{"video_id":"fp_kREO8W98cc","title":"Microsoft Says They Fixed Windows Recall… I Still Don’t Like It…","channel":"Linus Tech Tips","show":"Linus Tech Tips","published_at":"2025-06-05T16:53:00.039Z","duration_s":879,"segments":[{"start_s":0.0,"end_s":3.32,"text":"This time last year, Microsoft rushed Windows Recall","speaker":null,"is_sponsor":0},{"start_s":3.32,"end_s":7.84,"text":"into public testing, allowing AI PCs, whatever those are,","speaker":null,"is_sponsor":0},{"start_s":7.84,"end_s":12.84,"text":"to record, catalog, and even revisit all user interactions.","speaker":null,"is_sponsor":0},{"start_s":12.84,"end_s":17.84,"text":"You know, in case you forgot how to open up your browser history or scroll up in a chat window.","speaker":null,"is_sponsor":0},{"start_s":17.84,"end_s":22.8,"text":"And to say that that rollout went poorly would be a gross understatement.","speaker":null,"is_sponsor":0},{"start_s":22.8,"end_s":28.68,"text":"I really don't know what they were expecting though. I mean, days prior, CEO Satya Nadella called for Microsoft","speaker":null,"is_sponsor":0},{"start_s":28.68,"end_s":32.68,"text":"to prioritize security above all else.","speaker":null,"is_sponsor":0},{"start_s":32.68,"end_s":38.44,"text":"And then they immediately start pushing this app that not only records everything that appears","speaker":null,"is_sponsor":0},{"start_s":38.44,"end_s":44.24,"text":"on the screen of your computer, but also utilizes the AI capabilities of said computer","speaker":null,"is_sponsor":0},{"start_s":44.24,"end_s":48.64,"text":"to turn everything it sees into an easily searchable database.","speaker":null,"is_sponsor":0},{"start_s":48.64,"end_s":52.0,"text":"Now, Microsoft claim was that all of that's fine","speaker":null,"is_sponsor":0},{"start_s":52.0,"end_s":57.44,"text":"and that Recall is totally secure. Unfortunately, that held up for about as long as it took","speaker":null,"is_sponsor":0},{"start_s":57.44,"end_s":61.6,"text":"for someone to download the preview and then track down the folder that it was writing to,","speaker":null,"is_sponsor":0},{"start_s":61.6,"end_s":65.48,"text":"at which point the entire internet lost its collective mind","speaker":null,"is_sponsor":0},{"start_s":65.48,"end_s":70.0,"text":"over how absolutely not secure it actually was.","speaker":null,"is_sponsor":0},{"start_s":70.0,"end_s":73.72,"text":"Now, it was about that time that we wrote this video,","speaker":null,"is_sponsor":0},{"start_s":73.72,"end_s":77.08,"text":"tearing the whole thing apart. But then as we were set to film it,","speaker":null,"is_sponsor":0},{"start_s":77.08,"end_s":82.4,"text":"Microsoft announced that they would postpone Recall in response to the community's concerns.","speaker":null,"is_sponsor":0},{"start_s":82.4,"end_s":86.48,"text":"And here we are a year later and Recalls back, baby.","speaker":null,"is_sponsor":0},{"start_s":86.48,"end_s":92.2,"text":"But have all the problems really been addressed? I mean, was it even that bad before it got delayed?","speaker":null,"is_sponsor":0},{"start_s":92.2,"end_s":94.92,"text":"Am I ever gonna segue to our sponsor?","speaker":null,"is_sponsor":0},{"start_s":97.92,"end_s":102.92,"text":"Before we go any further, what is Recall again?","speaker":null,"is_sponsor":0},{"start_s":106.88,"end_s":114.56,"text":"And what was everyone so upset about last time? I can't seem to recall, records everything","speaker":null,"is_sponsor":0},{"start_s":114.6,"end_s":117.88,"text":"that appears on the screen of your computer. Oh, that's it.","speaker":null,"is_sponsor":0},{"start_s":117.88,"end_s":121.68,"text":"Windows Recall takes screenshots, they call them snapshots,","speaker":null,"is_sponsor":0},{"start_s":121.68,"end_s":126.04,"text":"of whatever it is that you're doing on your PC every few seconds and then feeds them","speaker":null,"is_sponsor":0},{"start_s":126.04,"end_s":130.92,"text":"through AI-assisted optical text recognition and image analysis, then stores it all","speaker":null,"is_sponsor":0},{"start_s":130.92,"end_s":133.96,"text":"in a local database for your convenience.","speaker":null,"is_sponsor":0},{"start_s":133.96,"end_s":137.56,"text":"And they only need 10% of your hard drive space to do it?","speaker":null,"is_sponsor":0},{"start_s":137.56,"end_s":141.28,"text":"Outstanding. The idea then is that you can fire up Recall","speaker":null,"is_sponsor":0},{"start_s":141.28,"end_s":144.48,"text":"and ask it things like, hey, what was that Korean restaurant","speaker":null,"is_sponsor":0},{"start_s":144.48,"end_s":147.72,"text":"that Alice mentioned the other day? And then without you needing to remember","speaker":null,"is_sponsor":0},{"start_s":147.72,"end_s":153.48,"text":"whether it was an email, a Teams message, or a random calendar invite, Recall will crap out","speaker":null,"is_sponsor":0},{"start_s":153.48,"end_s":158.2,"text":"a snapshot that has the result for you. You can even copy and paste text and images","speaker":null,"is_sponsor":0},{"start_s":158.2,"end_s":163.56,"text":"from within those saved snapshots to easily search or share them, which I have to admit,","speaker":null,"is_sponsor":0},{"start_s":163.56,"end_s":168.96,"text":"does sound kind of nifty. And supposedly it is a lot more secure now,","speaker":null,"is_sponsor":0},{"start_s":168.96,"end_s":172.16,"text":"but I am not gonna take Microsoft's word for it.","speaker":null,"is_sponsor":0},{"start_s":172.16,"end_s":175.52,"text":"Not when I can compare them both side by side.","speaker":null,"is_sponsor":0},{"start_s":175.52,"end_s":179.28,"text":"You see, this machine is running new Recall.","speaker":null,"is_sponsor":0},{"start_s":179.28,"end_s":182.92,"text":"You don't need anything super special to use it, just a co-pilot plus ready PC","speaker":null,"is_sponsor":0},{"start_s":182.92,"end_s":186.24,"text":"that meets the secured core standard. Also a couple of other things","speaker":null,"is_sponsor":0},{"start_s":186.24,"end_s":189.96,"text":"that any such machine would likely have. But that wasn't always the case.","speaker":null,"is_sponsor":0},{"start_s":189.96,"end_s":194.76,"text":"See, the original Windows Recall was only officially available on laptops","speaker":null,"is_sponsor":0},{"start_s":194.76,"end_s":197.76,"text":"with Snapdragon X Elite and X Plus processors,","speaker":null,"is_sponsor":0},{"start_s":197.76,"end_s":201.8,"text":"which unfortunately we didn't have access to at the time.","speaker":null,"is_sponsor":0},{"start_s":201.8,"end_s":205.08,"text":"But thanks to a legend by the name of Albuquer,","speaker":null,"is_sponsor":0},{"start_s":205.08,"end_s":208.84,"text":"we were able to get it up and running on this old HP Elite Folio,","speaker":null,"is_sponsor":0},{"start_s":208.84,"end_s":213.32,"text":"which conveniently has been powered down with its radios off going,","speaker":null,"is_sponsor":0},{"start_s":213.32,"end_s":218.56,"text":"la la la la la, I can't even use Windows update. Since before Microsoft delayed the launch,","speaker":null,"is_sponsor":0},{"start_s":218.56,"end_s":223.16,"text":"allowing us to compare old Recall to new Recall.","speaker":null,"is_sponsor":0},{"start_s":223.16,"end_s":228.32,"text":"Let's see exactly what's different. Well, for starters, Recall is now hopped in","speaker":null,"is_sponsor":0},{"start_s":228.32,"end_s":233.32,"text":"instead of being on by default. That is a very big improvement.","speaker":null,"is_sponsor":0},{"start_s":233.32,"end_s":238.44,"text":"But with that said, Microsoft has a long, proud history of using dark patterns","speaker":null,"is_sponsor":0},{"start_s":238.44,"end_s":242.6,"text":"to trick you into changing default system settings or even just changing them on their own.","speaker":null,"is_sponsor":0},{"start_s":242.6,"end_s":246.12,"text":"So I'm gonna believe that this is permanent when I see it.","speaker":null,"is_sponsor":0},{"start_s":246.12,"end_s":250.6,"text":"What else has changed? Well, Microsoft now says that Recall is secure","speaker":null,"is_sponsor":0},{"start_s":250.6,"end_s":253.8,"text":"with the data encrypted, protected by BitLocker","speaker":null,"is_sponsor":0},{"start_s":253.8,"end_s":257.32,"text":"and requiring Windows Hello authentication.","speaker":null,"is_sponsor":0},{"start_s":257.32,"end_s":263.4,"text":"Of course they said it was secure a year ago too though, so let's make our way through this helpful FAQ from 2024","speaker":null,"is_sponsor":0},{"start_s":263.4,"end_s":268.24,"text":"and compare what they said then and how it behaves on both of our machines.","speaker":null,"is_sponsor":0},{"start_s":268.24,"end_s":272.28,"text":"Let's see here. Recall snapshots are kept on the local hard disk.","speaker":null,"is_sponsor":0},{"start_s":272.28,"end_s":278.08,"text":"Okay, that was true before. In fact, they're right here in this core AI platform folder","speaker":null,"is_sponsor":0},{"start_s":278.08,"end_s":281.96,"text":"under the user's local app data and okay.","speaker":null,"is_sponsor":0},{"start_s":281.96,"end_s":286.4,"text":"Yep, that looks like it's still true. How about data is protected","speaker":null,"is_sponsor":0},{"start_s":286.4,"end_s":289.48,"text":"using disk encryption and BitLocker?","speaker":null,"is_sponsor":0},{"start_s":289.48,"end_s":292.84,"text":"Well, that was at least partly true back in 2024,","speaker":null,"is_sponsor":0},{"start_s":292.84,"end_s":296.08,"text":"but it was also pretty misleading.","speaker":null,"is_sponsor":0},{"start_s":296.08,"end_s":300.48,"text":"See, BitLocker would protect your data, including your Recall snapshots.","speaker":null,"is_sponsor":0},{"start_s":300.48,"end_s":303.64,"text":"If somebody stole your device, but if you were logged in","speaker":null,"is_sponsor":0},{"start_s":303.64,"end_s":307.76,"text":"and you just stepped away for a moment, then those snapshots would be protected","speaker":null,"is_sponsor":0},{"start_s":307.76,"end_s":311.6,"text":"only by Windows permissions. And I don't know all this for sure,","speaker":null,"is_sponsor":0},{"start_s":311.6,"end_s":314.88,"text":"but I think most lead hacksaws are pretty good","speaker":null,"is_sponsor":0},{"start_s":315.0,"end_s":319.6,"text":"at clicking continue. All right, let's see what else we've got here.","speaker":null,"is_sponsor":0},{"start_s":319.6,"end_s":322.68,"text":"We've got show file extensions on, by the way.","speaker":null,"is_sponsor":0},{"start_s":322.68,"end_s":327.68,"text":"So I'm gonna go it on a limb and guess that this .db file here is the database.","speaker":null,"is_sponsor":0},{"start_s":327.68,"end_s":332.92,"text":"And if we look at the file header in a hex editor, it looks like it's just a SQLite database.","speaker":null,"is_sponsor":0},{"start_s":332.92,"end_s":336.24,"text":"So we can use any of the dozens of free tools out there to interact with that.","speaker":null,"is_sponsor":0},{"start_s":336.24,"end_s":339.28,"text":"And there it is.","speaker":null,"is_sponsor":0},{"start_s":339.28,"end_s":341.72,"text":"Look at all that plain text.","speaker":null,"is_sponsor":0},{"start_s":342.88,"end_s":346.16,"text":"Oh my God. I read about this back then,","speaker":null,"is_sponsor":0},{"start_s":346.16,"end_s":350.32,"text":"but I didn't actually look at it for my... It's just plain text.","speaker":null,"is_sponsor":0},{"start_s":350.32,"end_s":354.6,"text":"Yeah. That's wild. And if I stretch my detective skills","speaker":null,"is_sponsor":0},{"start_s":354.6,"end_s":358.68,"text":"just a little bit further, I would guess that that image store folder","speaker":null,"is_sponsor":0},{"start_s":358.68,"end_s":361.88,"text":"is full of images.","speaker":null,"is_sponsor":0},{"start_s":361.88,"end_s":366.84,"text":"Oh no, they're not images. They're unknown files.","speaker":null,"is_sponsor":0},{"start_s":366.84,"end_s":370.04,"text":"I can't surely do anything about this.","speaker":null,"is_sponsor":0},{"start_s":370.04,"end_s":373.16,"text":"Open with hex editor.","speaker":null,"is_sponsor":0},{"start_s":375.36,"end_s":380.6,"text":"And would you look at that? J-F-I-F, which means...","speaker":null,"is_sponsor":0},{"start_s":380.6,"end_s":381.44,"text":"Oh my God.","speaker":null,"is_sponsor":0},{"start_s":385.28,"end_s":389.68,"text":"Boop. Watch this. I accidentally figured this out. If I click and drag,","speaker":null,"is_sponsor":0},{"start_s":391.36,"end_s":395.28,"text":"it previews it. Now all I need to do is open it and...","speaker":null,"is_sponsor":0},{"start_s":396.28,"end_s":399.16,"text":"Wow. I hacked it.","speaker":null,"is_sponsor":0},{"start_s":400.04,"end_s":403.44,"text":"Oh man, that's a yikes. So that's it.","speaker":null,"is_sponsor":0},{"start_s":403.44,"end_s":407.16,"text":"That's what Jordan was doing on his computer at some time.","speaker":null,"is_sponsor":0},{"start_s":407.16,"end_s":413.12,"text":"All the metadata is just in there. Okay, timestamp 2023, December 4th,","speaker":null,"is_sponsor":0},{"start_s":413.12,"end_s":417.6,"text":"because this computer is set to 2024. So that's, yeah, that probably is...","speaker":null,"is_sponsor":0},{"start_s":417.6,"end_s":421.6,"text":"Yeah, that's about right there. When we were looking at it, pathetic. Let's look at the new one.","speaker":null,"is_sponsor":0},{"start_s":421.6,"end_s":426.04,"text":"This database file right there, AES encrypted.","speaker":null,"is_sponsor":0},{"start_s":426.04,"end_s":431.16,"text":"Also, where we had plain text before. Now we have not so plain text.","speaker":null,"is_sponsor":0},{"start_s":431.16,"end_s":436.32,"text":"Scrambled, he scrambled. That's what we wanna see. Okay, what about the image store folder though?","speaker":null,"is_sponsor":0},{"start_s":436.32,"end_s":439.88,"text":"It's empty. It's a different folder now. A sim store. Okay, all right.","speaker":null,"is_sponsor":0},{"start_s":439.88,"end_s":443.4,"text":"Cleverly hid them. Yeah. This, probably a JPEG.","speaker":null,"is_sponsor":0},{"start_s":443.4,"end_s":448.36,"text":"Let's try the same trick, okay? No thumbnail preview.","speaker":null,"is_sponsor":0},{"start_s":448.36,"end_s":451.88,"text":"And if we try to open it, no dice.","speaker":null,"is_sponsor":0},{"start_s":451.88,"end_s":456.52,"text":"Okay. Everything seems to be actually encrypted this time.","speaker":null,"is_sponsor":0},{"start_s":456.52,"end_s":459.96,"text":"So I gotta give Microsoft a point on our scoreboard","speaker":null,"is_sponsor":0},{"start_s":459.96,"end_s":463.0,"text":"for fixing that. But then I've also gotta take a point away","speaker":null,"is_sponsor":0},{"start_s":463.0,"end_s":468.52,"text":"for lying about it in the first place. So then, okay, old recall minus one point,","speaker":null,"is_sponsor":0},{"start_s":468.52,"end_s":472.68,"text":"new recall zero points. Let's have a look at our next claim here.","speaker":null,"is_sponsor":0},{"start_s":472.68,"end_s":479.12,"text":"Microsoft won't view your recall data or make it available for targeted advertisements.","speaker":null,"is_sponsor":0},{"start_s":479.12,"end_s":482.72,"text":"The skeptic in me wants to add yet to the end of that statement.","speaker":null,"is_sponsor":0},{"start_s":482.72,"end_s":486.24,"text":"But I would say that it was probably true when they were first testing","speaker":null,"is_sponsor":0},{"start_s":486.24,"end_s":491.6,"text":"and is probably still true at the time we're filming this. Though, once again, I feel it's a matter of time","speaker":null,"is_sponsor":0},{"start_s":491.6,"end_s":496.36,"text":"before they quietly change this and then hope that no one will notice.","speaker":null,"is_sponsor":0},{"start_s":496.36,"end_s":501.28,"text":"As for this next one, this is where things get objectively really bad.","speaker":null,"is_sponsor":0},{"start_s":501.28,"end_s":506.72,"text":"Snapshots are only available to the person whose profile was used to sign into the device.","speaker":null,"is_sponsor":0},{"start_s":506.72,"end_s":511.84,"text":"If two people share a device, they will not be able to access each other's snapshots.","speaker":null,"is_sponsor":0},{"start_s":511.84,"end_s":514.84,"text":"Okay. When we tested this back in 2024,","speaker":null,"is_sponsor":0},{"start_s":514.84,"end_s":519.24,"text":"that was a straight up lie and potentially a really dangerous one.","speaker":null,"is_sponsor":0},{"start_s":519.24,"end_s":523.0,"text":"By simply creating an administrator account on the same machine,","speaker":null,"is_sponsor":0},{"start_s":523.0,"end_s":526.4,"text":"I could easily navigate to any other user's app data folder","speaker":null,"is_sponsor":0},{"start_s":526.4,"end_s":530.64,"text":"and then check out anything that they had ever done on the computer.","speaker":null,"is_sponsor":0},{"start_s":530.64,"end_s":534.34,"text":"Now, I hate to even have to bring up such horrible scenarios,","speaker":null,"is_sponsor":0},{"start_s":534.34,"end_s":538.56,"text":"but guys, imagine this in the case of a journalist","speaker":null,"is_sponsor":0},{"start_s":538.56,"end_s":543.84,"text":"in an oppressive regime whose device was seized by force or for a victim of domestic abuse","speaker":null,"is_sponsor":0},{"start_s":543.84,"end_s":549.32,"text":"who was trying to find help online. As recall was implemented in 2024,","speaker":null,"is_sponsor":0},{"start_s":549.32,"end_s":553.12,"text":"a bad actor could have seen everything their victim had done on the computer","speaker":null,"is_sponsor":0},{"start_s":553.12,"end_s":555.68,"text":"and that was enabled by default.","speaker":null,"is_sponsor":0},{"start_s":556.52,"end_s":561.2,"text":"Fortunately, that seems to have changed now.","speaker":null,"is_sponsor":0},{"start_s":561.2,"end_s":564.58,"text":"Okay, stop recording OBS. You'll have to take my word for it.","speaker":null,"is_sponsor":0},{"start_s":564.58,"end_s":569.36,"text":"I'm signing out. I'm signing in as other user. According to my platform.","speaker":null,"is_sponsor":0},{"start_s":569.36,"end_s":572.92,"text":"Okay, P continue, okay. So all this still works,","speaker":null,"is_sponsor":0},{"start_s":572.92,"end_s":575.74,"text":"but because it's all encrypted,","speaker":null,"is_sponsor":0},{"start_s":577.6,"end_s":582.28,"text":"we can't view it. So with the shift to opt in,","speaker":null,"is_sponsor":0},{"start_s":582.28,"end_s":587.96,"text":"the addition of Windows Hello authentication and things seemingly actually being encrypted this time,","speaker":null,"is_sponsor":0},{"start_s":587.96,"end_s":592.16,"text":"it is a little less horrifying, but I still don't think Microsoft has gone far enough","speaker":null,"is_sponsor":0},{"start_s":592.16,"end_s":595.6,"text":"to educate users on the dangers of this feature.","speaker":null,"is_sponsor":0},{"start_s":595.6,"end_s":598.6,"text":"See, people do still share accounts in 2025","speaker":null,"is_sponsor":0},{"start_s":598.6,"end_s":601.96,"text":"and I guarantee you that most of your normie friends","speaker":null,"is_sponsor":0},{"start_s":601.96,"end_s":605.06,"text":"are not gonna pay attention to all the little icons","speaker":null,"is_sponsor":0},{"start_s":605.1,"end_s":610.58,"text":"that are down in their system tray. So saying, oh yeah, that little blue squiggle,","speaker":null,"is_sponsor":0},{"start_s":610.58,"end_s":614.54,"text":"that means you're getting surveilled. That doesn't really cut it for me.","speaker":null,"is_sponsor":0},{"start_s":614.54,"end_s":617.7,"text":"Also, the old FAQ claimed that recall","speaker":null,"is_sponsor":0},{"start_s":617.7,"end_s":621.34,"text":"couldn't be accessed by other applications or services,","speaker":null,"is_sponsor":0},{"start_s":621.34,"end_s":624.82,"text":"but while it is possible that other Microsoft apps","speaker":null,"is_sponsor":0},{"start_s":624.82,"end_s":629.58,"text":"didn't access the stuff back in 24, within days of the preview launch,","speaker":null,"is_sponsor":0},{"start_s":629.58,"end_s":632.7,"text":"there were multiple tools that could extract recall data,","speaker":null,"is_sponsor":0},{"start_s":632.7,"end_s":638.34,"text":"both locally and remotely. So that particular claim feels at the very least","speaker":null,"is_sponsor":0},{"start_s":638.34,"end_s":642.92,"text":"like a lie by omission. Take a look at Total Recall, for example.","speaker":null,"is_sponsor":0},{"start_s":642.92,"end_s":648.34,"text":"The media called this a hacker tool, but what it really is is a few dozen lines of Python","speaker":null,"is_sponsor":0},{"start_s":648.34,"end_s":652.42,"text":"that an AI assistant could probably crap out for you in about 30 seconds.","speaker":null,"is_sponsor":0},{"start_s":652.42,"end_s":655.84,"text":"Total Recall copied the images and the database folder,","speaker":null,"is_sponsor":0},{"start_s":655.84,"end_s":660.14,"text":"made a handy little report of all your window titles, and if you scrolled through it,","speaker":null,"is_sponsor":0},{"start_s":660.14,"end_s":664.94,"text":"led to the discovery of yet another lie from our pals at Microsoft.","speaker":null,"is_sponsor":0},{"start_s":664.94,"end_s":671.9,"text":"Microsoft claimed back then that recall didn't record incognito Windows in most common browsers,","speaker":null,"is_sponsor":0},{"start_s":671.9,"end_s":678.2,"text":"Edge, Firefox, Opera, and Google Chrome, but plain as day, here's a window title from Fark.com,","speaker":null,"is_sponsor":0},{"start_s":678.2,"end_s":682.16,"text":"which we only visited in a brief incognito session.","speaker":null,"is_sponsor":0},{"start_s":682.16,"end_s":685.34,"text":"Anyway, back to other apps being blocked from recall data,","speaker":null,"is_sponsor":0},{"start_s":685.34,"end_s":689.94,"text":"at least on the new one because they're encrypted, something like Total Recall couldn't be just","speaker":null,"is_sponsor":0},{"start_s":689.94,"end_s":696.62,"text":"randomly created by a third party, but it's also clear that Microsoft isn't even pretending","speaker":null,"is_sponsor":0},{"start_s":696.62,"end_s":699.7,"text":"that their own apps can't access the data anymore.","speaker":null,"is_sponsor":0},{"start_s":699.7,"end_s":703.62,"text":"On our new machine, the new click-to-do co-pilot feature","speaker":null,"is_sponsor":0},{"start_s":703.62,"end_s":707.26,"text":"requires recall to be enabled and is, by all appearances,","speaker":null,"is_sponsor":0},{"start_s":707.26,"end_s":711.9,"text":"a other app or service, so lie then,","speaker":null,"is_sponsor":0},{"start_s":711.9,"end_s":717.32,"text":"and I guess it's gone from the FAQ now, so no longer a lie, but certainly a change.","speaker":null,"is_sponsor":0},{"start_s":718.62,"end_s":722.14,"text":"Anywho, the 2025 flavor of Recall adds a toggle","speaker":null,"is_sponsor":0},{"start_s":722.14,"end_s":728.46,"text":"that will filter sensitive information automatically, which seems to be enabled by default, which is something,","speaker":null,"is_sponsor":0},{"start_s":728.46,"end_s":731.82,"text":"but it relies on the AI recognizing","speaker":null,"is_sponsor":0},{"start_s":731.82,"end_s":737.46,"text":"that any information that you have on-screen is sensitive, and I really don't know if I would trust this guy","speaker":null,"is_sponsor":0},{"start_s":737.46,"end_s":740.5,"text":"to determine if my on-screen data is sensitive or not,","speaker":null,"is_sponsor":0},{"start_s":740.5,"end_s":744.06,"text":"at least not yet. So what's the bottom line here?","speaker":null,"is_sponsor":0},{"start_s":744.06,"end_s":747.3,"text":"Well, I gotta give Microsoft some credit.","speaker":null,"is_sponsor":0},{"start_s":747.3,"end_s":751.18,"text":"They could have just powered forward and released Recall in its primitive state,","speaker":null,"is_sponsor":0},{"start_s":751.18,"end_s":754.38,"text":"but instead, they listened to the outrage of the tech community","speaker":null,"is_sponsor":0},{"start_s":754.38,"end_s":758.62,"text":"and are making what looks like a serious effort to address many of the issues","speaker":null,"is_sponsor":0},{"start_s":758.62,"end_s":761.66,"text":"with their original Recall launch.","speaker":null,"is_sponsor":0},{"start_s":761.66,"end_s":765.78,"text":"But with that said, I still oppose the existence of this feature","speaker":null,"is_sponsor":0},{"start_s":765.78,"end_s":769.74,"text":"because of what it means for our collective privacy, because here's the thing,","speaker":null,"is_sponsor":0},{"start_s":769.74,"end_s":773.02,"text":"even if you don't turn on Recall yourself,","speaker":null,"is_sponsor":0},{"start_s":773.02,"end_s":779.3,"text":"how do you know that everyone you're emailing or maybe messaging in signal hasn't linked their PC","speaker":null,"is_sponsor":0},{"start_s":779.3,"end_s":784.7,"text":"that has Recall turned on? Now, Signal has announced a new, enabled-by-default setting","speaker":null,"is_sponsor":0},{"start_s":784.7,"end_s":789.82,"text":"to prevent screen capture of signal chats on Windows, but that doesn't cover you for any other chat","speaker":null,"is_sponsor":0},{"start_s":789.82,"end_s":793.94,"text":"and it doesn't prevent someone from turning capture on in signal","speaker":null,"is_sponsor":0},{"start_s":793.94,"end_s":798.22,"text":"if, say, grandma likes to use Recall to help her remember things.","speaker":null,"is_sponsor":0},{"start_s":798.22,"end_s":801.46,"text":"And I mean, yeah, that is pretty useful for her,","speaker":null,"is_sponsor":0},{"start_s":801.46,"end_s":804.5,"text":"but should baby pictures and a family WhatsApp","speaker":null,"is_sponsor":0},{"start_s":804.5,"end_s":808.1,"text":"really be slurped into a Microsoft-managed database?","speaker":null,"is_sponsor":0},{"start_s":808.1,"end_s":811.54,"text":"And yeah, I know, I know, I know. It's stored locally and it's encrypted,","speaker":null,"is_sponsor":0},{"start_s":811.54,"end_s":814.62,"text":"but data is only local until it's been stolen","speaker":null,"is_sponsor":0},{"start_s":814.62,"end_s":819.58,"text":"and it's only encrypted until some quantum bulls*** breaks that encryption.","speaker":null,"is_sponsor":0},{"start_s":819.58,"end_s":823.78,"text":"The very existence of Recall makes Windows a less secure platform","speaker":null,"is_sponsor":0},{"start_s":823.78,"end_s":828.22,"text":"because in the very near future, all compatible Windows 11 machines","speaker":null,"is_sponsor":0},{"start_s":828.22,"end_s":834.3,"text":"are going to have a built-in tool that gathers and catalogs an unprecedented wealth of information","speaker":null,"is_sponsor":0},{"start_s":834.3,"end_s":837.78,"text":"about Windows users and then stores it in a convenient place","speaker":null,"is_sponsor":0},{"start_s":837.78,"end_s":841.94,"text":"for attackers to target. So if they're looking for some confidential information,","speaker":null,"is_sponsor":0},{"start_s":841.94,"end_s":844.94,"text":"the heavy lifting is done for them.","speaker":null,"is_sponsor":0},{"start_s":844.94,"end_s":850.26,"text":"What are we gonna have to do? Go back to writing letters? I mean, hey, at least we sell the scribe driver pen","speaker":null,"is_sponsor":0},{"start_s":850.26,"end_s":853.5,"text":"on LTTstore.com. You can use that to write a letter,","speaker":null,"is_sponsor":0},{"start_s":853.5,"end_s":856.66,"text":"although then there's definitely a physical record","speaker":null,"is_sponsor":0},{"start_s":856.66,"end_s":860.46,"text":"of what you wrote and the point is, I think Andrew Cunningham said it best","speaker":null,"is_sponsor":0},{"start_s":860.46,"end_s":865.66,"text":"on Ars Technica last year. Windows Recall demands an extraordinary level of trust","speaker":null,"is_sponsor":0},{"start_s":865.66,"end_s":870.18,"text":"that Microsoft hasn't earned. What a great turn of phrase.","speaker":null,"is_sponsor":0},{"start_s":870.18,"end_s":873.26,"text":"And what a great opportunity to tell you about our sponsor.","speaker":null,"is_sponsor":0},{"start_s":873.26,"end_s":876.42,"text":"If you guys enjoyed this video, maybe you'd like some mini rants","speaker":null,"is_sponsor":0},{"start_s":876.42,"end_s":879.62,"text":"about small problems that make tech big awful.","speaker":null,"is_sponsor":0}],"full_text":"This time last year, Microsoft rushed Windows Recall into public testing, allowing AI PCs, whatever those are, to record, catalog, and even revisit all user interactions. You know, in case you forgot how to open up your browser history or scroll up in a chat window. And to say that that rollout went poorly would be a gross understatement. I really don't know what they were expecting though. I mean, days prior, CEO Satya Nadella called for Microsoft to prioritize security above all else. And then they immediately start pushing this app that not only records everything that appears on the screen of your computer, but also utilizes the AI capabilities of said computer to turn everything it sees into an easily searchable database. Now, Microsoft claim was that all of that's fine and that Recall is totally secure. Unfortunately, that held up for about as long as it took for someone to download the preview and then track down the folder that it was writing to, at which point the entire internet lost its collective mind over how absolutely not secure it actually was. Now, it was about that time that we wrote this video, tearing the whole thing apart. But then as we were set to film it, Microsoft announced that they would postpone Recall in response to the community's concerns. And here we are a year later and Recalls back, baby. But have all the problems really been addressed? I mean, was it even that bad before it got delayed? Am I ever gonna segue to our sponsor? Before we go any further, what is Recall again? And what was everyone so upset about last time? I can't seem to recall, records everything that appears on the screen of your computer. Oh, that's it. Windows Recall takes screenshots, they call them snapshots, of whatever it is that you're doing on your PC every few seconds and then feeds them through AI-assisted optical text recognition and image analysis, then stores it all in a local database for your convenience. And they only need 10% of your hard drive space to do it? Outstanding. The idea then is that you can fire up Recall and ask it things like, hey, what was that Korean restaurant that Alice mentioned the other day? And then without you needing to remember whether it was an email, a Teams message, or a random calendar invite, Recall will crap out a snapshot that has the result for you. You can even copy and paste text and images from within those saved snapshots to easily search or share them, which I have to admit, does sound kind of nifty. And supposedly it is a lot more secure now, but I am not gonna take Microsoft's word for it. Not when I can compare them both side by side. You see, this machine is running new Recall. You don't need anything super special to use it, just a co-pilot plus ready PC that meets the secured core standard. Also a couple of other things that any such machine would likely have. But that wasn't always the case. See, the original Windows Recall was only officially available on laptops with Snapdragon X Elite and X Plus processors, which unfortunately we didn't have access to at the time. But thanks to a legend by the name of Albuquer, we were able to get it up and running on this old HP Elite Folio, which conveniently has been powered down with its radios off going, la la la la la, I can't even use Windows update. Since before Microsoft delayed the launch, allowing us to compare old Recall to new Recall. Let's see exactly what's different. Well, for starters, Recall is now hopped in instead of being on by default. That is a very big improvement. But with that said, Microsoft has a long, proud history of using dark patterns to trick you into changing default system settings or even just changing them on their own. So I'm gonna believe that this is permanent when I see it. What else has changed? Well, Microsoft now says that Recall is secure with the data encrypted, protected by BitLocker and requiring Windows Hello authentication. Of course they said it was secure a year ago too though, so let's make our way through this helpful FAQ from 2024 and compare what they said then and how it behaves on both of our machines. Let's see here. Recall snapshots are kept on the local hard disk. Okay, that was true before. In fact, they're right here in this core AI platform folder under the user's local app data and okay. Yep, that looks like it's still true. How about data is protected using disk encryption and BitLocker? Well, that was at least partly true back in 2024, but it was also pretty misleading. See, BitLocker would protect your data, including your Recall snapshots. If somebody stole your device, but if you were logged in and you just stepped away for a moment, then those snapshots would be protected only by Windows permissions. And I don't know all this for sure, but I think most lead hacksaws are pretty good at clicking continue. All right, let's see what else we've got here. We've got show file extensions on, by the way. So I'm gonna go it on a limb and guess that this .db file here is the database. And if we look at the file header in a hex editor, it looks like it's just a SQLite database. So we can use any of the dozens of free tools out there to interact with that. And there it is. Look at all that plain text. Oh my God. I read about this back then, but I didn't actually look at it for my... It's just plain text. Yeah. That's wild. And if I stretch my detective skills just a little bit further, I would guess that that image store folder is full of images. Oh no, they're not images. They're unknown files. I can't surely do anything about this. Open with hex editor. And would you look at that? J-F-I-F, which means... Oh my God. Boop. Watch this. I accidentally figured this out. If I click and drag, it previews it. Now all I need to do is open it and... Wow. I hacked it. Oh man, that's a yikes. So that's it. That's what Jordan was doing on his computer at some time. All the metadata is just in there. Okay, timestamp 2023, December 4th, because this computer is set to 2024. So that's, yeah, that probably is... Yeah, that's about right there. When we were looking at it, pathetic. Let's look at the new one. This database file right there, AES encrypted. Also, where we had plain text before. Now we have not so plain text. Scrambled, he scrambled. That's what we wanna see. Okay, what about the image store folder though? It's empty. It's a different folder now. A sim store. Okay, all right. Cleverly hid them. Yeah. This, probably a JPEG. Let's try the same trick, okay? No thumbnail preview. And if we try to open it, no dice. Okay. Everything seems to be actually encrypted this time. So I gotta give Microsoft a point on our scoreboard for fixing that. But then I've also gotta take a point away for lying about it in the first place. So then, okay, old recall minus one point, new recall zero points. Let's have a look at our next claim here. Microsoft won't view your recall data or make it available for targeted advertisements. The skeptic in me wants to add yet to the end of that statement. But I would say that it was probably true when they were first testing and is probably still true at the time we're filming this. Though, once again, I feel it's a matter of time before they quietly change this and then hope that no one will notice. As for this next one, this is where things get objectively really bad. Snapshots are only available to the person whose profile was used to sign into the device. If two people share a device, they will not be able to access each other's snapshots. Okay. When we tested this back in 2024, that was a straight up lie and potentially a really dangerous one. By simply creating an administrator account on the same machine, I could easily navigate to any other user's app data folder and then check out anything that they had ever done on the computer. Now, I hate to even have to bring up such horrible scenarios, but guys, imagine this in the case of a journalist in an oppressive regime whose device was seized by force or for a victim of domestic abuse who was trying to find help online. As recall was implemented in 2024, a bad actor could have seen everything their victim had done on the computer and that was enabled by default. Fortunately, that seems to have changed now. Okay, stop recording OBS. You'll have to take my word for it. I'm signing out. I'm signing in as other user. According to my platform. Okay, P continue, okay. So all this still works, but because it's all encrypted, we can't view it. So with the shift to opt in, the addition of Windows Hello authentication and things seemingly actually being encrypted this time, it is a little less horrifying, but I still don't think Microsoft has gone far enough to educate users on the dangers of this feature. See, people do still share accounts in 2025 and I guarantee you that most of your normie friends are not gonna pay attention to all the little icons that are down in their system tray. So saying, oh yeah, that little blue squiggle, that means you're getting surveilled. That doesn't really cut it for me. Also, the old FAQ claimed that recall couldn't be accessed by other applications or services, but while it is possible that other Microsoft apps didn't access the stuff back in 24, within days of the preview launch, there were multiple tools that could extract recall data, both locally and remotely. So that particular claim feels at the very least like a lie by omission. Take a look at Total Recall, for example. The media called this a hacker tool, but what it really is is a few dozen lines of Python that an AI assistant could probably crap out for you in about 30 seconds. Total Recall copied the images and the database folder, made a handy little report of all your window titles, and if you scrolled through it, led to the discovery of yet another lie from our pals at Microsoft. Microsoft claimed back then that recall didn't record incognito Windows in most common browsers, Edge, Firefox, Opera, and Google Chrome, but plain as day, here's a window title from Fark.com, which we only visited in a brief incognito session. Anyway, back to other apps being blocked from recall data, at least on the new one because they're encrypted, something like Total Recall couldn't be just randomly created by a third party, but it's also clear that Microsoft isn't even pretending that their own apps can't access the data anymore. On our new machine, the new click-to-do co-pilot feature requires recall to be enabled and is, by all appearances, a other app or service, so lie then, and I guess it's gone from the FAQ now, so no longer a lie, but certainly a change. Anywho, the 2025 flavor of Recall adds a toggle that will filter sensitive information automatically, which seems to be enabled by default, which is something, but it relies on the AI recognizing that any information that you have on-screen is sensitive, and I really don't know if I would trust this guy to determine if my on-screen data is sensitive or not, at least not yet. So what's the bottom line here? Well, I gotta give Microsoft some credit. They could have just powered forward and released Recall in its primitive state, but instead, they listened to the outrage of the tech community and are making what looks like a serious effort to address many of the issues with their original Recall launch. But with that said, I still oppose the existence of this feature because of what it means for our collective privacy, because here's the thing, even if you don't turn on Recall yourself, how do you know that everyone you're emailing or maybe messaging in signal hasn't linked their PC that has Recall turned on? Now, Signal has announced a new, enabled-by-default setting to prevent screen capture of signal chats on Windows, but that doesn't cover you for any other chat and it doesn't prevent someone from turning capture on in signal if, say, grandma likes to use Recall to help her remember things. And I mean, yeah, that is pretty useful for her, but should baby pictures and a family WhatsApp really be slurped into a Microsoft-managed database? And yeah, I know, I know, I know. It's stored locally and it's encrypted, but data is only local until it's been stolen and it's only encrypted until some quantum bulls*** breaks that encryption. The very existence of Recall makes Windows a less secure platform because in the very near future, all compatible Windows 11 machines are going to have a built-in tool that gathers and catalogs an unprecedented wealth of information about Windows users and then stores it in a convenient place for attackers to target. So if they're looking for some confidential information, the heavy lifting is done for them. What are we gonna have to do? Go back to writing letters? I mean, hey, at least we sell the scribe driver pen on LTTstore.com. You can use that to write a letter, although then there's definitely a physical record of what you wrote and the point is, I think Andrew Cunningham said it best on Ars Technica last year. Windows Recall demands an extraordinary level of trust that Microsoft hasn't earned. What a great turn of phrase. And what a great opportunity to tell you about our sponsor. If you guys enjoyed this video, maybe you'd like some mini rants about small problems that make tech big awful."}