not be however
I doubt it will be made fully illegal as a product, but I can see it being mandatory disabled by default (and never allowed to be sneakily enabled in the future) to comply with EU rules. Wouldn't hold my breath if you're in the US though
@Xathian I think most Tech Savy people use EU-Windows versions nowadays anyways because of all the features you have (like completely uninstalling Edge) now I don't honestly know if there is an eu version or if Microsoft made these changes global
@@tezcanaslan2877 I would not be surprised if the feds get a hook in it so that they can enable the feature, including sending off the screenshots and pretty sure that MS will fall right into line to do it for them. Even disabled, I would not trust a system with the feature..
@@Xathian It is disabled by default...
I was upset when they added Cortana and the web search to the start menu... This is just next level bad.
Lain Iwakura mentioned!! Let's gooooo
🗿 moment
😂how come this is CN too?
And you don't seem to understand
i want to see ransomwere "battle royale" so to speak. just run a bunch at once and see who stays on top for as long as possible
I had a feeling when MS said recall would be encrypted what they actually meant was "this is why we are forcing bitlocker during install." I didn't think it would be quite so easy for someone with malicious intent to sift through the data though.
Problem with bitlocker is if you can get on hand the device and ability to bypass login screen
No matter BitLocker is, it doesn't matter
This is like having someone looking over your shoulder 24/7.
Edit: and to add to your final note, this does not have any legitimate uses.
Except quite frankly I'd *rather* have someone looking over my shoulder because I'm not likely to forget about a whole-ass person behind me!
why does this shit even need ai
its literally just taking screenshots an runs OCR over it
literally just something to say 'we have ai products' to stakeholders because they are trendy while risking user privacy and security lol
and why is it even need an arm based cpu 😂
Hot take: It doesn't need either AI or an ARM cpu. The AI "requirements" is just a False Marketing to fraud people. Microsoft is just limiting it to ARM cpu's so they can slowly roll it out to none-ARM cpu's and not get as big of a backlash (or none at all) than they would've had if they just pushed it out to every W11 computer all at once.
I’m never going back to windows.
Linux aggravates me because I’m a noob. But at least I don’t have to worry about it spying on me.
Linux Mint is the way to go if your first jumping into linux man
1st, what do you have to hide that makes you so scared of it being recorded?
2nd, you'll be back on windows, WINE is having a feature creep problem and can't run games made in the past 3 years because of it
@@polinskitom2277 lol you must work for Microsoft, We'll just say.... they haven't been good since W10 Heck even W7.... if you don't believe me... check out their decisions when it comes to their xbox brand
@@Suleku Windows 7 was a bad OS? It was the pinnacle of Windows (8.1 is a bit better thanks to being more recent than it nowadays though)
@@polinskitom2277 me paying my bills obviously. me working on my copyrighted works that I don't want MS copying and yeah they have a long storied history about that. What's the latest? Oh yeah, MS just dropped their version of CCleaner...so the latest from MS is they copied something yet again.
4:35 glad to see the Project Lain reference. Loved that show.
Serial Experiments Lain
The problem is that this precedent enables other companies to do the same thing. i.e: Apple, Google (Android), etc etc. And it's more dangerous than you might think. Sure, everyone thinks about the external hacker or the "glow in the dark", but what about the abusive husband who is constantly looking at his wife's phone and computer in order to control what they do? This surely will ease them the process. This needs to be considered illegal ASAP because it's very dangerous and the cons easily outweigh the pros.
Android won't be such a big problem if there's a release of Lineage for your phone
microsoft is the huge company, with OBVIOUSLY no good intentions, they have more much companies wanting that juicy data for MICROSOFT, that for sure sell data for MILLIONS of people, only for the money.
Don't forget, if a controlling person gets your PC to go thru, even if you delete normal browsing history, if u forget to delete the data from recall, they can see it. And they might be suspicious when there is a lack of data too
I wonder if you can delete the data. It is a single SQL lite database file managed by Recall and as long as that process runs, that file is open and you cannot delete it. Unless you boot in safe mode or whatever (or even DOS-mode again) and delete the file by hand every day.
passwwords are not blocked yet drm contents are? i guess microsoft prefers to defend copyright than our information
FWIW it is impossible to screenshot DRM content on Windows without a capture card already (you might be able to with a kernel driver).
@@EricParker Interesting, I never knew of that. I grew up watching all content for free so that kind of protection mechanism is new to me (so that's why we cant screen record with discord sometimes).
Its crazy, this isn't even just a screenshot program, everything is being analyzed by AI, microsoft will most definitely be using this for AI training.
does it have ai chat? otherwise ocr has been around for a while (optical character recognition)
@@BostYT No I don’t think so, but Microsoft is still feeding it through an ai for marketing and spying reasons
Even for legit reasons, why would this be useful? Is it useful enough to be forced on by default, 'cause it doesn't look like that to me.
I don't know… I guess someone could use it to see what they did a day ago if they forgot, but…well, even I, an insanely forgetful person, wouldn't want to use this.
Yes, I would rather forget things over knowing that anyone could grab screenshots and text from my computer and see everything I've done.
I'm not jumping straight to Linux like everyone else seems to (because I have a feeling it will take a long time before computers like mine can use Recall), but even I'm thinking of dual-booting or _something_.
@@XaneMyers True, I'd also rather forget and rather learn to take notes when needed or find other ways to remember things. I don't want my own brain abilities fully replaced by things like that.
And yeah I'd say dual boot is a common stepping stone in your linux journey. It's totally legit to install it alongside windows and use one or the other depending how you feel. You could also install linux to an external drive or something like that.
@@XaneMyers start with installing linux in Virutal Machine (Virtual Box, or windows' builtin Hyper V manager) and practicing terminal things, what a package manager is, what config files are, what the difference b/w kernel and OS, Desktop Environments, and most importantly: common CLI utils given by GNU project
@@XaneMyers agree 100% as a very forgetful person
doesnt go to microsoft servers.....YET
recall settings being in the privacy and security section is really fucking funny
Even if the data is encrypted, I see timestamps on the files so you'd know when someone's using the computer. When they are active etc.
That was always a thing already, if you have malware on the PC, that malware can just see when someone's logged in, when there's keyboard input and when there's more/less traffic or (temp) files being modified/accessed.
Stored locally on your machine, the machine that I guarantee has about 15 backdoors for the NSA that we won't know about. They're gonna have a field day with this.
EU be like: Uhm... No.
Just curious, if its in SQLite, what happens if you open it using any random tool that lets you view SQLite databases? Will the data be easy to extract or will there at least be some sort of protection of the data inserted into it?
I might be too optimistic, but they must have put something there to prevent someone from just accessing the data directly via, say, a PowerShell script... Right? Right guys? MS can't be this dumb... Right?
They will password protect it for sure. This is most likely a preview released for developers. But I am not confident about the overall security. It is a single point of failure for any attacker to find everything you do.
@@SahilP2648 Yeah, people have already figured out how to use it for info stealers (not to be malicious, but to warn about how easy it is), so I sure hope they protect the final product better.
Do you know, if there will be a RegKey and/or GPO setting to disable it?
Even if it stores the data in a protected "place", what if a threat actor uses some AI hacking techniques? Soon or later that recall thing will have some spicy vulnerabilities.
Thing is, no matter how protected the "place" where the files live, it has to be unprotected when the user wants to view it, which could realistically be a rat clicking it when they know you aren't likely looking at your screen.
@@WindowsDaily true, so it is vulnerable by default already e-e
finally I can harvest my credit card data to help out some poor russian cyber criminal
Amazing demo, thanks for bringing this so early!
Encrypted by username which MS makes it almost impossible to not be a MS account stored in Azure. - MS loose bit time over this but I guess they dont care.
How long do these videos usually take to render on your machine?
Nice video. When you were talking about bitlocker what do you mean about turning it off prevents malware from copying to another computer?
2 VIDEOS IN ONE DAY!!! Keep up the good work my man!!
Wanted to get this one out as soon as the tool was ready.
Yeah, just don't make a habit of it, we don't want you burnt out for our sake (mostly saying it because CZcams always sound so stressful to me, so maybe I'm projecting a little here 😂)
Imagine that you're watching questionable 4K homework videos and you forgot to turn off Recall 💀
Turn off? Pretty sure Microsoft would make it mandatory in near future
@@iusearchbtw69 Pretty sure you're just a schizo actually
@@丷how can you watch the video you’re commenting on and call someone a schizo for assuming they will make this mandatory in the future. Actual mental illness if you’re not joking lolol
@@iusearchbtw69 Welp, guess I'll have to stick with Windows 10
well you're protected as it doesn't record DRM protected content
I installed recall and i noticed a friendly purple gorila, is that normal?
send it to the scientists
The moment I learned about Recall, I swapped to Linux. The normalization of this keylogger plus the normalization of rootkits disguised as kernel-depth anti-cheat for gaming seriously makes me wonder if everyday users even care about their privacy and security... Scary future if everyone "knows" but doesn't care.
I am happy to see Linux rise. I don't think Recall is the main reason people are going to switch however because you know, the dancing pigs problem, but rather because of Windows getting more and more bloated with each iteration that people need very powerful PCs just to run Windows alone, even for mundane things that don't even need much computing power than a cheap smartphone has.
@@rps215 tbf id guess that recall is going to be the mother of all bloatwares on top of all the security and privacy issues. it truly is one of the most insane things ive ever seen a company push
I switched to Linux like a few days before recall was announced. Wasn't sure if to stay on Linux, but now I am.
I find the thought of Microsoft pushing Recall on mainstream users to be all too dystopian.
It's like having an AI Assistant constantly logging your everyday actions in eye-glaring detail, storing it all in some form of diary, just waiting to be read by a third party. The only way I'd use it, would be in a strictly professional capacity, or if I end up with severe memory issues. (Thanks a lot for the demonstration, btw)
And which business is going to allow this on their computers? This can lead to theft of business-related data (by Microsoft themselve someday or any random hacker who manages to gain access). Many companies require an NDA to be signed by every employee so you cannot even talk about what you're doing at work (not to mention share details about it) but this violates that agreement to contain even very specific data like passwords, internal IP-adresses, pincodes, emails, phonenumbers, database names and fields on internal servers (in case you work there as IT-guy) and much more.
@@powerpc6037 I completely agree, but there are use-cases where its use may apply.
Such as when a company or public institution hire consulting help for specific tasks.
Or for creating How-To guides on a PC.
(A bit expensive for that case though)
I just hope companies don't go full potato and demand this be used to keep track of employees - but then again, there are cheaper solutions for that, so I'm not sure it would fit.
So is this going to be a mandatory install on win11, or just that specific version and on? Also, can it be deleted without torching the whole OS?
I can't think of a single time i would have ever needed this
Very fascinating, indeed! Great, and informative video. I will for sure be enabling this feature on my new Surface Pro when it releases. Cheers!
4:31 let's all love lain
present day. present time. hahahaha
every time i have issues with my linux system after moving over from windows after decades i'll just watch this video again
Recall is obviously a half-baked half-thought-out feature. I'm sure it was rushed in order to capture a market. Given the way *all* software is shoveled out the door these days (and the advantage being first to market obviously affords), that in itself doesn't bother me. Over time, I'm sure the feature will be refined to redact more info and will likely be made configurable in terms of what ends up being redacted. But what does bother me is that obvious things, like credit card numbers, weren't already placed into the redacted bucket within the initial release. It's not like it's at all difficult for AI to recognize a credit card number when it sees one, and it's not like it takes deep thinking to realize they should be redacted. Far more concerning, though, is that, presumably, PII that could be used to facilitate identity theft is also not redacted.
Like the fact it read on the page "Credit Card" and under it was a number, it should be able to at black out the form, or at least just exclude that screenshot.
what bothers me that it's a opt out feature, rather than opt in
[Gordon Ramsay voice] it's fuckin RAW!
Microsoft has already indirectly confirmed that it records PII without redaction. The only reason that it “doesn’t record passwords” is because they aren’t visually displayed by default.
More specifically, Microsoft has stated that Recall takes snapshots of your screen. They have further stated that it does not discriminate by type of information. Your full legal name, home address, date of birth, etc are all displayed to the screen when you type them in. Recall, as they said, records screenshots of your screen. Recall, therefore, records PII.
@@WindowsDaily Microsoft deliberately decided to not block out that stuff.
Imagine tracking every single click an employee does, every form he fills, everything he watches... That's the holy grail for corporations and sadly with group policy in place there's nothing we can do to prevent this.
You can always find a different job. Turn to Linux and the feature phone. Go to the countryside, problem solved for the time being. Whether my comment was sarcastic its up to you
By the way, I'm using Linux (Fedora) at home, but on the other hand, I'm also very passionate about not starving to death, so I use Windows when I'm at work...
are the files encoded? Can you check with a hex editor?
or trying to open them up with a text editor like Pulsar Edit? or maybe emacs or vim...
Nope. It's an un-encrypted SQLite database file and the screenshots themselves can be opened by any image viewer or editor like Paint or Irfanview.
Lain caught me off guard, lmao; LET'S ALL LOVE LAIN
Great video! What about system performance impact (recall running in background - memory/CPU/GPU)?
Just when you thought having an old browser history visible was bad enough.
"its like the keylogger you never knew you wanted" hahahah well done with the vid!
Is it possible for MS recall to scrape data off the GPU to to capture data that is not within your VM? I'm wondering if they might want to snoop on home servers that have a Windows VM running in the background. I doubt MS would display that data to the user, but I can see where government might like that.
Can Recall capture DRM protected contents?
Is the SQLite database at least encrypted or is it just vanilla, plain, unsecured? I mean, if it's unsecured you can pretty much access it from any small script / program that has a SQLite connector.
The importance of this needs to be highlighted in a YT short. Windows 11 Recall is an OS-driven keylogger and visual-snooper, that's not creepy. That's criminal.
Spyware as a Service Now lmao! By Microsoft :)
SaaS-y
Tech Bros are like the flat earthers of tech industry, too stupid to understand the risk, too smart to be told by anyone
Call me an idiot, but how long until hackers reverse engineer this thing for their own purposes?
Also I had an idea, what if you could just press a keyboard shortcut to manually take a screenshot of something to "bookmark" it instead of it recording every single thing you do?
if a bookmark key is all you want, Windows + PrintScreen. All screens as one image file directory to your pictures/screenshots folder.
x64dbg and Ghidra
A week after they announced it, there is already a python script that can copy the entire Recall database file and send it over the internet to a specific hacker's pc. Recall isn't offically out yet, there are no computer that can run it yet (as you need an NPU in your pc) and it's already hacked.
it hasnt been released and they hacked it
@@geminightur hacked? It's PLAIN JPEG IMAGES
What about it's network activity?
"hey copilot what were the banking details that i used to make that purchase?"
I've been trying to enable it since it was announced but it won't work for some reason
"The keylogger you never knew you wanted"
The argument about saying "it’s not encrypted, inside a database" it’s litteraly the same problem with everything locally. Chrome store your credit card / pass locally without encryption. Discord store your token without encryption.
Yes. If any program can access anything without requiring some sort of authentication, it's either stored unencrypted or the key is lying around somewhere.Of course this doesn't excuse Microsoft from adding a metric ton of possibly sensitive data to the insecure pile.
the thing is: Chrome ASKS you before storing things
@@electrolyteorbRecall is also disabled by default on 99% systems
@@electrolyteorb It was an example but most users will save their password.
Chrome actually does use user account encryption, other local admins on the same machine will not have access to the decryption keys
✨ It's like the keylogger you never knew you wanted ✨ Perfect. Should be the tagine for recall, honestly XD
At least it doesn't send anything to Microsoft yet. Still, doesn't stop Microsoft from implementing it down the road, whether that's a few months from now or a couple years.
And they'll probably say "Oh we don't want to take up your precious storage space and don't want your Recall data being stolen if your harddrive gets nicked, so we're gonna store it in the cloud for you now. Thanks, now we can sell all your info to advertisers. Security risks? What security risks?"
just wait till recall taps into your microphone and logs your conversations too
Good video demo, thanks for going through it like this
How in the freshly mowed lawns of HELL did this slip past Microsoft QA?
^HUGS HER LINUX MACHINE TIGHTER^
Can you imagine what will now happen in future years when it comes to the tech support scams? Granny is going to get her stuff stolen in matter of seconds instead of minutes. scammer just has to populate this and BOOM.
Finally! A password manager that will actually not lose all of my credentials.
i wonder how much storage its gonna take up on the disk
I'm still not entirely sure I understand what it is supposed to do. Like, what benefit does this have?
I mean, filling (and wearing) your SSD with screenshots to aid you in the scenario that you've almost forgotten what you were doing, but still remember it enough to be able to enter it into a search field? This seems like something that could have been made in 2008 if it was something people actually had a use for.
Not the keylogger you deserve, but the keylogger you need.
Could you possibly try out teknos blur?
Hey bro. Can you see if “tiny task” is a malware?
"It currently doesn't work on X86. It will eventually..." as a person who is conscious about my data privacy and security, that line is very omnimous. The moment Recall arrives on Desktop PC I'm out, that's my last line drawn.
ah yes i can see how this will affect the all day of many people
-teachers will be able to check dtudent laptops
-parents beeing able to easily spy on their kids effortlessly and every trace
-every kid beeing able to steal their parents credit cards for sweet sweet game currency
-kids able to see innapropiative stuff if their parents who have a specific type of addiction
"-teachers will be able to check dtudent laptops"
this one is already true. I can hop on lightspeed and see student laptops in real-time. Basic IT stuff
"-parents beeing able to easily spy on their kids effortlessly and every trace"
they make tons of monitoring tools for that already. pretty sure it's built into most OSes now.
"-every kid beeing able to steal their parents credit cards for sweet sweet game currency"
they'd sooner grab it out of mom's purse, but I suppose it's one more avenue of risk lol.
"-kids able to see innapropiative stuff if their parents who have a specific type of addiction"
unfortunately, basically all kids already have cell phones and unrestricted internet access.
Can't wait for them to start yelling at me to upgrade my CPU so they can spy on me better
this is so bad I even considered switching to Linux, but it just isn't possible for me since I need Adobe and FL Studio...
4:32 just subscribed to your channel for that 😂
Nice name!