At the tail end of last week, Microsoft finally admitted – as it pulled 24H2 from the Release Preview Channel – that the Recall feature, which takes a snapshot of whatever is on the user's screen every few seconds, was going to need some changes before the preview ships on June 18.
Presumably to minimize exposure while they add the announced security band-aids?
So... while I have you guys here, how do we feel about iOS having just announced basically the same feature? We angy about that one too or nah?
I mean, joking aside, I'm genuinely curious about what the reaction is going to be. On paper it's a very similar concept, but it feels like routing it through Siri and not surfacing the stored data will legitimately kill some of the creepy factor even if what's happening behind the scenes is very similar.
TheMinions@lemmy.world
on 11 Jun 14:48
nextcollapse
The fans will lap it up and all those Apple YouTubers will gush about how Apple’s new invention is the best invention ever. Apple has the advantage of owning a cult.
I disagree, I think Apple will do this feature with privacy/security in mind which Microsoft didn’t do.
I absolutely don’t like Apple but I think it’s undeniable that they try to keep their OS secure. It’s still a golden prison but at least it takes privacy fairly seriously.
Microsoft didn’t seem to think about the challenges of that feature and it looks like a draft from an intern after a 1 hour meeting.
Obviously, something that scan a user screen has some implications that are hard to miss.
So yeah it’s easy to point at people and say they are fanboys. But in this case the fanboys would be probably right in the sense that Apple already did better than Microsoft when it comes to privacy.
At the end of the day both are businesses that you shouldn’t trust with your data but I would trust a lot more Apple than Microsoft for doing this right.
Well, yeah, but the baseline for outrage was with the feature existing, not with it being secure or not. There were a lot of people making the case that anybody who can open your computer because they have your password (abusive partners included) could then have a lot of access to your activity. That seems to carry over to this feature, too.
So I guess the question is, is there a "doing this right" version of this or not? You seem to implicitly be on the yes side, I'll be curious to find out if that's the majority.
There were a lot of people making the case that anybody who can open your computer because they have your password (abusive partners included) could then have a lot of access to your activity.
Isn’t this true for any process with elevated privileges on your computer?
The valorant anticheat could just as well get all your data without you ever knowing it.
At the very least it’s better to have that feature in a secure setup rather than the Microsoft approach where it seems like an afterthought at best.
You know I’d rather people be on Linux where you can check what is going on rather than blindly trusting Microsoft (or Apple) that they only do what they tell me they do on my system.
I’m just saying that it’s not good to immediately assume what Apple will do will be as bad as Microsoft. They could take a bad idea and make it a slightly less bad idea.
Also security and privacy has very little value for the average consumer so it’s naive to think the feature won’t be used and useful to many people.
Most people give willingly their data to social networks so these kind of feature and their effect on privacy seems a bit pointless to me. If you don’t like that kind of feature maybe a closed sourced system is not for you after all.
It’s like people are worried about leaking data on what they do on their Windows computer all the while they already sent a ton of telemetry to Microsoft for years. Nvidia will happily scan all the apps you start for troubleshooting purposes.
Every little bit helps but I really think using windows and asking for your privacy to be respected is strange.
Windows 11 was already a privacy nightmare before this feature was tested.
Well, no, you can't ask the Valorant anticheat what the computer's user was doing three days ago. They could be risking a massive lawsuit by also monitoring what you do, but it's reasonable to assume they don't, and even if they could they would have the data, not your boss or your partner.
But it's interesting to see the framing shift from "can't trust corporations to do what they say they're doing" to "normal users have no use for privacy anyway". That's the fascinating part for me, the places where PR and branding change the framing. The features themselves are whatever. I don't like them, personally, but we'll see where it goes. It's the messaging that fascinates me.
people generally probably hate the iOS integration just because it’s another AI product, but they’re fundamentally different. the problem with Recall isn’t the AI, it’s the trove of extra data that gets collected that you normally wouldn’t save to disk whereas the iOS features are only accessing existing data that you give it access to.
from my perspective this is a pretty good use case for “AI” and about as good as you can do privacy wise, if their claims pan out. most features use existing data that is user controlled and local models, and it’s pretty explicit about when it’s reaching out to the cloud.
this data is already accessible by services on your phone or exists in iCloud. if you don’t trust that infrastructure already then of course you don’t want this feature. you know how you can search for pictures of people in Photos? that’s the terrifying cLoUD Ai looking through your pictures and classifying them. this feature actually moves a lot of that semantic search on device, which is inherently more private.
of course it does make access to that data easier, so if someone could unlock your device they could potentially get access to sensitive data with simple prompts like “nudes plz”, but you should have layers of security on more sensitive stuff like bank or social accounts that would keep Siri from reading it. likely Siri won’t be able to get access to app data unless it’s specified via their API.
Wait, no, that doesn't sound right. From the way Apple describes this they are accessing all your info, plus extracting context from it. So not only does it know people's faces, who sent you what when, the content of every image on your device and every message you sent or received, but it knows which people are related to you and how, where you are and a bunch of other stuff.
Plus there are other issues on the Apple side where it compares worse in terms of privacy. As far as I can tell this doesn't have an opt-out, right? And they do send the data to Apple servers for processing (but don't store it), which the MS version doesn't do at all. It seems like they each have ways in which they're worse than the other privacy-wise, although presumably the only actually secure option between the two would be Windows with Recall turned off, unless Apple do have an opt-out they're not talking about.
Ultimately, like I've been telling everyone, the interesting bit here is how the presentation of each of them and the branding and positioning of each brand alter the outcome. Both MS and Apple are arguing the same thing: that your data is secure because their system is secure and your data remains local or at least under your control. But one of them did not pay any mind to presenting security as a concern and will only ship some common sense additional security in response to pushback while the others will ship something very similar but reassuring you in a calm voice that this is all very private even if it's flying through the ether to an Apple server. So one is "a security and privacy nightmare" and the other one... well, if you have your nudes just sitting in your personal device you're really just asking for it, you know?
That is the kind of understanding of marketing that separates Apple from MS, if you ask me. A whole master class in branding right there. I'll go one further: Based on what I'm reading about this, I suspect if MS had announced their bad, unencrypted leaky version today, after the Apple presentation they would have seen less angry pushback because Apple's good messaging would have smoothed things over for both.
Human brains are squishy and weird.
mark3748@sh.itjust.works
on 11 Jun 22:08
nextcollapse
Apples AI is mostly processed on device. That’s why it takes an iPhone 15 pro or an M-series processor. They also claim that what is processed in the cloud is neither identifiable nor stored, just processed. We will know if that’s true (at least what is being sent) as soon as it gets out into the public and we can start picking apart the traffic.
There is no mention of opt-out or not yet, probably because we’re several months away from the actual release. I’m sure we’ll get more information before then.
MS's AI is entirely processed on device. That was their entire security pitch: the data never leaves your PC, why are you all getting so angry about it? Isn't your PC secure?
But you didn't remember that because you were already angry when you read the headlines and that was only two paragraphs down and also it's a terrible argument that doesn't resolve any of the valid concerns people had.
But Apple went out there and talked about sending the name and face of your auntie to their servers along with every email she's ever sent you for a computer to parse exactly how close you are to her like it's the best thing that's happened to your privacy this century. And they sounded like they meant it and were vague enough and they said they pinky promise to not keep any of that info for themselves. And you don't just remember, you believe it.
They are really, REALLY good at this, and that's only helped by how bad Microsoft is at it.
i’d be very surprised if it doesn’t have an opt out.
a point i was trying to make is that a lot of this info already exists on their servers, and your trust in the privacy of that is what it is. if you don’t trust them that it’s run on per user virtualized compute, that it’s e2e encrypted, or that they’re using local models i don’t know what to tell you. the model isn’t hoovering up your messages and sending them back to Apple unencrypted. it doesn’t need to for these features.
all that said, this is just what they’ve told us, and there aren’t many people who know exactly what the implementation details are.
the privacy issue with Recall, as i said, is that it collects a ton of data passively, without explicit consent. if i open my KeePass database on a Recall enabled machine, i have little assurance that this bot doesn’t know my Gmail password. this bot uses existing data, in controlled systems. that’s the difference. sure maybe people see Apple as more trustworthy, but maybe sociology has something to do with your reaction to it as well.
No, but hear me out, that's the thing. That's why they're so good.
I didn't even consider an opt-out throught that entire presentation.
They clearly don't have one, in retrospect. If you go watch it they aren't even entertaining that option. This is how stuff works now. If you squint, this is how it's always been, it just hadn't been deployed yet. It's magnificently ruthless. They don't even frame it as a feature that you have that lives in its own space and you could potentially turn on and off.
This is just how Apple devices work now. It's just what they do. What do you mean opt out? Could you opt out of the Retina display or the Dynamic Island? It's just a fact of life.
They are so good. I can't believe we all spent a week arguing about an opt out that MS had confirmed day one and Apple was able to entirely bypass the issue for like half an hour and even I, thinking and posting about it, took like an extra day to notice that they are not even surfacing the possibility that you may not want this. That's some next level marketing wizardry right there.
Well, presumably neither does the Windows version they'll ship, according to them. But it IS supposed to record all activity on the background. I don't know that it's doing OCR, but presumably that's because they don't have to, since they control more of the ecosystem. From how it was described it's closer to Timeline, where it's logging all activities you take on the device and then uses an AI search to parse them and identify them. If it can find a picture you were watching on a specific time range by its content it must be logging with enough detail to know what's on the screen at all times. And unlike MS they are not committing to not sending the data over to server, although they are comitting to not storing it.
But hey, this is a good case of them hiding just what they are pulling helping them make it sound less creepy even though it really isn't. This is the kind of reasoning I was wondering about. As I said above, it'll be interesting to see how sticky this framing is.
OsrsNeedsF2P@lemmy.ml
on 11 Jun 15:02
nextcollapse
I love how Apple is flying under the radar, doing effectively the same thing, because they used the word “Private” in every heading and server name
Wrong. In the keynote, they announced that the server handling all this will be open source and anyone can analyse the code for exactly the malicious behaviour that Microsoft is pushing.
I’m not an Apple shill, but at least this they handled much better than MS
It’s also still relatively easy to tinker with windows to remove things you don’t like while still getting to use all of your software. Linux requires a lot of tinkering too but it’s so that you can use your software in the first place. It’s easier for me to tinker to eventually remove bloat and disable features I don’t use than it is for me to have to tinker to use my software and features in the first place.
rottingleaf@lemmy.zip
on 11 Jun 17:10
nextcollapse
“Experience space travel the old-fashioned way on a real, live holiday you can afford.”
Retro_unlimited@lemmy.world
on 11 Jun 17:18
nextcollapse
lol too late, I’m on Linux, my server runs Linux, my dads on Linux, and later today my wife will be on Linux.
threaded - newest
Whoops, forgot to add more bloat
<img alt="Oops All Bloatware Cereal Box" src="https://i.postimg.cc/vTfTjkRy/8tihme.jpg">
Why does it have a picture of Google’s CEO?
He took 24H2 for a test drive and they stole his identity
Because I hadn’t had my coffee yet.
I’ll fix it and make one with Tim Cook on my lunch break.
They “Recalled” it!.. :P
“When you hear the crunch, you’re there.”
“Recall, Recall, Recall~”
Yup, total recall.
Presumably to minimize exposure while they add the announced security band-aids?
So... while I have you guys here, how do we feel about iOS having just announced basically the same feature? We angy about that one too or nah?
I mean, joking aside, I'm genuinely curious about what the reaction is going to be. On paper it's a very similar concept, but it feels like routing it through Siri and not surfacing the stored data will legitimately kill some of the creepy factor even if what's happening behind the scenes is very similar.
I’m pretty mad about the iOS “upgrade” too.
The fans will lap it up and all those Apple YouTubers will gush about how Apple’s new invention is the best invention ever. Apple has the advantage of owning a cult.
I disagree, I think Apple will do this feature with privacy/security in mind which Microsoft didn’t do.
I absolutely don’t like Apple but I think it’s undeniable that they try to keep their OS secure. It’s still a golden prison but at least it takes privacy fairly seriously.
Microsoft didn’t seem to think about the challenges of that feature and it looks like a draft from an intern after a 1 hour meeting.
Obviously, something that scan a user screen has some implications that are hard to miss.
So yeah it’s easy to point at people and say they are fanboys. But in this case the fanboys would be probably right in the sense that Apple already did better than Microsoft when it comes to privacy.
At the end of the day both are businesses that you shouldn’t trust with your data but I would trust a lot more Apple than Microsoft for doing this right.
Well, yeah, but the baseline for outrage was with the feature existing, not with it being secure or not. There were a lot of people making the case that anybody who can open your computer because they have your password (abusive partners included) could then have a lot of access to your activity. That seems to carry over to this feature, too.
So I guess the question is, is there a "doing this right" version of this or not? You seem to implicitly be on the yes side, I'll be curious to find out if that's the majority.
Isn’t this true for any process with elevated privileges on your computer?
The valorant anticheat could just as well get all your data without you ever knowing it.
At the very least it’s better to have that feature in a secure setup rather than the Microsoft approach where it seems like an afterthought at best.
You know I’d rather people be on Linux where you can check what is going on rather than blindly trusting Microsoft (or Apple) that they only do what they tell me they do on my system.
I’m just saying that it’s not good to immediately assume what Apple will do will be as bad as Microsoft. They could take a bad idea and make it a slightly less bad idea.
Also security and privacy has very little value for the average consumer so it’s naive to think the feature won’t be used and useful to many people.
Most people give willingly their data to social networks so these kind of feature and their effect on privacy seems a bit pointless to me. If you don’t like that kind of feature maybe a closed sourced system is not for you after all.
It’s like people are worried about leaking data on what they do on their Windows computer all the while they already sent a ton of telemetry to Microsoft for years. Nvidia will happily scan all the apps you start for troubleshooting purposes.
Every little bit helps but I really think using windows and asking for your privacy to be respected is strange.
Windows 11 was already a privacy nightmare before this feature was tested.
Well, no, you can't ask the Valorant anticheat what the computer's user was doing three days ago. They could be risking a massive lawsuit by also monitoring what you do, but it's reasonable to assume they don't, and even if they could they would have the data, not your boss or your partner.
But it's interesting to see the framing shift from "can't trust corporations to do what they say they're doing" to "normal users have no use for privacy anyway". That's the fascinating part for me, the places where PR and branding change the framing. The features themselves are whatever. I don't like them, personally, but we'll see where it goes. It's the messaging that fascinates me.
people generally probably hate the iOS integration just because it’s another AI product, but they’re fundamentally different. the problem with Recall isn’t the AI, it’s the trove of extra data that gets collected that you normally wouldn’t save to disk whereas the iOS features are only accessing existing data that you give it access to.
from my perspective this is a pretty good use case for “AI” and about as good as you can do privacy wise, if their claims pan out. most features use existing data that is user controlled and local models, and it’s pretty explicit about when it’s reaching out to the cloud.
this data is already accessible by services on your phone or exists in iCloud. if you don’t trust that infrastructure already then of course you don’t want this feature. you know how you can search for pictures of people in Photos? that’s the terrifying cLoUD Ai looking through your pictures and classifying them. this feature actually moves a lot of that semantic search on device, which is inherently more private.
of course it does make access to that data easier, so if someone could unlock your device they could potentially get access to sensitive data with simple prompts like “nudes plz”, but you should have layers of security on more sensitive stuff like bank or social accounts that would keep Siri from reading it. likely Siri won’t be able to get access to app data unless it’s specified via their API.
Wait, no, that doesn't sound right. From the way Apple describes this they are accessing all your info, plus extracting context from it. So not only does it know people's faces, who sent you what when, the content of every image on your device and every message you sent or received, but it knows which people are related to you and how, where you are and a bunch of other stuff.
Plus there are other issues on the Apple side where it compares worse in terms of privacy. As far as I can tell this doesn't have an opt-out, right? And they do send the data to Apple servers for processing (but don't store it), which the MS version doesn't do at all. It seems like they each have ways in which they're worse than the other privacy-wise, although presumably the only actually secure option between the two would be Windows with Recall turned off, unless Apple do have an opt-out they're not talking about.
Ultimately, like I've been telling everyone, the interesting bit here is how the presentation of each of them and the branding and positioning of each brand alter the outcome. Both MS and Apple are arguing the same thing: that your data is secure because their system is secure and your data remains local or at least under your control. But one of them did not pay any mind to presenting security as a concern and will only ship some common sense additional security in response to pushback while the others will ship something very similar but reassuring you in a calm voice that this is all very private even if it's flying through the ether to an Apple server. So one is "a security and privacy nightmare" and the other one... well, if you have your nudes just sitting in your personal device you're really just asking for it, you know?
That is the kind of understanding of marketing that separates Apple from MS, if you ask me. A whole master class in branding right there. I'll go one further: Based on what I'm reading about this, I suspect if MS had announced their bad, unencrypted leaky version today, after the Apple presentation they would have seen less angry pushback because Apple's good messaging would have smoothed things over for both.
Human brains are squishy and weird.
Apples AI is mostly processed on device. That’s why it takes an iPhone 15 pro or an M-series processor. They also claim that what is processed in the cloud is neither identifiable nor stored, just processed. We will know if that’s true (at least what is being sent) as soon as it gets out into the public and we can start picking apart the traffic.
There is no mention of opt-out or not yet, probably because we’re several months away from the actual release. I’m sure we’ll get more information before then.
MS's AI is entirely processed on device. That was their entire security pitch: the data never leaves your PC, why are you all getting so angry about it? Isn't your PC secure?
But you didn't remember that because you were already angry when you read the headlines and that was only two paragraphs down and also it's a terrible argument that doesn't resolve any of the valid concerns people had.
But Apple went out there and talked about sending the name and face of your auntie to their servers along with every email she's ever sent you for a computer to parse exactly how close you are to her like it's the best thing that's happened to your privacy this century. And they sounded like they meant it and were vague enough and they said they pinky promise to not keep any of that info for themselves. And you don't just remember, you believe it.
They are really, REALLY good at this, and that's only helped by how bad Microsoft is at it.
a lot of things are unknown.
i’d be very surprised if it doesn’t have an opt out.
a point i was trying to make is that a lot of this info already exists on their servers, and your trust in the privacy of that is what it is. if you don’t trust them that it’s run on per user virtualized compute, that it’s e2e encrypted, or that they’re using local models i don’t know what to tell you. the model isn’t hoovering up your messages and sending them back to Apple unencrypted. it doesn’t need to for these features.
all that said, this is just what they’ve told us, and there aren’t many people who know exactly what the implementation details are.
the privacy issue with Recall, as i said, is that it collects a ton of data passively, without explicit consent. if i open my KeePass database on a Recall enabled machine, i have little assurance that this bot doesn’t know my Gmail password. this bot uses existing data, in controlled systems. that’s the difference. sure maybe people see Apple as more trustworthy, but maybe sociology has something to do with your reaction to it as well.
No, but hear me out, that's the thing. That's why they're so good.
I didn't even consider an opt-out throught that entire presentation.
They clearly don't have one, in retrospect. If you go watch it they aren't even entertaining that option. This is how stuff works now. If you squint, this is how it's always been, it just hadn't been deployed yet. It's magnificently ruthless. They don't even frame it as a feature that you have that lives in its own space and you could potentially turn on and off.
This is just how Apple devices work now. It's just what they do. What do you mean opt out? Could you opt out of the Retina display or the Dynamic Island? It's just a fact of life.
They are so good. I can't believe we all spent a week arguing about an opt out that MS had confirmed day one and Apple was able to entirely bypass the issue for like half an hour and even I, thinking and posting about it, took like an extra day to notice that they are not even surfacing the possibility that you may not want this. That's some next level marketing wizardry right there.
I feel like people who buy apple products aren’t the same people who don’t want apple seeing everything they do.
Just Say No To crApple has been my attitude towards them for years and their latest moves will not change that one tiny bit.
Apple didn’t announce anything even close to Recall. Apples AI directly accesses data it doesn’t save an unencrypted screenshot every 3 seconds.
Well, presumably neither does the Windows version they'll ship, according to them. But it IS supposed to record all activity on the background. I don't know that it's doing OCR, but presumably that's because they don't have to, since they control more of the ecosystem. From how it was described it's closer to Timeline, where it's logging all activities you take on the device and then uses an AI search to parse them and identify them. If it can find a picture you were watching on a specific time range by its content it must be logging with enough detail to know what's on the screen at all times. And unlike MS they are not committing to not sending the data over to server, although they are comitting to not storing it.
But hey, this is a good case of them hiding just what they are pulling helping them make it sound less creepy even though it really isn't. This is the kind of reasoning I was wondering about. As I said above, it'll be interesting to see how sticky this framing is.
I love how Apple is flying under the radar, doing effectively the same thing, because they used the word “Private” in every heading and server name
Wrong. In the keynote, they announced that the server handling all this will be open source and anyone can analyse the code for exactly the malicious behaviour that Microsoft is pushing.
I’m not an Apple shill, but at least this they handled much better than MS
I bet they’ve come up with a new way to convince people to switch to Linux
Vista was going to make everybody go Linux. Then Windows 8. Then Windows 11 requirements. Then Recall…
Let’s me honest. Average Joe doesn’t understand or care.
Right now for 75% of users it’s less work to install Linux than Windows, with all the crap people does to avoid TPM, Microsoft account, edge…
It’s also still relatively easy to tinker with windows to remove things you don’t like while still getting to use all of your software. Linux requires a lot of tinkering too but it’s so that you can use your software in the first place. It’s easier for me to tinker to eventually remove bloat and disable features I don’t use than it is for me to have to tinker to use my software and features in the first place.
“Experience space travel the old-fashioned way on a real, live holiday you can afford.”
lol too late, I’m on Linux, my server runs Linux, my dads on Linux, and later today my wife will be on Linux.
If feel like this community could use a bot that comments the following on every post:
Delete facebook, hit the gym.