If anybody wonders if Recall classifies what porn you watch, yes. Aside from OCRing text it also classifies images in videos.
9 minute 50 second mark in this, screen is blurred for obvious reasons.
Conversation
Notices
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 14-Jun-2024 23:22:04 JST 
Kevin Beaumont
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 15-Jun-2024 03:50:58 JST
Kevin Beaumont
Here’s the clip translated around adult content with Microsoft Recall.
They filter search terms in English like naked - but don’t filter it in other languages.
Everything you view - including in videos - is classified and stored in the database.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 15-Jun-2024 09:12:00 JST
Kevin Beaumont
This is pretty good - detecting Microsoft Recall misuse for data exfil. https://youtu.be/SV9-dn-5uEY?si=jVz9sC4A2wKxeiBt
I tested this against the latest release of Recall and both TotalRecall and these detections still work.
Obviously Recall may well alter before it hits Insider preview channel, nobody needs to rush out detections yet.
Btw all through this saga, Microsoft Defender never triggered Recall specific alerts for me. Sophos did.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 15-Jun-2024 17:38:24 JST
Kevin Beaumont
Nail on head.
-
Embed this notice
Khleedril (khleedril@cyberplace.social)'s status on Saturday, 15-Jun-2024 17:45:17 JST 
Khleedril
@GossiTheDog Rubbish. This is nothing to do with software not being tested, but the pure arrogance of a company on an insidious path to steal every scrap of data from its entire clientele, including potential rival businesses and take-over targets.
-
Embed this notice
Khleedril (khleedril@cyberplace.social)'s status on Saturday, 15-Jun-2024 17:54:47 JST
Khleedril
@GossiTheDog Come on, anybody with eyes knows where they are going.
-
Embed this notice
Khleedril (khleedril@cyberplace.social)'s status on Saturday, 15-Jun-2024 18:16:21 JST
Khleedril
@GossiTheDog Ok. I respect your authority on this subject and admire your work, but I think you are being a little naive here. We'll see where we are in ten years' time!
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Sunday, 16-Jun-2024 10:34:00 JST
Kevin Beaumont
Apple on Microsoft Recall.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 18-Jun-2024 05:19:50 JST
Kevin Beaumont
Windows 11 24H2 preview release has been rereleased (but only for Copilot+ devices). It doesn’t include Recall any more.
Additionally the Copilot+ PCs now have an update which enables the other AI features. This wasn’t available until a few hours ago, hence the lack of unsupervised reviews of the devices. It means you will see those reviews drop after the devices launch tomorrow.
-
Embed this notice
Maxi 12x 💉 (frumble@chaos.social)'s status on Friday, 21-Jun-2024 04:23:53 JST 
Maxi 12x 💉
@GossiTheDog So, the next time, we should better shut up and giggle in anticipation?
-
Embed this notice
Maxi 12x 💉 (frumble@chaos.social)'s status on Friday, 21-Jun-2024 04:34:40 JST
Maxi 12x 💉
@GossiTheDog My point is destroying Microsoft’s reputation is a good thing in the long run. ;)
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 29-Jun-2024 07:52:06 JST
Kevin Beaumont
There’s a website which gives some insight into how the UI and marketing push for Copilot+ Recall came together. The actual video appears to have gone MIA.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 29-Jun-2024 07:59:19 JST
Kevin Beaumont
.@JohnHammond’s video on Recall is great, and a lot of fun - should also history being rewritten on this one later.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 01-Jul-2024 06:14:01 JST
Kevin Beaumont
I got ahold of what I think is the latest Microsoft Recall (Copilot+ Recall? Nobody knows the branding) build and.. well.. Total Recall still works with the smallest of tweaks to export the database, it's still accessible as a plaintext database with marketing as the security layer.
Another observation, the Recall backlog must be very large as it's just becoming a truck load of features being dumped on.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 01-Jul-2024 06:31:22 JST
Kevin Beaumont
One thing MS needs to fix in Recall, before the Insider canary build hits again, is the MSRC bug bounty.
As far as I can see, if you find a critical or high in Recall it qualifies for *drumroll* $1k bounty, unless I'm misinformed.
That probably needs clarifying as nobody is going to sell photographic memory access to Windows devices to MS for that value.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 04-Jul-2024 22:23:31 JST
Kevin Beaumont
Linus Tech Tips on Copilot+ and Recall, after their embargo lifted. https://youtu.be/w5h_1Buf54I
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 06-Jul-2024 05:19:57 JST
Kevin Beaumont
Microsoft have started running paid adverts for Recall, apparently unaware the feature didn’t ship. https://www.tomshardware.com/software/windows/new-microsoft-ads-tout-unavailable-recall-feature-dont-mention-it-was-indefinitely-delayed-due-to-privacy-concerns
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 16-Jul-2024 19:33:42 JST
Kevin Beaumont
Something about Recall which I don’t think got enough (any?) coverage is it was marketed by Satya as using the NPU.. but it didn’t.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 29-Jul-2024 23:20:36 JST
Kevin Beaumont
Should Microsoft Recall ever reappear I plan to keep checking how secure it is, because the next evolution of security cannot be Microsoft pouring petrol onto the infostealer fire. https://www.wired.com/story/infostealer-malware-password-theft/
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 03-Aug-2024 06:15:15 JST
Kevin Beaumont
XDA Developers, who were a good source of behind the scenes info during the Microsoft Recall saga, are saying Microsoft have kicked Recall into the long grass and they think it may never launch. https://www.xda-developers.com/thread/microsoft-wants-you-to-forget-about-copilot-recall-it-seems/
It’s been almost two months since Microsoft said it would launch for Insiders in “weeks” instead.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 22-Aug-2024 03:31:10 JST
Kevin Beaumont
Microsoft now say Recall will available for Insider testing in October on select Copilot+ PCs.
As a community we’ll need to test the security implications out extensively.
Due to hardware requirements this will obviously be a problem, unless we can hack it to install on non-NPU systems again - I don’t know if that has been ‘fixed’ or not.
https://www.theverge.com/2024/8/21/24225439/microsoft-recall-windows-ai-feature-october-testing
GreenSkyOverMe (Monika) repeated this. -
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 02-Sep-2024 21:07:40 JST
Kevin Beaumont
The Microsoft Recall saga continues - Microsoft accidentally introduced the ability to uninstall it. They say this was an error and you won’t be able to uninstall it in the future. https://www.theverge.com/2024/9/2/24233992/microsoft-recall-windows-11-uninstall-feature-bug
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 28-Sep-2024 03:02:55 JST
Kevin Beaumont
Recall is back.
Overall the planned changes here are much more robust.
Some of the things are boomerangs - eg they said it wasn’t uninstallable weeks ago, but it is now. Also they said it wasn’t developed under Secure Future Initiative a few months ago.. but now say was originally.
The proof is in the pudding obviously so hands on tests will be required. They’ve locked it to Copilot+ PC systems now, which will limit research.
-
Embed this notice
gz (godzero@sfba.social)'s status on Saturday, 28-Sep-2024 04:51:39 JST 
gz
@GossiTheDog
Why would anyone believe them regarding these changes? They could still turn it on surreptitiously and store/look at whatever data they wanted. -
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 10-Oct-2024 21:11:21 JST
Kevin Beaumont
Microsoft need to go back and fix this if true, as Explorer shouldn’t be tied to Copilot and Recall. https://news.itsfoss.com/microsoft-windows-recall/
-
Embed this notice
Jonly (jonly@mastodon.social)'s status on Thursday, 10-Oct-2024 21:32:00 JST 
Jonly
@GossiTheDog so if i read this correctly you can uninstall it but your explorer gets downgraded to the old one?
Thats pity but managable -
Embed this notice
Edgar Whelp (edgarwhelp@cyberplace.social)'s status on Thursday, 10-Oct-2024 21:35:21 JST 
Edgar Whelp
@GossiTheDog you can remove it with DISM without breaking explorer.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 01-Nov-2024 03:36:15 JST
Kevin Beaumont
Microsoft have recalled Recall again.
It still hasn't even made it to Insider preview yet, that's been delayed too, now in December.
Good, by the way. They should take the time to get it right. I still don't know what they were thinking when they had the CEO stand on stage and say it was launching on devices 6 months ago and would be fully secure, when they hadn't even done a basic security review of it.
https://www.theverge.com/2024/10/31/24284572/microsoft-recall-delay-december-windows-insider-testing
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 01-Nov-2024 03:43:49 JST
Kevin Beaumont
I'd be surprised if it is released in December btw, as Redmond is a ghost town in the office from basically now until mid January.
-
Embed this notice
niffnaff (niffnaff@cyberplace.social)'s status on Friday, 01-Nov-2024 16:13:12 JST 
niffnaff
@GossiTheDog a conspiracy theory I have is that Recall has been developed for the Visual Capturing feature in Purview Insider Risk for better indexing of user activity. Somebody realised it was better purposed to ship to consumers. 0 proof but otherwise I really don’t understand what even brought the idea of Recall to life; literally nobody asked for it.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 20-Nov-2024 01:17:02 JST
Kevin Beaumont
In a newly released blog entitled "Windows: AI-powered, cloud-enabled, and secure", Microsoft say the business versions of Windows will ship with Recall disabled by default - IT departments will have to enable the feature before it is available.
This is a smart move and frankly it was incredible that the original idea was to ship this enabled by default in business - it was never, ever going to fly and hopefully Microsoft is rightly humbled by the experience.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 21-Nov-2024 07:44:56 JST
Kevin Beaumont
Microsoft are getting positive press for calling Recall “one of the most secure experiences it has built”.
I’d point out - they haven’t provided a Preview build to Insiders still, and there’s been no externally provided build (outside of NDA), so nobody has been able to assess the security and talk about it. There’s no specific bug bounty for it either.
When they first announced Recall, they called it totally secure - which was laughably inaccurate. It feels like a lot of premature high fiving
-
Embed this notice
Andrew Golding (huronbikes@cyberplace.social)'s status on Thursday, 21-Nov-2024 08:15:37 JST 
Andrew Golding
@GossiTheDog the statement could still be accurate and "most secure experiences it has built" is incredibly low bar including the old Windows 95 authentication control users could just close.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Sunday, 24-Nov-2024 05:43:52 JST
Kevin Beaumont
Microsoft Recall is now available for testing.
https://www.theregister.com/2024/11/22/microsoft_recall_release/
It’s only available on Qualcomm Snapdragon-powered Copilot+ PCs. My feeling is we’re probably going to want to hook one up to the internet and hack RDP for unlimited sessions, to allow research - I’ll look into it.
I’ve been told Recall is eligible for bug bounty as part of the Insider programme. I think the process is supposed to be sandboxed so in theory (my reading) the payout limit should be $20k.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 12-Apr-2025 00:47:00 JST
Kevin Beaumont
Microsoft are rolling out Recall to users in Windows Insider (testing) before a wider rollout to all compatible systems.
It's definitely one to watch (and yes, I am) from a security point of view.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 22-Apr-2025 03:14:15 JST
Kevin Beaumont
I've took a look at the past year of work Microsoft has done on Recall, which is due to roll out to compatible Windows devices soon
tl;dr it's much better from a security and privacy point of view. My partner managed to hack my Recall memory in 5 minutes to browse prior Signal discussions, by guessing my Windows Hello PIN.
There's a bunch of risks people who enable it need to understand.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 22-Apr-2025 03:18:19 JST
Kevin Beaumont
I think the following groups should probably not enable Microsoft Recall
GreenSkyOverMe (Monika) repeated this. -
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 22-Apr-2025 05:23:23 JST
Kevin Beaumont
Ars Technica have a good look at Recall too https://arstechnica.com/gadgets/2025/04/in-depth-with-windows-11-recall-and-what-microsoft-has-and-hasnt-fixed/
-
Embed this notice
Robert Link (phaedral@mastodon.social)'s status on Tuesday, 22-Apr-2025 07:19:31 JST 
Robert Link
@GossiTheDog No attorney should ever allow such a security risk, nore anyone with HIPPA duties.
clacke likes this. -
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 23-Apr-2025 20:38:13 JST
Kevin Beaumont
One other Microsoft Recall observation, it records Citrix client sessions, even with anti-screen capture enabled.
Børge and GreenSkyOverMe (Monika) repeated this. -
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 26-Apr-2025 03:55:54 JST
Kevin Beaumont
Microsoft have announced, in a Friday night blog post, they are rolling out Copilot+ Recall to all compatible devices over the next month. https://blogs.windows.com/windowsexperience/2025/04/25/copilot-pcs-are-the-most-performant-windows-pcs-ever-built-now-with-more-ai-features-that-empower-you-every-day/
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 26-Apr-2025 04:15:19 JST
Kevin Beaumont
Tabletop scenario for you:
Employee gets into a dispute with employer, leaves, had sensitive role. Employer revokes access, devices etc. Employee had logged in via BYOD to email, IM etc.
Due to Recall, employee walks away with 6 months of screenshots of everything she's ever worked on in a text indexed form - every email, chat, Teams call with video snapshots, transcripts of verbal calls etc.
What does the employer do now?
Mr. Bill repeated this. -
Embed this notice
Professor Emeritus Blake Y Rat (blakeyrat@mastodon.social)'s status on Saturday, 26-Apr-2025 04:23:16 JST 
Professor Emeritus Blake Y Rat
@GossiTheDog A "Friday night" blog post posted at 10:00 AM?
-
Embed this notice
da_667 (da_667@infosec.exchange)'s status on Saturday, 26-Apr-2025 04:25:44 JST 
da_667
@GossiTheDog didn't even consider this. Hope your employer has strict MDM. But even then, who knows what happens.
-
Embed this notice
groff 🇺🇦 (geoffl@mastodon.me.uk)'s status on Saturday, 26-Apr-2025 04:28:42 JST 
groff 🇺🇦
I know how to install Win11 on an "incompatible" device. How do I fool Microsoft into detecting my Copilot+ compatible devices as incompatible?
-
Embed this notice
Ricky Boone (rickyboone@infosec.exchange)'s status on Saturday, 26-Apr-2025 04:36:08 JST 
Ricky Boone
@GossiTheDog But think of the opportunities! This opens the door for Microsoft and security vendors to come up with new solutions to sell to concerned companies! It's a win/win scenario... If you exclude the customer/user.
/s
-
Embed this notice
James Forshaw :donor: (tiraniddo@infosec.exchange)'s status on Saturday, 26-Apr-2025 04:44:38 JST 
James Forshaw :donor:
@GossiTheDog "Gone are the days of trying to memorize and remember file names or exact words. With improved Windows search..." we can shove AI generated garbage straight from Bing to your eyeballs with no way of disabling any of it if all you wanted was finding your own files.
-
Embed this notice
Professor Emeritus Blake Y Rat (blakeyrat@mastodon.social)'s status on Saturday, 26-Apr-2025 05:05:31 JST
Professor Emeritus Blake Y Rat
@GossiTheDog Only a small portion of the world is in ANY time zone. But it does happen to be the time zone that the company we're actually talking about happens to be in.
-
Embed this notice
Adrian Sanabria (sawaba@infosec.exchange)'s status on Saturday, 26-Apr-2025 05:58:53 JST 
Adrian Sanabria
@GossiTheDog people already screenshot stuff constantly, Recall is just drawing extra attention to an existing issue
-
Embed this notice
Adrian Sanabria (sawaba@infosec.exchange)'s status on Saturday, 26-Apr-2025 07:29:48 JST
Adrian Sanabria
@GossiTheDog if you’re on a box, can’t you just do the equivalent of Recall with malware? It definitely makes the job of an attacker easier and more streamlined, but not sure it adds up to a massive increase in risk.
Also, anyone that figures out how to eliminate that one hour every day the planet spends trying to find stuff on their computer could maybe add 10% to global GDP. How much risk is that worth?
(not that Recall is that solution, but it could be, right?)
-
Embed this notice
Face Thumb (chrisp@cyberplace.social)'s status on Saturday, 26-Apr-2025 07:41:31 JST 
Face Thumb
@GossiTheDog BYOD was already a bad idea for the employee and the employer. This just makes it more obvious why. Malware or intentionally installed software run by the user themselves could already do this in Windows 7, 10, XP, hell, any OS can run software to do this. Thank you to Microsoft for pointing out why it is *such* a bad idea.
-
Embed this notice
mcv (mcv@friendica.opensocial.space)'s status on Sunday, 27-Apr-2025 03:06:42 JST
mcv
Companies dealing with sensitive info should ban all computers capable of running Recall from their networks.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 22-May-2025 01:56:24 JST
Kevin Beaumont
Signal have rolled out an update to all users that stops Microsoft Recall from capturing Signal conversations.
I’ve tested this and it works. Brilliant work by the @signalapp team. 💪
They call on Microsoft to build better, as there was no standardised way as an app developer to do this. Because Signal is open source, now app developers have a template to protect their users from Windows.
-
Embed this notice
Miakoda (hellomiakoda@pdx.social)'s status on Thursday, 22-May-2025 11:30:24 JST 
Miakoda
@GossiTheDog @signalapp I don't use Windows and this nudges me towards Signal
-
Embed this notice
Pavel Machek (pavel@social.kernel.org)'s status on Thursday, 22-May-2025 18:20:27 JST
Pavel Machek
@GossiTheDog @signalapp Dunno. Perhaps simply avoid running screen-capturing malware? If Microsoft will not allow uninstall of Recall, you can still uninstall Windows... -
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 20-Jun-2025 20:10:45 JST
Kevin Beaumont
I found an interesting Microsoft Recall issue with the latest version - Recall is enabled on my PC, but the tray icon (bottom right) saying it is running is missing.
-
Embed this notice
fuzzyfuzzyfungus (fuzzyfuzzyfungus@cyberplace.social)'s status on Saturday, 21-Jun-2025 00:25:25 JST 
fuzzyfuzzyfungus
@GossiTheDog Active recall seems like something that really deserves an alert more along the lines of the "Activate Windows" message that gets superimposed on top of everything than just a traybar item; but I suspect that there's not much internal appetite for making it so visibly alarming.
-
Embed this notice
BingoBeam (bingobeam@cyberplace.social)'s status on Saturday, 21-Jun-2025 23:49:43 JST
BingoBeam
@GossiTheDog Incremental backups with visual snaps.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 24-Jul-2025 07:44:32 JST
Kevin Beaumont
Brave are blocking Microsoft Recall by default, hopefully Vivaldi follow. https://www.bleepingcomputer.com/news/security/brave-blocks-windows-recall-from-screenshotting-your-browsing-activity/
Capitã Obvio and Rich Felker repeated this. -
Embed this notice
Knightmare (lancejz@mastodon.social)'s status on Friday, 25-Jul-2025 03:45:55 JST 
Knightmare
@GossiTheDog For the ten people that have a surface laptop able to even do that.
-
Embed this notice
Phil (h0ru2@cyberplace.social)'s status on Friday, 25-Jul-2025 10:05:18 JST 
Phil
@GossiTheDog Let's hope this doesn't turn into a game of cat and mouse, because M$ decides that "enrolling some users for some time" is acceptable
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 09-Aug-2025 05:31:14 JST
Kevin Beaumont
The Register took a look at Microsoft Recall and found it captured personal information, such as social security numbers and such in its database.
They also found they could access it remotely using TeamViewer, using just a PIN.
https://www.theregister.com/2025/08/01/microsoft_recall_captures_credit_card_info/
-
Embed this notice
fuzzyfuzzyfungus (fuzzyfuzzyfungus@cyberplace.social)'s status on Saturday, 09-Aug-2025 23:23:47 JST
fuzzyfuzzyfungus
@GossiTheDog Looks like your original note that requiring biometrics to set up but not on subsequent access seemed really squirmy has, indeed, proven to be really squirmy.
It's hard to imagine how they could ever get the actual 'recall' function of recall up to a safe level without measures that totally rule it out as a consumer feature. The sort of faff involved with HSMs, Data rooms, or SCIFs isn't going to fly; but it's unclear whether anything more convenient is fit for purpose.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 28-Oct-2025 19:38:57 JST
Kevin Beaumont
I still use Recall on my development laptop, and actually use the feature quite a lot through testing Recall... and yet, I've started to get regular engagement prompts to use it lately.
To me this strongly suggests people aren't actually using it in the wild as MS are trying to juice numbers via nudge prompts.
-
Embed this notice
All GNU social JP content and data are available under the