This is just a fucking privacy nightmare. We like to laugh and play here about Linux quite a bit, but holy shit this is the actual “If you’re using Windows and expect privacy at all, this is it, you should throw that notion out the window.”
I don’t care how much encryption there is, or the assurance that it’s only on your hard drive, I’ve sat in too many corporate meetings in my career to trust that. There is no way Microsoft is just letting you have that data and they’re not reporting it out. Very least? They’re using ML on it to aggregate what it sees in the screenshot, and then saving that. Worst case, they’re saving it to an encrypted blob storage, calling that encrypted, and hiding deep in the ToS that you actually agreed to that (even though it said in the big letters it was local only, sorry woopsie in the small letters it said it’s also stored there.)
Fuck, ignoring the obvious pron implications that I assume everyone here is immediately thinking of, think of HIPAA, think of the private communications with therapists that people have, think of all of the financial documents you’ve opened, think about bank accounts, chats, fucking everything.
Worst case, they’re saving it to an encrypted blob storage, calling that encrypted, and hiding deep in the ToS that you actually agreed to that
And then it’s discovered that bucket was accidentally set to public for over 8 months. Oopsie daisy! But you can’t sue us because also deep in the ToS was a forced arbitration clause.
Also, if you don’t agree to the whole ToS, you can’t use the computer you just paid for.
But they specifically said in their blog post that it has “privacy you can trust.” Just imagine all the trust you have in Microsoft plus all the trust you have in the accuracy of AI and rest easy. Plus the AI runs locally so they can trust you to pay the power bill.
Don’t think about how much money they could make with their business customers, based on telemetry alone.
I am so glad I switched to Linux 7 years ago. What an absolute shitshow Windows OS has become
We like to laugh and play here about Linux quite a bit
We do? Aside from the “I use Arch, btw” memes, I must not have got that memo :) And, uhh…I use Arch, btw.
Fuck, ignoring the obvious pron implications that I assume everyone here is immediately thinking of, think of HIPAA, think of the private communications with therapists that people have, think of all of the financial documents you’ve opened, think about bank accounts, chats, fucking everything.
So much this. I’m glad I dumped Windows and this just guarantees that I’ll never return.
if you’re using windows and expect any privacy at all […] throw that notion out the window
Correct. And the same is true even if you are using linux, macOS, android, or a butterfly to manipulate bits to send a message through the internet.
Because if your message ends up on the screen of a windows user, it’s also going to be eaten by AI.
And forget the notion of “anything you post on the internet is forever”, this is also true for private and encrypted comms now. At least as long as they can be decrypted by your recipient, if they use windows.
You want privacy and use linux? Well, that’s no longer enough. You now also need to make sure that none of your communications include a (current or future) windows user as they get spyware by default in their system.
Well maybe not quite by default, yet
Meanwhile in the EU
Europe sets benchmark for rest of the world with landmark AI laws
"“With the AI Act, Europe emphasizes the importance of trust, transparency and accountability when dealing with new technologies while at the same time ensuring this fast-changing technology can flourish and boost European innovation,” he said.
The AI Act imposes strict transparency obligations on high-risk AI systems while such requirements for general-purpose AI models will be lighter.
It restricts governments’ use of real-time biometric surveillance in public spaces to cases of certain crimes, prevention of terrorist attacks and searches for people suspected of the most serious crimes."
<snip>
I’ll legitimately be moving to Linux today. This just broke the camel’s back for me.
If you are new to Linux I would recommend buying a second drive or dual-booting for a bit just to ease into it. It has helped me persist with the transition because I always have the option of booting into Windows for a few hours if there’s something that I’m just too tired/frustrated to deal with at that given moment. Over time I’ve found myself booting into Windows less and less, to the extent that I’ll be able to drop it completely later this year without the big learning curve/wave of troubleshooting that I encountered the first time I tried to switch cold turkey.
I can second this! For me it meant that I could finish my game of modded fallout new vegas, and connect to my work’s microsoft vpn nonsense (IT support didn’t fancy trying it on Mint but that’s another story!)
I now have a personal OS that I like, and a windows partition for those few things that I can’t be bothered to troubleshoot.
So far the list is just those things and the Unity Engine as Visual Studio debugs better than code in my experience. :)
Having the option to flick back is great :) In the XP days, I loved the WUBI(?) tool that let you install ubuntu dual boot as an exe, but I think that’s not a thing these days., :)
Currently playing fallout New Vegas modded on Linux! Of course if you already did it, remodding and transferring the saves would be frustrating, but it is actually pretty simple once you learn how to use Steam Tinker Launch.
@Ilandar this is a good solution . Another would be to just not jump ship head first, but rather replace everything wth FOSS alternatives instead if they’re not available on Linux (e.g.: replace MS Office with LibreOffice, Photoshop with GIMP or something else, etc.) and use them for a while. Most of the programs should also be available for Windows, and if not you could also use WSL to run them.
Once you get used to these programs, the actual Linux transition should be easier.
Yes, that’s a great strategy and one I began before even transitioning across. I guess the only reason I didn’t initially mention it is because I’ve found many Windows users immediately switch off the moment you tell them they might need to consider non-proprietary apps and services. There are a lot of really solid and reliable workarounds these days that mean you can keep some of that Windows workflow if you really want to, so I feel like maybe it’s best to just let them try the operating system first and see how much they can get away with.
@Onii-Chan @UngodlyAudrey I suggest starting with Mint Linux and see how it goes. Or Kubuntu.
As others said, trial and error, and patience. My two cents, as a Windows convert who likes to game, I did PopOS. If you have an nvidia card they have a version with the drivers baked in. Steam was relatively easy, there were only a few things I had to go to the terminal for. Now it’s my daily driver and I actually just uninstalled Windows a few months ago.
Your comment inspired me and I just finished moving over. So thx.
I’m curious whether the increasingly invasive telemetry of modern Windows will have legal implications surrounding patient privacy here in the US. I work IT in the healthcare field, and one of our key missions is HIPAA compliance. What, then, will be the impact if Microsoft starts storing more and more in-depth data offsite? Will keyboard entries into our EHR be tracked and stored in Microsoft’s servers? Will we subsequently be held liable if a breach at Microsoft causes this information to leak, or if Microsoft just straight-up starts selling it to advertisers? Windows is our one-and-only option for endpoint devices, so it’s not like we can just switch.
I genuinely don’t have the answers to these questions right now, but it may start to become a serious conversation for our department in the future if things continue at the trajectory they’re going at. Or, maybe I’m just old and paranoid and everything will be okie dokie.
Like most of Microsoft’s more odious features, this one can be turned off through GPO/Intune policy across an organization. As such, the liability will mostly fall on the organization to make sure it’s off. The privacy and security impacts will be felt by individuals and small businesses.
They claim that the data is only stored locally, so far. We’ll see, I guess.
That closing quote is ominous:
“Recall is currently in preview status,” Microsoft says on its website. “During this phase, we will collect customer feedback, develop more controls for enterprise customers to manage and govern Recall data, and improve the overall experience for users.”
I read “so, yeah, we built in all the telemetry connections we swear we’ll never use … just for testing, ya know?”
more controls for enterprise customers to manage and govern Recall data
ahh ok so this is employee monitoring software
Despite the privacy concerns, Microsoft says that the Recall index remains local and private on-device, encrypted in a way that is linked to a particular user’s account.
Just like how Microsoft domain-bound emails were stored locally on machines running Outlook, right? Or how purchasing and downloading music, movies, and video games meant that we owned them, right?
I don’t believe for a fucking second that this “feature” will remain locally encrypted forever. Fuck Microsoft, fuck the AI bubble.
“Don’t be evil!
…
wait, you say you’ll pay me to be evil? Well fuck that changes everything!”
