Ars Technica reports Microsoft will add AI to Windows, to steal your corporate secrets

Microsoft has started rolling out a.i. to its Windows Operating System for PCs. This “feature” pretends to make it easier to find documents on a computer.

What they should have done is create a reverse index for document retrieval by contents keyword. That proven technology has been around for decades, and doesn’t use a.i.

Microsoft’s tendency to force a.i. unto users of its Windows operating system poses significant threats to privacy and the safety of corporate secrets.

For those of us who have a business to protect, what operating systems help safeguard privacy?

cupcakezealot,
@cupcakezealot@lemmy.blahaj.zone avatar

most likely it will be a group policy which most it departments will turn off anyway.

clmbmb,

Don’t be so sure! For a few percents off the price some greedy executives would give anything to Microsoft (and/or others).

possiblylinux127,

Its kind of crazy how that works. Microsoft is blinded my success in many ways.

vikingtons,
@vikingtons@lemmy.world avatar

here’s hoping. would be a nightmare if it somehow reached the healthcare industry

ReversalHatchery,

At public services too, like schools and hospitals, where admins mostly couldn’t care less?

possiblylinux127,

For now…

Seriously though why do they do this to us. Before you know it Windows will be tied to Azure with no local AD.

possiblylinux127, (edited )

You can turn off a lot of it with group policy. I would also do testing on the desktop so you can stay ahead of the antifeatures.

Edit:

I like this line:

Recall won’t take snapshots of InPrivate web browsing sessions in Microsoft Edge

Gerudo,

My problem is, even if it’s encrypted, only local blah blah blah, if your Microsoft account is compromised, what then?

I worked on account services for msft. The amount of people with compromised accounts is astounding.

delirious_owl,
@delirious_owl@discuss.online avatar

You linked to a shitty website that blocks hardened browsers instead of the article on Ars. Downvoted.

Please re-post with a link to the actual article.

Shrank7242,

Ars Technica reports Microsoft will add AI to Windows, to steal your corporate secrets

Look, I think it’s a dumb feature and a dumb direction for Microsoft to head so deep into (AI and the whole Copilot branding). But that title is a downright lie and not supported by the article at all.

The article refutes your title in the 5th and 6th paragraph. Did you link to a reddit post rather than the article to make your title more clickbait? Come on, that doesn’t foster actual discussion. You can do better than that.

ace,

To quote Microsoft themselves on the feature;

https://lemmy.ananace.dev/pictrs/image/6b53f957-62d6-46c6-b03f-6ddeb0219c5a.webp

“No content moderation” is the most important part here, it will happily steal any and all corporate secrets it can see, since Microsoft haven’t given it a way not to.

Blue_Morpho,

No content moderation means it ISN’T reading the screen.

It’s screen shots saved to your hard drive just like when you hit the print screen key in Arch. It’s a stupid feature but saying MS is stealing everything because of this feature makes no sense.

Shrank7242,

I appreciate the content there, but the second sentence refutes exactly what you’re saying.

That data may be in snapshots that are stored on your device

Cast or put doubt on Microsoft security, or their privacy practices. That would be a great conversation starter as a post. But without evidence of wrongdoing the post here is a non story.

An example that would be notable is: “Packet sniffing reveals that Recall is sending image hashes to remote servers”. That would be a big story that could then appeal to the title of this post. But the Ars article, and even that screen shot you posted is nothing like that.

There’s a reason reputable news sites don’t report on things that don’t happen. Its because that’s not news. So back to the reference to the title of this post: “to steal your corporate secrets” is just blatantly false!

jeena, (edited )
@jeena@jemmy.jeena.net avatar

Soon it’ll be safer to use a Chinese Linux distribution than Windows.

Successful_Try543,

Red Star OS ftw.

RiQuY,

That’s northkorean I think.

Successful_Try543, (edited )

I know, but NK politically isn’t that far away from PRC.

I recall a statement from an article I’ve read several years ago on the presentation of Will Scott, a professor who has been in NK, at 31C3 2014.

Als sich Scott Root-Zugang verschaffte, fand er ein für Normalnutzer unzugängliches Programm, das die komfortable Einrichtung verschlüsselter Datenträger erlaubte. “Das ist interessant, wenn ihr einen AES-verschlüsselten Datenträger braucht, an dem die NSA garantiert nichts manipuliert hat”, scherzte Scott.

When Scott gained root access, he found a program inaccessible to normal users that allowed the convenient setup of encrypted data carriers. “That’s interesting if you need an AES-encrypted data carrier that the NSA is guaranteed not to have tampered with,” joked Scott.

jeena,
@jeena@jemmy.jeena.net avatar

I know, but NK politically isn’t that far away from PRC.

After the Covid lockdowns there is a saying in China:

We thought that North Korea is our past, but now we know it’s our future.

Fubarberry,
@Fubarberry@sopuli.xyz avatar

Ok, so this is a Lemmy post that links a r/ailess post that links a r/privacy post that finally links this Ars Technica article.

Why not just link the Ars Technica article to begin with? I don’t think there’s any good reason to link all these separate chained discussions.

delirious_owl,
@delirious_owl@discuss.online avatar

This. Please collectively downvote. This sort of thing is the proper use of the downvote button.

GolfNovemberUniform,
@GolfNovemberUniform@lemmy.ml avatar

I personally think that downvoting your comment is a more proper use of the downvote button. But the real purpose is to downvote stuff that violates the rules or is immoral in general (such as promoting terrorism or excessive data collection). And btw I don’t think downvote raids are allowed

ZeroHora,
@ZeroHora@lemmy.ml avatar

But the real purpose is to downvote stuff that violates the rules or is immoral in general

Says who? Since when? wtf

GolfNovemberUniform,
@GolfNovemberUniform@lemmy.ml avatar

It’s my personal opinion against their personal opinion. Nothing more. My reply was meant to show that the person aggressively forces their unproved opinion

delirious_owl,
@delirious_owl@discuss.online avatar

Downvotes are not “I disagree with this person”

A downvote used properly is to bury misinformation, low effort posts, off-topic posts, and as you say - violation of rules or attacks on others.

This is an example of a low effort post that can easily be misinformation because it cannot be verified.

GolfNovemberUniform,
@GolfNovemberUniform@lemmy.ml avatar

You are right. What I meant by my reply is that the person I replied to forced their opinion. But still downvoting low-effort is not great imo. Not everyone wants to spend an hour finding the source or writing a 10 paragraph explanation

swooosh,

You suggest that a low effort question that is read by hundreds or thousands is better than quickly searching the internet?

GolfNovemberUniform,
@GolfNovemberUniform@lemmy.ml avatar

I suggest that people should stop being toxic and excessively judgeful. I’m not saying that low effort posting is good. I’m trying to justify it

Blizzard,

There’s even the cross-post feature!

just_another_person,

This sounds a LOT like the plot of a terrible 90’s movie that was thinly veiled to portray MS as a mini-surveillance state, with some murder thrown in. I’ll try and find it.

Edit: Released in 2001, it was ‘Antitrust’. I remember it being bad, but not good-bad like ‘Hackers’

jaybone,

That sounds familiar. I was thinking of one called something like Sawfish? But maybe Antitrust is what I’m thinking of.

just_another_person,

‘Swordfish’. I don’t even know what in the hell that movie was supposed to be, but it was basically Hugh Jackman as Wolverine as “Hacker”, but just filled with ridiculous nonsense.

Great episode of ‘How Did This Get Made’ going over it. Worth a listen.

jherazob,
@jherazob@beehaw.org avatar

Direct, non-Reddit link

vk6flab,
@vk6flab@lemmy.radio avatar

I’ve been using Linux for near enough a quarter of a century as my main desktop and I haven’t regretted it yet.

Linux today is plenty easy to use today for a non-technical audience, runs with less resources, has global communities, comes in your language and it’s free.

satanmat,

I hear you.

Being able to search and read was the hardest part (read as not at all difficult)

99.9 % of my computer usage is FF and libreoffice.

Other than (maybe) initial setup there is nothing stopping “your mom” from being able to have Linux as a daily driver.

Microsoft is for some reason $$$$ shooting them selves in the foot they seem hell bent on making windows unusablely crappy. Oh look enshitification.

helenslunch,
@helenslunch@feddit.nl avatar

Microsoft is for some reason $$$$ shooting them selves in the foot they seem hell bent on making windows unusablely crappy.

They’ve been doing this shit since Windows 8 and haven’t lost any users so I don’t think “shooting then selves in the foot” makes sense.

henfredemars,

I wouldn’t say they’re not losing users. Rather, the tide is going out. The whole market is shrinking in favor of mobile devices for the non-technically inclined. An increasingly higher proportion of their users are enthusiasts and business over the casual user.

satanmat,

Kinda yeah. Like many things it is complex.

Back in the day… I was so chuffed when MS released 95, and 98 and was amazed at 2000.

But yes 8 was a horror show, and to that point— is anyone excited about a new release?

When there is really nothing wrong with XYZ machine running 10; but it is not supported in 11 and your EOL on 10; yeah there’s nothing compelling me to want a new computer

MS for a short while was or seemed happy for people to use 365 , but to me it seems like they are just shitting on windows as an os.

suburban_hillbilly,

Case in point, my late 50s father was recently fired from his job of 36 years. They told him not to return the ancient E series thinkpad they had given him as an email checker, but wouldn’t give him a password to be able to use it. After finding the bios wasn’t locked I chucked Debian on it for him and he’s been using it for months to send applications with only a light introduction libreoffice and some minor tinkering with system settings to make it feel more familiar.

DmMacniel,

You are a good kid. Kudos.

CCMan1701A,

Is this windows 11 and up or windows 10 as well?

aev,

The Windows 10 equivalent, Timeline, got discontinued in 2021. At this point in time it is unknown whether Microsoft will retrofit Recall into Windows 10. Knowing Microsoft it is safe to assume they’ll try anything for profit.

Kit,

I thought that surely it couldn’t be that bad. But…

“Recall uses Copilot+ PC advanced processing capabilities to take images of your active screen every few seconds,” Microsoft says on its website. “The snapshots are encrypted and saved on your PC’s hard drive. You can use Recall to locate the content you have viewed on your PC using search or on a timeline bar that allows you to scroll through your snapshots.”

qjkxbmwvz,

So it’s a security camera pointing at your screen, but with AI involved.

Honestly though, this sounds like the kind of thing you could hack together with a shell script and OCR on a *NIX system in an afternoon. Cronjob to take screenshots and run them through OCR, keywords to a database. Add hooks to your window manager to take additional screenshots on relevant events (change desktop, application opens/new window on screen, etc.).

zeluko,

bUt iTs Ai InTeGrAtEd

possiblylinux127,

“Encrypted”

It must be secure if it is encrypted. The problem with the Microsoft secret storage is that they key is on the disk.

Kit,

For individuals, yes. For organizations, no. Orgs who know what they’re doing use a HSM for their data encryption. Thus the title of this post is inaccurate.

But from the consumer side, I am absolutely never going to buy a “Copilot Plus” device, whatever that is.

possiblylinux127,

You may not get much of a choice.

Kit,

Your username is becoming more and more relevant daily

possiblylinux127,

Funny how that possibly happens

retrospectology,
@retrospectology@lemmy.world avatar

At first glance, the Recall feature seems like it may set the stage for potential gross violations of user privacy. Despite reassurances from Microsoft, that impression persists for second and third glances as well. For example, someone with access to your Windows account could potentially use Recall to see everything you’ve been doing recently on your PC, which might extend beyond the embarrassing implications of pornography viewing and actually threaten the lives of journalists or perceived enemies of the state.

Despite the privacy concerns, Microsoft says that the Recall index remains local and private on-device, encrypted in a way that is linked to a particular user’s account. “Recall screenshots are only linked to a specific user profile and Recall does not share them with other users, make them available for Microsoft to view, or use them for targeting advertisements. Screenshots are only available to the person whose profile was used to sign in to the device,” Microsoft says.

This sounds very much like on of those claims that has an invisible “for now” attached to it. It’s always going to be a slow roll out with these kinds of things.

RenardDesMers,
@RenardDesMers@lemmy.ml avatar

Can’t wait to see 3rd party software trying to use this to “improve your experience” while using their app.

retrospectology, (edited )
@retrospectology@lemmy.world avatar

Can’t view the post without the reddit app, have a direct link to the actual article?

jaykay,
@jaykay@lemmy.zip avatar

Had to dig but found it arstechnica.com/…/microsofts-new-recall-feature-w…

aev,

arstechnica.com/…/microsofts-new-recall-feature-w…

  • All
  • Subscribed
  • Moderated
  • Favorites
  • privacy@lemmy.ml
  • fightinggames
  • All magazines
    •