> It’s that it’s the OS putting an always on and enabled-by-default spyware on devices that are frequently shared
And I have to repeat: if Apple Computer had pushed the same product, but with a slide talking about how it was all locally encrypted and unextractable and tied to both the device and the user account, HN would be celebrating the attention to privacy even though macs too are "frequently shared". And the reasoning would be how strong the security engineering was around the process, because we love that stuff and we love macs.
MS doesn't get the same benefit of the doubt, and it leaks into the technical content of the argument, and that's wrong. And FWIW I'm mostly just handwaving the technical details. I mean, do we know for a fact that MS is *not* encrypting this with a TPM-managed key tied to the user account? I bet they are, honestly.
> if Apple Computer had pushed the same product, […], HN would be celebrating the attention to privacy
I don’t believe so, at least not if it’s enabled-by-default.
> MS doesn't get the same benefit of the doubt
Apple doesn’t rely on benefit of the doubt because they are very clear about how the privacy of new products work (say Touch and Face ID), and Microsoft is not. I mean just look at this very thread, it’s super unclear how it works and interacts with other windows feature (some of which are premium) like fde/bitlocker and whether there’s telemetry/training. That obviously contributes to the “harsh” response. As it should.
> I mean just look at this very thread, it’s super unclear how it works and interacts with other windows feature
I agree with you, but that’s not great evidence for your point. Bring up any random Apple feature and people will be quick to warn you about their misunderstandings of it. “Face ID means Apple has all our pictures now!” “Apple Keychain shares all your passwords with them!” Etc.
Windows is actually pushing for bitlocker by default now. I believe new Windows 11 installs either are already or will soon start defaulting to enabling bitlocker across the board.
> telemetry/training
It's really just timer triggered screenshots + OCR + an SLM (small language model) running on device on a TPU/NPU, GPU, or other ONNX compatible device.
I'm generally super uncharitable about Microsoft since a lot of their stuff is a nasty black box with unclear security assumptions however with Recall, it seems like people are really jumping to conclusions without really even looking into what all it is.
This is a largely "unsophisticated" product made by bolting a bunch of more or less preassembled components and the bulk of which is open source.
So the data is intended to be encrypted at rest along with the rest of the OS, it's all run locally (which isn't a handwaivy thing, the tech is all very much capable of running locally) and if you don't have hardware capable of running it, it shouldn't be enabled in the first place.
My confusion with all of this is why Recall didn't start out as a PowerToys feature. It sounds like the exact type of internal "look at this cool little toy I built" thing that generally makes it into PowerToys but I'm assuming some exec ran with the opportunity and said "this is awesome, let's ship it with the OS and make it a highliner feature for our AI push" which is how we got here.
Absolutely not would I give Apple a free pass either. They can say all the nice things they want about protecting my privacy, but I do not trust any commercial entity will act in my best interest. Especially when they all have government requirements to hand over my data when a cop asks nicely.
We are speed running into a neuromancer dystopia where tech companies control every facet of our lives. Why would I be ok with them making it easier to monitor my every keystroke?
And I have to repeat: if Apple Computer had pushed the same product, but with a slide talking about how it was all locally encrypted and unextractable and tied to both the device and the user account, HN would be celebrating the attention to privacy even though macs too are "frequently shared". And the reasoning would be how strong the security engineering was around the process, because we love that stuff and we love macs.
MS doesn't get the same benefit of the doubt, and it leaks into the technical content of the argument, and that's wrong. And FWIW I'm mostly just handwaving the technical details. I mean, do we know for a fact that MS is *not* encrypting this with a TPM-managed key tied to the user account? I bet they are, honestly.