The world is up-in-arms over Windows Recall, but why? It stems from Microsoft's seeming lack of care for Windows and its users.
It's a nightmare scenario for Microsoft. The headlining feature of its new Copilot+ PC initiative, which is supposed to drive millions of PC sales over the next couple of years, is under significant fire for being what many say is a major breach of privacy and security on Windows. That feature in question is Windows Recall, a new AI tool designed to remember everything you do on Windows. The feature that we never asked and never wanted it.
Microsoft, has done a lot to degrade the Windows user experience over the last few years. Everything from obtrusive advertisements to full-screen popups, ignoring app defaults, forcing a Microsoft Account, and more have eroded the trust relationship between Windows users and Microsoft.
It's no surprise that users are already assuming that Microsoft will eventually end up collecting that data and using it to shape advertisements for you. That really would be a huge invasion of privacy, and people fully expect Microsoft to do it, and it's those bad Windows practices that have led people to this conclusion.
It's also important to remember that Microsoft has no monetary incentive to force people to use Windows Recall.
With that in mind, there would be no reason for Microsoft to automatically enable Windows Recall in an update down the line. If it does happen, the user will be able to instantly tell thanks to that that visual indicator and turn it off again.
This article is nothing but propaganda. There is huge monetary incentive to force people to use Windows Recall and collect their data, and Microsoft routinely uses Windows Update to enable data collection. They began that practice years ago on Windows 7. It's a ridiculously simple matter for MS to disable the visual indicator and force This Week's Plan on their users to monetize their data.
Windows Central pretends to be critical of plans to enable a feature that can be made into malware by Microsoft in a couple of minutes, but then back peddles and says it can't be done (utter BS) and if it could be, it wouldn't be that bad.
Even if the database remains local only forever, which I don't believe for a second, the computer will eventually make hyperspecific requests for ads based on the spying.
Only data that is not stored cannot fall victim to attackers. It does not matter whether it is a 'nigerian prince', Microsoft or some agency. Even if you completly trust whatever entity with your data right now, they may become problematic in the future.
This is why a low profile is a crucial component of OPsec.
Recall is objectively stupid, even if Microsoft only had their users best interest in mind. And they don't.