50GB Privacy bomb? Wtf?

[GTP]

Microsoft are about to roll out CoPilot Plus on Windows 11, which will have a feature called "Recall."

Recall will take snapshots of your screen every 3 seconds and store those snapshots in a 50GB container on the local drive.
Clicking on a snapshot will open the app that created it at the same place and time it was taken..
Anyone care to have their bank page, private messages (Signal, WhatsApp etc) snapped and stored for later "recall?"

As Steve Gibson says "What could possibly go wrong!"

Shownotes if you dont want to watch the video.

 

[Sky-Knight]

It's a screenshot machine that opens windows based on already stored credentials. It's not any more risk than is already there EXCEPT for what could possibly be processed by Copilot remotely, which only happens when you activate the feature.

The relative risk is low. Mr. Gibson is largely worried about unknowns which... well... that's a security guy. I'm worried too... BUT... I live in the MS Ecosystem with direct access to Microsoft people. At the moment, I feel the prevailing pressure against Recall is premature, we don't know what we don't know.

Here is what we do know. The payload to access here is on the endpoint, and locked behind your TPM module which is unlocked with your PIN. If something is on your endpoint capable of reading through all that... it already owns your endpoint and the game is already over. If something is operating in the Microsoft cloud fabric to get things on the other end... again... the game is already over for a horde of reasons, Recall is rather low on my list. This level of access could publish infested windows updates and control every endpoint on the planet! Malware that's reading your screenshots really is, low on the risk meter here.

Literally everything else, is speculation. The presentation of the feature didn't give the details everyone wrote about it.

You'll also note the feature only works if you have an NPU. So... have fun finding one of those!

 

[sapphirescales]

So long as the data is only stored locally in an encrypted container it shouldn't be an issue. The problem is I doubt Microsoft will be able to resist the temptation to use the data to show us targeted ads, or sell the data to another company. I can think of maybe one or two occasions in all my years of using computers when I wanted to find something I was looking at weeks/months ago that couldn't be found again using a search program like Everything. A lot of websites like YouTube allow you to go back and search your history, not to mention the ability to search your history with your browser. I just don't see a use for this thing. A program like Everything can search local files (or the built in search if Microsoft removes all the ads and web results garbage) and you can search your browser history for things you were looking at online. Microsoft isn't introducing this "feature" for us. EVERYHING Microsoft has done since Windows 8 has been to enrich itself by pushing ads and subscriptions onto its users. The days of Microsoft giving a crap about its users died with Windows 7.

 

[GTP]

So long as the data is only stored locally in an encrypted container it shouldn't be an issue. The problem is I doubt Microsoft will be able to resist the temptation to use the data to show us targeted ads, or sell the data to another company. I can think of maybe one or two occasions in all my years of using computers when I wanted to find something I was looking at weeks/months ago that couldn't be found again using a search program like Everything. A lot of websites like YouTube allow you to go back and search your history, not to mention the ability to search your history with your browser. I just don't see a use for this thing. A program like Everything can search local files (or the built in search if Microsoft removes all the ads and web results garbage) and you can search your browser history for things you were looking at online. Microsoft isn't introducing this "feature" for us. EVERYHING Microsoft has done since Windows 8 has been to enrich itself by pushing ads and subscriptions onto its users. The days of Microsoft giving a crap about its users died with Windows 7.

Agreed.
My biggest concern is that snapshotting every 3 seconds, capturing private chats in apps like Signal.
Totally defeats the purpose of using a "private messaging app."

I bet a certain country that starts with the letter "C" are beside themselves with glee, not to mention Russia...

It absolutely astounds and confounds me how and why people don't seem to give a crap about their privacy anymore. They just let these multinational corporations do whatever they want and then bitch about being "targeted" with garbage..

 

[Sky-Knight]

@GTP that's my concern too.

Malware on the endpoint reading that data can be used for all sorts of things. And a nation state would be the threat actor to make malware that does nothing else, rendering itself invisible to the user, and least likely to be detected by anti-malware for an extended period of time.

Again fortunately this new feature is limited to ARM based units with an NPU present. Intel based units will come later certainly, but also with that NPU magic part. For now, it's not a real risk to my endpoints because they won't have these features. The question becomes how long until those features become mainstream?

There's a fairly long ramp here to walk up, and there's plenty of places to stop and make sure things work correctly. Microsoft having recently let themselves be victimized by the Chinese specifically is exceptionally motivated to prevent exactly this threat avenue. So.... we'll see!

 

[timeshifter]

Again fortunately this new feature is limited to ARM based units with an NPU present. Intel based units will come later certainly, but also with that NPU magic part.

Does everyone agree that this is a sure thing - that Intel will be the CPU in the future on these units, just drop in an NPU?

I'd argue that the tide is continuing to turn against Intel. It started with Apple dropping them a few years ago. In 2023 Apple was 4th in unit sales worldwide. Pretty far behind Lenovo, HP and Dell to be fair, but still significant with a 10% share - and all their computers now don't use Intel.

In the Copilot + dog and pony show the new units were repeatedly compared to the latest MacBook Air M3, and beat it (of course). The systems were cheaper and had better battery life. I'm not sure Intel will be able to keep up.

The only thing Intel has to hang its hat on is compatibility.

 

[britechguy]

The only thing Intel has to hang its hat on is compatibility.

And that, given its size, is enough. Every chip maker goes through "hot and not" cycles. Intel's not going anywhere.

 

[sapphirescales]

And that, given its size, is enough.

Not if Microsoft's software compatibility layer is as good as they claim. If these ARM based CPUs can run all the x86 based software at an acceptable level of stability and performance, then x86 is basically dead. That doesn't mean Intel is necessarily dead if they switch over to ARM but x86 is just too bloated to ever reach the same performance per watt as an ARM CPU. Most people use laptops nowadays, so performance per watt is the most important measure. It doesn't matter if Intel can keep up with ARM in performance if it has to draw 60w in order to do so.

I'm not sure Intel will be able to keep up.

They absolutely will not. Unless they can rewrite the laws of physics (or drop 90% of the instruction sets in x86, thereby breaking backwards compatibility), the only way they can keep up is by increasing power draw, which they can't do because of laptops. Their newest generation desktop CPUs draw insane amounts of power, to the point where soon you won't be able to cool them at all, even with liquid cooling.

 

[DRPCNZ]

Intel own that many patents they could survive on that alone

 

[sapphirescales]

Intel own that many patents they could survive on that alone

Yeah Intel is going to continue to exist no matter what happens to x86 but they will still exist in the sense that Kodak still exists. Kodak used to be a huge company that was on top of the technology of the time but now it's a tiny forgotten company that technically still exists but is a fraction of what it once was. Hopefully Intel either invents a new CPU based on x86 that dumps backwards compatibility so they can compete with ARM, or they start making their own ARM processors, otherwise Intel is going to become like Kodak.

 

[britechguy]

@sapphirescales

Comparing Kodak to Intel is comparing "chalk and cheese," as the British say.

Kodak was saddled to film, and stayed saddled to film long past the time it had become obvious that no one could survive doing that.

Intel has been a dynamic chip maker, constantly evolving, for as long as I've been in computing (longer than you've been alive, I believe) and they're not just going to curl up and die due to the usual changes and evolutions in the industry. They'll morph again as they have many times before.

People have been predicting the death of both Intel and AMD on multiple occasions over decades. Both are still here, and look like they'll keep being here for the foreseeable future. I'll probably shuffle off this mortal coil long before either of those companies does, and I doubt I'll be exiting the land of the living anytime soon.

 

[phaZed]

Intel struck a deal last year to produce ARM processors for 3rd party customers, and have a 2nm fab in the works. They're not going anywhere.

 

[Metanis]

I remember when RISC was supposed to take over the world. Hell, Microsoft even released an NT 4.0 variant for Alpha, MIPS, and PowerPC. Everything old is new again.

 

[HCHTech]

For laptops, I'd wager that the increased battery life will be the horse that drives this wagon, with the "Oh, and your life will be even more wonderful with on-board AI!" relegated to the small print.

I remember an "employee monitoring" app from years ago that took screenshots every 30 seconds and stored them in a hidden directory. The name escapes me, but I ran into it on two separate occasions because it used up all of the free space on the drive.

I can also imagine CPUs having "onboard NPUs" just like current chips can have onboard GPU. Probably relegated to desktop chips where power is less of an issue.

 

[sapphirescales]

For laptops, I'd wager that the increased battery life will be the horse that drives this wagon

Not just increased battery life but also cool and quiet operation. Intel/AMD CPUs run hot as heck and require loud fans to cool. This isn't the case with ARM CPUs. Who would want a hot running loud laptop with a 4 hour battery life vs. a cool, silent laptop with a 20 hour battery life? The only hair in the soup will be if Microsoft hasn't gotten the x86 compatibility layer to be completely stable and seamless. If they haven't then this will be similar to the Windows RT/S Mode failure. Nobody wants Windows that can't run Windows programs.

 

[Sky-Knight]

ARM has been the target for some time. I expect Intel will bring CPUs with ARM cores embedded in them.

There is no "compatibility layer" in Windows. ARM versions of Windows run ARM versions of software. Windows does have Virtualization support, so it can spool up a VM to run AMD64 software, but that's not efficient. I reject the assertion that the platform is "dead" without these things, because we have Windows 365 now, and equivalent products.

And... I have to be a pedant for a bit. i386 (x86) has been dead for some time. AMD64 will be around for quite some time.

Intel is NOT behind, though they aren't innovating as quickly as they should. AMD isn't any better, and in many cases is objectively worse. Both of these companies are dying relative to the giant that is NVIDIA. Intel is currently trying to get its fabs back online... which IMHO it never should have shutdown, but I digress.

And no one can expect existing designs to have Recall features, when it's based on new hardware that has yet to be fully released.

Note, anyone that likes freedom will not see the rise of ARM happily. Because it means all endpoint devices are now various sized cell phones, with the walled garden market places, and apps that are little more than web browser to online services.

@HCHTech It was called Specter, now called Insider Risk Management, company rebranded and is alive and well: https://veriato.com/