PSA, it looks like KB5037850 was taken out of rotation in Windows Updates... so trying to recreate an Azure ARM64 VM to bring Windows 11 24H2 26100.560 up to 26100.712 likely won't come through. I'm not sure why this was removed, perhaps Microsoft not wanting folks to play with it any more 😂 twitter.com/_JohnHammond/status/1799350383506313671

MOM IM ON TV

People are applauding that Recall is off by default??? What the hell??? How about NOT INSTALLING that misfeature that nobody but the NSA wanted, thank you very much?

“Thank you, thank you, thank you Microsoft.” -hackers, government, cops, FBI, CCP, Google, Apple, Facebook, kidnappers, etc.

Recall is a classic example of just because you could, doesn't mean you should.

Windows Recall is (still) a Security Nightmare

Use AI to extract text from an image but still can't copy a windows error popup to find what the error code is.. priorities guys come on

Time for another antitrust case… Microsoft has no right to put malware companies out of business by bundling it with windows 😂

Still is. That garbage should have never made it into the OS.

"She Chose The Wrong T-Shirt" ... yep you really demonstrated it John

Even turned off i do not want this feature in my windows installation. I'll be switching to linux.

The people who support this feature have the same level of brain-rot to support kernel-level anticheat.

But dude, this tool is so useful! When you get hacked, not only can a hacker access everything on your computer, but see everything you've done in the past!

Crazy how microsoft added its own post exploitation screenlogging module into its OS so I don't have to write my own anymore 💀💀💀

This feature needs to have a giant hack reported in the news before Microsoft gives a crap.

So, in order to do corporate espionage all you need to do is place your man as system admin in an organisation and run a search. Like, what sort of toxic glue has Microsoft been eating on their pizza sauce?

As a Linux user, some distros are trying to implement AI. Please for the love of god learn from Windows failure and never clone that company's decision

Just gonna point out password managers are now going to get compromised due to Microshaft.

201* keylogger is a malware 2024 keylogger is a windows feature

If there was a government crackdown on one certain thing they could say “let us see your computer” and go through recall to see if you participated in said “problem” its so authoritarian for absolutely no reason

Bill Gates be looking at everyone's homework folder soon

"She Chose The Wrong T-Shirt" She surely did

Windows is now assumed malicious.

I don't want to be able to turn this feature off. I don't want this feature even shipped on the Windows install. If it's not possible to remove completely I'm jumping ship 🤓

Literal spyware OS, should be banned from sale.

So basically a keylogger that takes snapshots

They requiring auth is better than nothing but this features means that every windows install in the feature is now 1 or 2 bugs away of being a keylogger for every windows user. And no matter how good I think MS developers are, everyone makes mistakes and with a single zero-day attack someone can potentially silently enable this and collect everything. No need to write a hidden logger. Even though the added security is better than the previous, it's still a nightmare.

Or, my fave. All those screenshots of what you were doing constitute gigabytes upon gigabytes of data, which, if sent up the pipe in their native form, would be an unmistakable and unsustainable traffic flow. But now we have Recall, and advertisers, Microsoft and the government can now just access Recall through a back door! Recall can do all the heavy lifting there locally, using the user's very own hardware! "Hey, Recall, does John have any music that he might not have paid for?" "Hey, Recall, does John have any photos or video that your algorithm might classify as 'prurient'?" "Hey, Recall, did John have any double-plus-ungood communication with any unpeople today?" and instead of wads of screenshots, now "Recall API, the Undisclosed Back Door" can now offer a brief, concise opinion of whether John needs to be considered for a nice knock at his door by the Feds or the local gendarmes.

Recalling recall sounds like the best option. If they care about security, they would be reducing the attack surface, not broadening it 🤦🏻‍♂️

Remember everything is open source if you reverse engineer it

Large corporations own the government, so they are the government. This is big brother.

Oh so recall will BE there, ready to use but not enabled. Here's what's wrong with that and it should be obvious. OPT-IN should be "I install it and run it" not "it's all there waiting to be used but you don't have to use it." Imagine a "self repo feature" in your car or truck that you paid for in cash. My car or truck NEVER needs to be repossessed because it's 100% mine and always has been. I don't want that feature but it's BUILT IN and you can't tell them to REMOVE IT. We live in a world where mistakes are common and normal. I don't need to go any deeper than that. Someone orders a self-repossession on a car or truck and get some entry data wrong and BOOM, my car or truck is no longer in my possession or under my control. Forget about all of the other "But, but, but" anti-commentary, my rights have been violated and I have been harmed because of something that never ever needed to be there in the first place. "I'm sorry your car or life has been damaged... it was just a mistake." A mistake happens when you didn't reasonably know that it could happen. If you REASONABLY KNOW it COULD happen, it's no longer simply an honest mistake -- it is placing people at RISK with intention of private benefit. This is EXACTLY what Microsoft's recall is. This is EXACTLY what Adobe's terms of service is.

*IS Malware will simply enable the recall feature so they don’t need to code an AI keylogger/screen grabber themselves. I know that’s what I’d be doing at least if I was a malware dev.

Haven't used Windows for the past 8 years😅. Stay away from Microsoft folks, run.

Microsoft will always "Recall" this moment.

M$ keeps adding BS to their OS...

The fact that it's a sqllite database really hints at the fact 1. they are prepared for your recall information to be easily sent to serverside databases If it was meant to be local just why use a database and not just store it in a encrypted file. 2. They didn't really put to much effort into the actual development of recall since anyone with a few years of backend experience can probably setup sql database hook up a ocr make a function call to the windows screenshot api so the only hard part would be creating the ui. Yet they pretend it's this revolutionary technology to mask the obvious spyware.

theres no way. When you opened the image folder i thought "surely you cant just rename the file" and then you did just that. amazing.

Who in their right mind gave Recall the Green light for development given the obvious privacy and security issues of the entire concept.

thats crazy. New malware doesnt need to bring its own info stealer, we have recall for that now. Which will not be detected by Antivirus, because its from microsoft itself.

I'm still reluctant to have this available for company computers but that's just me 😅

You literally picked the only four videos I watched about Recall. Hilarious. I’ll never use recall because I’m on Linux but it’s juicy drama

it makes me uncomfortable that windows will ship with all of the DLLs there to do extremely advanced infosec allowing a hacker to ship an extremely small payload and potentially utilize those functions to do some of these features without the encryption features and the UI

NSA, CIA, FBI are pissed that their wish to have this developed and “sold to” the world as good, has fallen on its face, and SO OBVIOUS

I would like to see changes to virtual desktop clients so they refuse to start if recall is turned on. Potentially logging company owned data on a non-corporate owned device is just a leak waiting to happen. If you want to work from home, you have to disable recall first.

Let's cut through the B.S. Post covid, many people are now working from home. Employers want tools to monitor their staff remotely. That's who this is for. It's not so Microsoft can spy on you, it's so your boss can, and that keeps your company firmly on the Windows ecosystem. This feature will be enabled by your organization and will not be something you can opt-out of or disable without admin credentials. But the end users would flip their shit if Microsoft said that, so they're trying to dress it up as a productivity feature for the user. They want you to think it will make your life easier so you accept it. Querying a SQL database across a network is trivial, and unlike most collected telemetry data, there won't be specific IP addresses and domains you can just block to prevent it being sent. It's going to be locked down to your specific organization. So what you need to do now is write a script that injects data into Recall to make it look like you're working, lol. The arms race is on, Lazy bastards unite! We can spoof this data.

i wonder, who in this entire world with 8 billion people thought this feature is good?

The Most sophisticated spyware I've ever seen.

"She Chose The Wrong T-Shirt" thanks John!

I recall windows being a nightmare a long time ago, still happily using linux

Windows Recall is absolutely still a security nightmare and it still affects you even if you don't use Windows. Be careful what you share and who you share it with now.

I remember, years ago fantasizing about being able to capture screen shots and keylogs with time stamps. Never knew Microsoft was already on it 😀

I switched to linux just a few days ago.

Thanks for that John. Interesting to know 😊

I'm sure this is obvious to everybody here, but Recall was developed for Mid to Large corporation to track employees. this does not belong on the modern desktop. Recall is some CEO's dream. This should only be available to large companies with intranets and no real access to the web for employees.

Any version of Recall is a security issue. Such a feature will always be exploited by bad actors.

I would have loved this as a productivity tool if it only managed screenshots I manually took.

I remember when I went back to school online to study Medical Administration and I was required to study a tremendous number of problematic medical conditions, which no one could have easily discerned from a search history between personal searches and those for school. Then meeting people online with various issues I had to familiarize myself with repeated the entire experience where the subsequent search results became weighted and distorted, accordingly.

Oh my god, does that mean, my search history is also recorded?

Microsoft already opened a Pandora box. Even if Recall is dropped altogether, hackers now know it's possible to write this kind of application, and there will be copycats. Maybe part of a rootkit.

I have not even watched the full video but im glad there is a shoutout to Fireship! Thanks for that John!

Could this be why Bitlocker is being pushed for Win11?

I was just wondering how Microsoft came to the conclusion that users wanted this tool?

For the record, you *can* package that python script into an .exe relatively easily so it can run without the interpreter installed.

Yay, Mutahar collaboration with John will be fun

Great video! Thank you. I'll have to check out more on recall.

As far as I can recall, you didn't make a video about this.

Just when am done with an insight, another one 🙌❤💯🙏.

you just demonstrated the whole point at the very beginning, where the screenshot shows "she chose the wrong T-shirt"

someone needs to compare time machine to this, it definitely doesn't take screenshots, but would be interesting to compare

I have that too, it's called Print Screen.

Utterly insane. I can't believe someone thought it was a good idea.

i cant imagine why i would want this as a user.

This is like pegasus, but you’re actually aware it’s on your pc

Man you are the best security research explainer on KZbin💚💚

The problem is that their way of implementing Recall is 'security last'. Security for the sake of not getting grilled too much on Twitter and KZbin. It's just pathetic, a good time to consider switching to another OS for serious tasks.

This thing has made me really paranoid about sending private messages to people who could, conceivably, at any point in the future use Windows. 😅

Ram Eating haCker Assistant LoL

This convinced me to learn linux

I will by honest my concern is and always will be where this intersects corporate security because you see it all the time, all it takes is a single sloppy employee and boom the users pay the price and I am a bit sick of paying, in too many cases a monthly subscription, to be on the losing end of that fight between two parties I have zero control over.

This brings back memories of the security disasters that were "active desktop" and "Every Windows 2000 server gets IIS installed and enabled by default"

see if you can use a veracrypt container to move that folder to it and making a junction. on boot i guess you'd have to delay the recall startup until the container is mounted. doable?

Moving to Linux when Windows 10 EOL 🗣️📢🔥

"I don't recall searching for music and found this video..." 2:24

I have a thesis about the origin of recall :) One day, the developers were sitting in a meeting and talking about how to better monitor the user. One of them said: We could take a screenshot every 5 seconds and send it to our servers! Bill heard that and said: Uhh, that's good, but if it gets out, we're screwed. They scrapped the plan and just implemented it for the users. :) That could be how recall came about. :D Thanks for the video!

If there was a need for this, if people wanted a feature like this, people/ companies would have already made software for it. IMO I don’t believe the whole “it’s an opt-in feature”. “You can choose who sees what”. To me it looks like baby steps to more and more access and control over your computer.

Nadella about prioritization: "Security first!" LOL

THEY EVEN DID NOT TRY TO OBFUSCATE IMAGES WTFFFF? ARE THEY PROGRAMMERS WORK FOR 200K IN YEAR?????

I recall this being a security nightmare.

So this is simply in a folder that you share with Microsoft via One-drive... ?!

Whatever form this "feature" has, and whatever security measures it has, as long as it is seeing what you're looking at, it will always be a security/privacy nightmare. You can always add encryption, etc, but at some point, the user has to decrypt the data to be able to see it, and the computer has no way of knowing who is sitting in front of the screen, or even have administrator access. Also, Microsoft, having control over it, makes it even worse. They are storing it on the device for now, but I am sure they would love to have access to that data, and they could easily give themself access to it.

someone needs to make a meme of an A.I. bot surfing john's hair wave, cause that is a good looking swell right there

It's a perfect feature for employers to look how their employees perform :| ... in one word = concerning

I'm glad Microsoft made the change, but it's not enough. They need to listen to the vast majority of their userbase who have been saying the same thing: WE DON'T WANT THIS SHIT. We don't want copilot, we don't want recall, we don't want any of that AI bloatware bullshit. We just want an OS that works.

Let's be fair and boil it down to this: Recall is literally malware (trojan/spyware), except it's made by Microsoft, so they get to call it "a feature". Then again, with the amount of telemetry Windows has, the OS itself is probably spyware and comes with a rootkit. Ohwait, I'm sorry, I meant "features".

Crazy thing is that LG TVs do a similar thing but instead of it being a feature that can benefit the user, they send screenshots of whatever is displayed to the cloud and do marketing analysis. So if you use an LG TV for sensitive things make sure it's opted out or even better, completely offline. How is that even legal? It's on by default. I can imagine that being the next step for Microsoft, they must be drooling over the idea.

So. Everything else aside, let's assume that those coordinates are clicks or even window layouts on a screen over time. Super useful information for malware hackers. Pop UNC, move to that person's common coordinates based on analysis. Bang job done.

Windows Recall.. Gets Recalled.

This is a great example of why you should never introduce an attack vector unless it's really worth it and you make sure it's very, very secure.

I think this was by intension to see if we can pick it up