Who is surprised?

  • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    32
    ·
    4 months ago

    Hmm, I wonder if there could be an exploit where Recall is covertly turned on, so it can be used to exfiltrate data. Not a good idea to basically have a surveillance rootkit sitting passively on your system, with no ability to remove it, just waiting to get abused by attackers. But using this proprietary garbage OS nowadays isn’t a good idea in general and there is a much better alternative.

    • x00za@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      15
      ·
      4 months ago

      Malware developers don’t even need to have their malware running anymore to grab keylogs and screenshots.

      Just enable Recall, schedule your malware for a month from now and it doesn’t even have to run anymore.

    • scutiger@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      4 months ago

      Windows does have its own command-line package manager. I don’t know if it can remove Recall, but last I checked it could remove Cortana. It would just get reinstalled soon after, but that could be prevented with some file-naming trickery. If you give a file the same name as the folder used to have and make it read-only, it couldn’t remake the folder and wouldn’t reinstall.

      I wouldn’t be surprised if you can still do that now.

      • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        6
        ·
        4 months ago

        Which one do you mean? Winget which is their newest attempt at creating a package manager that isn’t an absolute piece of garbage, or their crappy CLI for managing MSIX/APPX modules? Because I remember using the latter to try and remove Cortana back when I first tried Windows 10. Fast forward, I removed all the garbage I didn’t need, applied a Windows update, restarted my PC and it was all reinstalled. I wiped that SSD the same day and went back to Linux. This was the last time I used Windows on any of my personal devices.

        • scutiger@lemmy.world
          link
          fedilink
          English
          arrow-up
          8
          ·
          4 months ago

          I was talking about Appx. I haven’t used Windows in a while, but that was how I got rid of Cortana. The key part was the read-only file named after the folder that couldn’t be replaced.

        • Not a replicant@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          2
          ·
          4 months ago

          I’d say you didn’t actually remove the garbage. “Settings, apps, uninstall” doesn’t really get rid of it, the deployment package is still hanging around.

          You need to use powershell to de-deploy those packages.

          It’s a bit like the difference between “apt remove” and “apt purge”

    • Not a replicant@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      4 months ago

      There’s always the Microsoft telemetry blocklist in pihole. If you can’t stop the computer collecting the data, you can stop MS getting hold of it.