this post was submitted on 27 May 2026
841 points (99.2% liked)
Technology
84980 readers
3547 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Considering the thread we're talking in, it's up to you if you trust MS to implement this well, but they are not uploading the screenshots to the cloud.
Personally I think the idea of Recall is great if it works to help you and only you. The problem isn't the idea, it's the trust. If a reputable open source project or Linux distro made a feature like this I think it would be cool, because I know my privacy is going to be respected and the feature is designed solely to help me and nothing more. However, when MS suggests this I'm immediately cautious, skeptical, and concerned about how it could be used against me.
The statement you quoted is itself a lie. It talks about snapshots, when that's not at all what Recall is about. It takes snapshots, true. But it does not matter to MS whether the snapshots themselves are saved, or where. "Recall does not share snapshots or associated data" is a reference solely to the snapshot itself, not the data Recall creates from it.
Here's what really happens. Once a snapshot is taken, it is analyzed with AI as well as converted into text (if text is present) and all that content (including passwords, banking details, medical records, whatever passes the desktop when a snapshot is taken) plus its local AI analysis is kept in a local database. That shrinks its size to almost nothing, making it much easier for MS to collect. This secretive local database itself is inaccessible to you (even as admin), one you have zero rights to control or delete or edit or even view, one over which you are never given any permissions, and at regular intervals that database is scraped and sent back to MS to use in data aggregation and resale and AI training and whatever the fuck else they want to do with it. Sure, you can turn off Recall in the AI settings, but it has now been proven that any Windows update just turns it all back on again.
Knowing this, go back and reread their statement in regard to snapshots. The entire thing is a misdirection and never once addresses the real payload of Recall and why MS, even after they pinky swore they had dropped it, they continued partnering with hardware makers to deliver "Recall-ready" PCs that already have the requisite NPU on the motherboard, which are needed to do all that local data OCR and analysis on the snapshots that don't even matter to MS once they've been scraped for content.
It's also a big attack surface. Just like how a lot of malware looks for the browser password cache now, it doesn't take much for a malware developer to just go for the recall store. The malware doesn't need to pack in software to take screenshots, if the OS serves it up for them on a platter.
The location is known, and I seem to remember it being fairly simple to view the contents in the right system viewer with a bit of work, so yeah. I never considered that but you're quite right: MS is packaging that shit up all nice and handy for whoever can grab it by whatever means.