Microsoft Can Remember It for You Wholesale With Their New Built In Screen Logger

We’re Not Too Sure About Advanced Paste Either

Today Microsoft announced Windows 11 Recall for Copilot+ PCs, billed as a handy way for you to recall information you’ve looked for using your PC.  What it actually will be is a built in AI powered screenlogger that takes a snapshot of your screen every few seconds and saving it for up to three months.  Those screenshots are then analyzed with the help of your on-chip NPU, hence the limited initial roll out, so that data can be extracted from the screenshots to allow you to search through your somewhat recent history.

Microsoft states that the Windows 11 Recall screenshots will only be saved locally and will be encrypted using the BitLocker key tied to the logged in users account.  They also want to reassure users that the AI portion will only be run locally and not need to access any remote LLM resources to index the contents of the screens.  These two statements shouldn’t bring much reassurance, BitLocker is not bulletproof, and is essentially useless if someone can gain access to your PC.  As to the LLM portion, Microsoft likes to collect usage data to improve their software, and LLMs are famously ambivalent about harvesting private data to train themselves.  That suggests that your screenshots are not really guaranteed to remain only on your system, even if you haven’t been compromised.

To make Windows 11 Recall less scary Microsoft claims that it will not record any data from Chrome or Edge InPrivate windows, though they don’t mention any other browsers which leaves one wondering how it detects the InPrivate session.  They say nothing at all about recording sensitive data from your screen, so it will likely capture you logging into your bank account and other things you would much rather not be recorded.

At the same time, they also introduced an Advanced Paste feature to PowerToys for Windows 11 which is, of course, AI powered.  This will let you copy text and then choose to paste it as JSON or just as plain text.  If you are willing to pay for the OpenAI API hook it will do even more, pasting “translations, generated code, a rewrite from casual to professional style, Yoda syntax, or whatever you can think to ask for.”  That pasted data will definitely be uploaded, so you’d best be cautious as to what you place in your clipboard after installing it.

Who needs a virus infection when Microsoft will happily do all the hard work for the hackers?

Leave a Reply