film / tv / substack / social media / lists / web / celeb / pajiba love / misc / about / cbr
film / tv / substack / web / celeb

Copilot.jpg

Microsoft Copilot+ AI's Privacy Invasion Isn't a Bug, It's a Feature

By Nate Parker | News | May 22, 2024 |

By Nate Parker | News | May 22, 2024 |


Copilot.jpg

Before I begin today’s AI rant, let me offer a little background. I’ve worked in desktop and server support since 1999, almost exclusively on the Windows OS. I cut my teeth on Windows 3.11 and NT4.0, and have used every Windows version since. Reliability, security, and ease of use are constantly shifting targets, and like many software packages, it seems every other iteration is a jumbled mess - looking your way, Windows ME and 8. Windows 11 has, for the most part, performed reliably and no more than the usual security vulnerabilities. But Win11’s newest feature, Copilot+ AI, includes a handy tool called “Recall” integrates spyware neatly into the OS, and it has security experts deeply concerned..

Recall, an advanced version of Windows 10’s defunct Timeline feature, saves snapshots of everything you do on your computer. Everything. Sites browsed, searches searched, and passwords entered. This history is archived in a searchable timeline accessible only by the user and anyone else with their password. Recall does not connect to the cloud or store data offline, according to Microsoft, but it does keep a 25-50GB archive on your hard drive. Apart from Edge InPrivate sessions and DRM-protected content - like streaming from Spotify or Netflix - it keeps everything, and while the archive itself is encrypted, sensitive data inside such as archived passwords or bank account numbers are not.

The UK’s Information Commissioner’s Office, a watchdog group focused on data protection and internet security, is already investigating the Recall feature. Both the UK and Europe have more stringent identity protection laws in place than the United States, which treats your data security with the same respect folks gave Red Lobster’s Unlimited Shrimp buffet. Copilot+’s other AI features - a notebook that writes for you and an image generator that bakes copyright infringement into the OS - are devoid of ethical or artistic value, but little more dangerous than the tools already available on the web. Microsoft’s PR statement on the Cocreator image generator is particularly bleak.

“Use the creativity slider to choose from a range of artwork from more literal to more expressive. Once you select your artwork, you can continue iterating on top of it, helping you express your ideas, regardless of your creative skills.”

Taking the creativity out of creation; it’s every artist’s dream.

Recall is a different story. Microsoft press releases emphasize the customizable privacy controls that allow users to determine the length of Recall’s timeline and what the AI captures. Trust me when I say most users will never change a single setting. The average user will click “Accept” like it was a link in a phishing email and never think about it again. We’ve all watched The Beekeeper at least 5 times now, right? It can’t be just me. Copilot+ Recall takes the identity thieves who scammed Phylicia Rashad and puts them right on the hard drive, but there’s no Jason Statham seeking revenge on users’ behalf. Your Recall timeline will be available to any family members who have access to your account, including domestic abusers. It will be available to in-person or remote technicians to whom you grant access. It will be available to every scammer who has access to your account because you clicked a sketchy link to reset your Amazon password. A third party who searches your timeline for “water sports” will find the receipt from your Bahamas vacation, those personal photos of you jet skiing while nude, and that PornHub search you thought remained between you and God. More seriously, it’ll save searches for domestic abuse shelters. Divorce lawyers. Private correspondence with doctors. Transcripts of virtual work meetings or therapy sessions. It has the potential to make TSA and law enforcement searches much more invasive regardless of their validity. In short, Recall is a privacy nightmare.

The good news is that most computers can’t handle it. Only PCs with Qualcomm’s new Snapdragon X Elite chip can install Copilot+ AI, which requires 256 GB to even run Recall. IT admins can and will disable Copilot+ features at the group policy level, which has us breathing sighs of relief. The UK and EU will take a hard look at Recall, and I’ll be surprised if Microsoft is allowed to proceed in their markets. With any luck, Recall will suffer the same ignominious fate as Windows 10’s Timeline feature, which offered a similar tool no one ever used. If you do find yourself with Copilot+, I recommend disabling its features as soon as possible. Multiple online guides explain how. You’re the only one who should divulge your most intimate secrets online, probably on Reddit.