Honestly even if Microsoft were trustworthy this is too much power for anyone. I actually like the recall feature but it would require a fully open source code to trust.
"During testing this with an off the shelf infostealer, I used Microsoft Defender for Endpoint — which detected the off the shelve infostealer — but by the time the automated remediation kicked in (which took over ten minutes) my Recall data was already long gone.”
Even with a fully open-source implementation, that thing tells on you more than normal system logs. I like it being called “privacy bomb” - waiting to give extra data to whoever gets into the computer.
Honestly even if Microsoft were trustworthy this is too much power for anyone. I actually like the recall feature but it would require a fully open source code to trust.
I feel like even if it was open-source, it would still be too big of a target for malware and data exfiltration to ever be justified for most people.
It’s a national security risk https://www.helpnetsecurity.com/2024/06/05/totalrecall-windows-recall-abuse/)
"During testing this with an off the shelf infostealer, I used Microsoft Defender for Endpoint — which detected the off the shelve infostealer — but by the time the automated remediation kicked in (which took over ten minutes) my Recall data was already long gone.”
Even with a fully open-source implementation, that thing tells on you more than normal system logs. I like it being called “privacy bomb” - waiting to give extra data to whoever gets into the computer.