Windows 11

Microsoft removes documentation for switching to a local account in Windows 11

microsoft, Tech, Windows 10, Windows 11, windows 11 23h2, windows 11 24h2 / Ari B / June 24, 2024

you’re *sureyou don’t want to use a Microsoft account?? —

But most Microsoft account sign-in workarounds for Windows 11 continue to work.

Andrew Cunningham – Jun 24, 2024 7: 43 pm UTC

A laptop PC running Windows 11 sitting next to a coffee mug. — Enlarge / A PC running Windows 11.

Microsoft

One of Windows 11’s more contentious changes is that, by default, both the Home and Pro editions of the operating system require users to sign in with a Microsoft account during setup. Signing in with an account does get you some benefits, at least if you’re a regular user of other Microsoft products like OneDrive, GamePass, or Microsoft 365 (aka Office). But if you don’t use those services, a lot of what a Microsoft account gets you in Windows 11 is repeated ads and reminders about signing up for those services. Using Windows with a traditional local account is still extremely possible, but it does require a small amount of know-how beyond just clicking the right buttons.

On the know-how front, Microsoft has taken one more minor, but nevertheless irritating, step away from allowing users to sign in with local accounts. This official Microsoft support page walks users with local accounts through the process of signing in to a Microsoft account. As recently as June 12, that page also included instructions for converting a Microsoft account into a local account. But according to Tom’s Hardware and the Internet Wayback Machine, those instructions disappeared on or around June 17 and haven’t been seen since.

Despite the documentation change, most of the workarounds for creating a local account still work in both Windows 11 23H2 (the publicly available version of Windows 11 for most PCs) and 24H2 (available now on Copilot+ PCs, later this fall for everyone else). The easiest way to do it on a PC you just took out of the box is to press Shift+F10 during the setup process to bring up a command prompt window, typing OOBEBYPASSNRO, rebooting, and then clicking the “I don’t have Internet” button when asked to connect to a Wi-Fi network.

Other workarounds include using the Rufus tool to create a USB installer that will automatically bypass the Microsoft account sign-in requirement, or (for Windows 11 Pro users) indicating that you want to join the PC to a corporate domain and then not actually joining it to a domain. Setting the PC up with a Microsoft account and then signing out afterward is also still an option.

There is one workaround that has allegedly stopped working—it used to be that trying to “sign in” with a nonexistent email account would get you a local sign-in option. But as of earlier this month, according to Windows Central editor Zac Bowden, it looks like the Windows 11 setup screen will just ask you to try another email address instead.

To be fair to Microsoft, all the big tech companies want you to sign in with an account before you can use all the features of the software, but neither Apple nor Google goes as far as to mandate account sign-in to access basic functionality. Macs, iPhones, and iPads will all let you complete the setup process without signing in, though you do have to know which buttons to click. Google will allow you to use Chromebooks in guest mode, and Android phones and tablets are still usable without signing in (though this does make it more difficult to find and install apps). Microsoft’s pushiness remains unique; there’s definitely a difference between a company that would really prefer that you sign in, and one that forces you to.

Microsoft removes documentation for switching to a local account in Windows 11 Read More »

iFixit says new Arm Surface hardware “puts repair front and center”

copilot+ PC, microsoft, Microsoft Surface, qualcomm, snapdragon x elite, Tech, Windows 11, windows 11 24h2, windows on arm / Ari B / June 24, 2024

how things have changed —

Both devices make it relatively easy to get at the battery and SSD.

Andrew Cunningham – Jun 24, 2024 5: 27 pm UTC

Microsoft's 11th-edition Surface Pro, as exploded by iFixit. Despite adhesive holding in the screen and the fact that you need to remove the heatsink to get at the battery, it's still much more repairable than past Surfaces or competing tablets. — Enlarge / Microsoft’s 11th-edition Surface Pro, as exploded by iFixit. Despite adhesive holding in the screen and the fact that you need to remove the heatsink to get at the battery, it’s still much more repairable than past Surfaces or competing tablets.

For a long time, Microsoft’s Surface hardware was difficult-to-impossible to open and repair, and devices as recent as 2019’s Surface Pro 7 still managed a repairability score of just 1 out of 10 on iFixit’s scale. 2017’s original Surface Laptop needed to be physically sliced apart to access its internals, making it essentially impossible to try to fix the machine without destroying it.

But in recent years, partly due to pressure from shareholders and others, Microsoft has made an earnest effort to improve the repairability of its devices. The company has published detailed repair manuals and videos and has made changes to its hardware designs over the years to make it easier to open them without breaking them and easier to replace parts once you’re inside. Microsoft also sells some first-party parts for repairs, though not every part from every Surface is available, and Microsoft and iFixit have partnered to offer other parts as well.

Now, iFixit has torn apart the most recent Snapdragon X-powered Surface Pro and Surface Laptop devices and has mostly high praise for both devices in its preliminary teardown video. Both devices earn an 8 out of 10 on iFixit’s repairability scale, thanks to Microsoft’s first-party service manuals, the relative ease with which both devices can be opened, and clearly labeled internal components.

Beneath the Surface

To open the Surface Laptop, iFixit says you only need to undo four screws, hidden beneath the laptop’s rubber feet; at that point, the bottom of the machine is only attached by magnets, rather than breakable retention clips. Opening the bottom of the laptop provides easy access to the battery and an M.2 2232 SSD. Labels inside the device indicate which screws need to be removed to replace which parts, and what kind of screwdriver you’ll need to do the job; scannable barcodes also make it easier to find repair manuals and parts on Microsoft’s site. Most other parts are easy to remove and replace once the bottom of the laptop is off.

The Surface Pro’s best repairability feature remains its easily accessible M.2 2232 SSD, present under a pop-off cover on the back of the tablet. From there, things get more difficult—accessing the battery and other components requires removing the screen, which is still held in place with adhesive rather than screws or magnets. This adhesive needs to be removed—iFixit cut it away with a thin plastic tool, and closing the tablet back up securely would likely require new adhesive to be applied. Once inside, the parts and screws are still labeled clearly, but you do need to remove the entire heatsink before you can replace the battery.

iFixit uses slightly different criteria for evaluating the repairability of laptops and tablets since tablets are more tightly integrated devices. So despite the identical repairability scores, the Surface Pro remains slightly more difficult to open and fix than the laptop; iFixit is just comparing it to devices like the iPad Air and Pro rather than other PC laptops, and the Surface Pro still looks better than other tablets by comparison despite the use of adhesive.

The teardown video didn’t detail exactly why iFixit knocked points off of each device’s repairability score, though iFixit took note of the soldered-down non-upgradeable RAM and Wi-Fi/Bluetooth modules. Both devices also use way more screws and clips than something like the Framework Laptop, which could also be a factor.

We’ve been using the new Snapdragon-powered Surface devices for a few days now, and we’ll have more thoughts to share about the hardware and its performance in the coming days.

iFixit says new Arm Surface hardware “puts repair front and center” Read More »

Win+C, Windows’ most cursed keyboard shortcut, is getting retired again

copilot, Google, Tech, Windows 10, windows 10 22h2, Windows 11, windows 11 24h2 / Blake Jones / June 21, 2024

What job will Win+C lose next? —

Win+C has been assigned to some of Windows’ least successful features.

Andrew Cunningham – Jun 21, 2024 6: 19 pm UTC

Enlarge / A rendering of the Copilot button.

Microsoft

Microsoft is all-in on its Copilot+ PC push right now, but the fact is that they’ll be an extremely small minority among the PC install base for the foreseeable future. The program’s stringent hardware requirements—16GB of RAM, at least 256GB of storage, and a fast neural processing unit (NPU)—disqualify all but new PCs, keeping features like Recall from running on all current Windows 11 PCs.

But the Copilot chatbot remains supported on all Windows 11 PCs (and most Windows 10 PCs), and a change Microsoft has made to recent Windows 11 Insider Preview builds is actually making the feature less useful and accessible than it is in the current publicly available versions of Windows. Copilot is being changed from a persistent sidebar into an app window that can be resized, minimized, and pinned and unpinned from the taskbar, just like any other app. But at least as of this writing, this version of Copilot can no longer adjust Windows’ settings, and it’s no longer possible to call it up with the Windows+C keyboard shortcut. Only newer keyboards with the dedicated Copilot key will have an easy built-in keyboard shortcut for summoning Copilot.

If Microsoft keeps these changes intact, they’ll hit Windows 11 PCs when the 24H2 update is released to the general public later this year; the changes are already present on Copilot+ PCs, which are running a version of Window 11 24H2 out of the box.

Changing how Copilot works is all well and good—despite how quickly Microsoft has pushed it out to every Windows PC in existence, it has been labeled a “preview” up until the 24H2 update, and some amount of change is to be expected. But discontinuing the just-introduced Win+C keyboard shortcut to launch Copilot feels pointless, especially since the Win+C shortcut isn’t being reassigned.

The Copilot assistant exists on the taskbar, so it’s not as though it’s difficult to access, but the feature is apparently important enough to merit the first major change to Windows keyboards in three decades. Surely it also justifies retaining a keyboard shortcut for the vast majority of PC keyboards without a dedicated Copilot key.

People who want to continue to use Win+C as a launch key for Copilot can do so with custom keyboard remappers like Microsoft’s own Keyboard Manager PowerToy. Simply set Win+C as a shortcut for the obscure Win+Shift+F23 shortcut that the hardware Copilot key is already mapped to and you’ll be back in business.

Win+C has a complicated history

Enlarge / Win+C always seems to get associated with transient, unsuccessful Windows features like Charms and Cortana.

Andrew Cunningham

The Win+C keyboard shortcut actually has a bit of a checkered history, having been reassigned over the years to multiple less-than-successful Windows initiatives. In Windows 8, it made its debut as a shortcut for the “Charms” menu, part of the operating system’s tablet-oriented user interface that was designed to partially replace the old Start menu. But Windows 10 retreated from this new tablet UI, and the Charms bar was discontinued.

In Windows 10, Win+C was assigned to the Cortana voice assistant instead, Microsoft’s contribution to the early-2010s voice assistant boom kicked off by Apple’s Siri and refined by competitors like Amazon’s Alexa. But Cortana, like the Charms bar, never really took off, and Microsoft switched the voice assistant off in 2023 after a few years of steadily deprioritizing it in Windows 10 (and mostly hiding it in Windows 11).

Most older versions of Windows didn’t do anything with the Win+C, but if you go all the way back to the Windows 95 era, users of Microsoft Natural Keyboards who installed Microsoft’s IntelliType software could use Win+C to open the Control Panel. This shortcut apparently never made it into Windows itself, even as the Windows key became standard equipment on PCs in the late ’90s and early 2000s.

So pour one out for Win+C, the keyboard shortcut that is always trying to do something new and not quite catching on. We can’t wait to see what it does next.

Win+C, Windows’ most cursed keyboard shortcut, is getting retired again Read More »

Windows 11 24H2 is released to the public but only on Copilot+ PCs (for now)

AI, copilot+ PC, Tech, Windows 11, windows 11 24h2 / Ari B / June 18, 2024

24h2 for some —

The rest of the Windows 11 ecosystem will get the new update this fall.

Andrew Cunningham – Jun 18, 2024 6: 00 pm UTC

For the vast majority of compatible PCs, Microsoft’s Windows 11 24H2 update still isn’t officially available as anything other than a preview (a revised version of the update is available to Windows Insiders again after briefly being pulled early last week). But Microsoft and most of the other big PC companies are releasing their first wave of Copilot+ PCs with Snapdragon X-series chips in them today, and those PCs are all shipping with the 24H2 update already installed.

For now, this means a bifurcated Windows 11 install base: one (the vast majority) that’s still mostly on version 23H2 and one (a tiny, Arm-powered minority) that’s running 24H2.

Although Microsoft hasn’t been specific about its release plans for Windows 11 24H2 to the wider user base, most PCs should still start getting the update later this fall. The Copilot+ parts won’t run on those current PCs, but they’ll still get new features and benefit from Microsoft’s work on the operating system’s underpinnings.

The wider 24H2 update rollout will also likely enable the Copilot+ PC features on Intel and AMD PCs that meet the hardware requirements. That hardware will supposedly be available starting in July—at least, if AMD can hit its planned ship date for Ryzen AI chips—but neither Intel nor AMD seems to know exactly when the Copilot+ features will be enabled in software. Right now, the x86 version of Windows doesn’t even have hidden Copilot+ features that can be enabled with the right settings; they only seem to be included at all in the Arm version of the update.

Unfortunately for Microsoft, the Copilot+ PC program (and, to a lesser extent, the 24H2 update) has become mostly synonymous with the Recall screen recording feature. Microsoft revealed this feature to the public without first sending it through its normal Windows Insider testing program. As soon as security researchers and testers were able to dig into it, they immediately found security holes and privacy risks that could expose a user’s entire Recall database plus detailed screenshots of all their activity to anyone with access to the PC.

Microsoft initially announced that it would release a preview of Recall as scheduled on June 18 with additional security and privacy measures in place. Microsoft would also make the feature off-by-default instead of on-by-default. Shortly after that, the company delayed Recall altogether and committed to testing it publicly in Windows Insider builds like any other Windows feature. Microsoft says that Recall will return, at least to Copilot+ PCs, at some point “in the coming weeks.”

Aside from the Copilot+ generative AI features, which require extra RAM and storage and a PC with a sufficiently fast neural processing unit (NPU), the main Windows 11 system requirements aren’t changing for the 24H2 update. However, there are older unsupported PCs that could run previous Windows 11 versions that will no longer be able to boot 24H2 since it requires a slightly newer CPU to boot.

Windows 11 24H2 is released to the public but only on Copilot+ PCs (for now) Read More »

Microsoft delays Recall again, won’t debut it with new Copilot+ PCs after all

AI, copilot, copilot+ PC, microsoft, microsoft recall, recall, Tech, Windows 11, windows 11 24h2, windows recall / Ryan Harris / June 15, 2024

another setback —

Recall will go through Windows Insider pipeline like any other Windows feature.

Andrew Cunningham – Jun 14, 2024 2: 40 am UTC

Recall is part of Microsoft's Copilot+ PC program. — Enlarge / Recall is part of Microsoft’s Copilot+ PC program.

Microsoft

Microsoft will be delaying its controversial Recall feature again, according to an updated blog post by Windows and Devices VP Pavan Davuluri. And when the feature does return “in the coming weeks,” Davuluri writes, it will be as a preview available to PCs in the Windows Insider Program, the same public testing and validation pipeline that all other Windows features usually go through before being released to the general populace.

Recall is a new Windows 11 AI feature that will be available on PCs that meet the company’s requirements for its “Copilot+ PC” program. Copilot+ PCs need at least 16GB of RAM, 256GB of storage, and a neural processing unit (NPU) capable of at least 40 trillion operations per second (TOPS). The first (and for a few months, only) PCs that will meet this requirement are all using Qualcomm’s Snapdragon X Plus and X Elite Arm chips, with compatible Intel and AMD processors following later this year. Copilot+ PCs ship with other generative AI features, too, but Recall’s widely publicized security problems have sucked most of the oxygen out of the room so far.

The Windows Insider preview of Recall will still require a PC that meets the Copilot+ requirements, though third-party scripts may be able to turn on Recall for PCs without the necessary hardware. We’ll know more when Recall makes its reappearance.

Why Recall was recalled

Recall works by periodically capturing screenshots of your PC and saving them to disk, and scanning those screenshots with OCR to make a big searchable text database that can help you find anything you had previously viewed on your PC.

The main problem, as we confirmed with our own testing, was that all of this was saved to disk with no additional encryption or other protection and was easily viewable and copyable by pretty much any user (or attacker) with access to the PC. Recall was also going to be enabled by default on Copilot+ PCs despite being a “preview,” meaning that users who didn’t touch the default settings were going to have all of this data recorded by default.

This was the version of Recall that was initially meant to ship out to reviewers this week on the first wave of Copilot+ PCs from Microsoft and other PC companies. After security researcher Kevin Beaumont publicized these security holes in that version of Recall, the company promised to add additional encryption and authentication protections and to disable Recall by default. These tweaks would have gone out as an update to the first shipments of Copilot+ PCs on June 18 (reviewers also wouldn’t get systems before June 18, a sign of how much Microsoft was rushing behind the scenes to implement these changes). Now Recall is being pushed back again.

A report from Windows Central claims that Recall was developed “in secret” and that it wasn’t even distributed widely within Microsoft before it was announced, which could explain why these security issues weren’t flagged and fixed before the feature showed up in a publicly available version of Windows.

Microsoft’s Recall delay follows Microsoft President Brad Smith’s testimony to Congress during a House Committee on Homeland Security hearing about the company’s “cascade of security failures” in recent months. Among other things, Smith said that Microsoft would commit to prioritizing security issues over new AI-powered features as part of the company’s recently announced Secure Future Initiative (SFI). Microsoft has also hired additional security personnel and tied executive pay to meeting security goals.

“If you’re faced with the tradeoff between security and another priority, your answer is clear: Do security,” wrote Microsoft CEO Satya Nadella in an internal memo about the SFI announcement. “In some cases, this will mean prioritizing security above other things we do, such as releasing new features or providing ongoing support for legacy systems.”

Recall has managed to tie together all the big Windows and Microsoft stories from the last year or two: the company’s all-consuming push to quickly release generative AI features, its security failures and subsequent promises to do better, and the general degradation of the Windows 11 user interface with unwanted apps, ads, reminders, account sign-in requirements, and other cruft.

Microsoft delays Recall again, won’t debut it with new Copilot+ PCs after all Read More »

Microsoft is reworking Recall after researchers point out its security problems

microsoft, Tech, Windows 11 / Blake Jones / June 7, 2024

recalling recall? —

Windows Hello authentication, additional encryption being added to protect data.

Andrew Cunningham – Jun 7, 2024 4: 59 pm UTC

Microsoft’s upcoming Recall feature in Windows 11 has generated a wave of controversy this week following early testing that revealed huge security holes. The initial version of Recall saves screenshots and a large plaintext database tracking everything that users do on their PCs, and in the current version of the feature, it’s trivially easy to steal and view that database and all of those screenshots for any user on a given PC, even if you don’t have administrator access. Recall also does little to nothing to redact sensitive information from its screenshots or that database.

Microsoft has announced that it’s making some substantial changes to Recall ahead of its release on the first wave of Copilot+ PCs later this month.

“Even before making Recall available to customers, we have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards,” wrote Microsoft Windows and Devices Corporate Vice President Pavan Davuluri in a blog post. “With that in mind we are announcing updates that will go into effect before Recall (preview) ships to customers on June 18.”

First and most significantly, the company says that Recall will be opt-in by default, so users will need to decide to turn it on. It may seem like a small change, but many users never touch the defaults on their PCs, and for Recall to be grabbing all of that data by default definitely puts more users at risk of having their data stolen unawares.

The company also says it’s adding additional protections to Recall to make the data harder to access. You’ll need to enable Windows Hello to use Recall, and you’ll need to authenticate via Windows Hello (whether it’s a face-scanning camera, fingerprint sensor, or PIN) each time you want to open the Recall app to view your data.

Both the screenshots and the SQLite database used for Recall searches are being encrypted and will require Windows Hello authentication to be decrypted. Microsoft described Recall data as “encrypted” before, but there was no specific encryption used for any of the screenshots or the database beyond the Bitlocker full-disk encryption that is turned on by default for most PCs when they sign into a Microsoft account.

That last change should address the biggest problem with Recall: that any user signed in to a PC (or any malware that was able to gain access to the filesystem) could easily view and copy another user’s Recall screenshots and database on the same PC. The text database’s size is measured in kilobytes rather than megabytes or gigabytes, so it wouldn’t take much time to swipe if someone managed to access your system.

Microsoft also reiterated some of its assurances about the privacy and security of Recall writ large, saying that all data is processed locally, that it’s never sent to Microsoft, that you’ll know when Recall has been enabled thanks to taskbar and system tray icons, and that you can disable the feature or exclude specific apps or sites from being snapshotted at your discretion.

All of the new additions to Recall are still being actively developed—current testing builds of Windows 11 still use the unsecured version of Recall, and our review units of the new Surface hardware are being delayed by a week or so, presumably so Microsoft can update them.

Microsoft reiterated that Recall is being released as a preview, a label the company also applies to the Copilot chatbot to deflect criticism of some of its early and ongoing missteps. We’ll need to use the updated version of Recall to see whether the new protections work like they’re supposed to, but it’s at least mildly encouraging to see Microsoft take a beat to rework Recall’s security and default settings before releasing it to the public, even though these are protections should have been present in the first place.

Recall is normally only available on Copilot+ PCs, a new branding banner from Microsoft that applies to PCs with sufficiently fast neural processing units (NPUs), at least 16GB of RAM, and at least 256GB of storage. Existing Windows 11 PCs won’t get Recall, though it can currently be enabled forcibly by the third-party AmperageKit script on Arm PCs that are running version 26100.712 of Windows 11 24H2. It’s possible that tools will exist to enable it on other unsupported PCs later on.

The first wave of Copilot+ PCs will use Qualcomm’s Snapdragon X Elite and X Plus processors exclusively. Intel and AMD systems that meet the Copilot+ requirements won’t be available until later this year, and Microsoft hasn’t said when the Copilot+ features will actually be available for these non-Arm PCs.

Microsoft is reworking Recall after researchers point out its security problems Read More »

Microsoft to test “new features and more” for aging, stubbornly popular Windows 10

microsoft, Tech, Windows 10, windows 10 22h2, Windows 11, windows insider / Mike M. / June 5, 2024

but the clock is still ticking —

Support ends next year, but Windows 10 remains the most-used version of the OS.

Andrew Cunningham – Jun 5, 2024 12: 50 pm UTC

In October 2025, Microsoft will stop supporting Windows 10 for most PC users, which means no more technical support and (crucially) no more security updates unless you decide to pay for them. To encourage adoption, the vast majority of new Windows development is happening in Windows 11, which will get one of its biggest updates since release sometime this fall.

But Windows 10 is casting a long shadow. It remains the most-used version of Windows by all publicly available metrics, including Statcounter (where Windows 11’s growth has been largely stagnant all year) and the Steam Hardware Survey. And last November, Microsoft decided to release a fairly major batch of Windows 10 updates that introduced the Copilot chatbot and other changes to the aging operating system.

That may not be the end of the road. Microsoft has announced that it is reopening a Windows Insider Beta Channel for PCs still running Windows 10, which will be used to test “new features and more improvements to Windows 10 as needed.” Users can opt into the Windows 10 Beta Channel regardless of whether their PC meets the requirements for Windows 11; if your PC is compatible, signing up for the less-stable Dev or Canary channels will still upgrade your PC to Windows 11.

Any new Windows 10 features that are released will be added to Windows 10 22H2, the operating system’s last major yearly update. Per usual for Windows Insider builds, Microsoft may choose not to release all new features that it tests, and new features will be released for the public version of Windows 10 “when they’re ready.”

One thing this new beta program doesn’t change is the end-of-support date for Windows 10, which Microsoft says is still October 14, 2025. Microsoft says that joining the beta program doesn’t extend support. The only way to continue getting Windows 10 security updates past 2025 is to pay for the Extended Security Updates (ESU) program; Microsoft plans to offer these updates to individual users but still hasn’t announced pricing for individuals. Businesses will pay as much as $61 per PC for the first year of updates, while schools will pay as little as $1 per PC.

Beta program or no, we still wouldn’t expect Windows 10 to change dramatically between now and its end-of-support date. We’d guess that most changes will relate to the Copilot assistant, given how aggressively Microsoft has moved to add generative AI to all of its products. For example, the Windows 11 version of Copilot is shedding its “preview” tag and becoming an app that runs in a regular window rather than a persistent sidebar, changes Microsoft could also choose to implement in Windows 10.

Microsoft to test “new features and more” for aging, stubbornly popular Windows 10 Read More »

Windows Recall demands an extraordinary level of trust that Microsoft hasn’t earned

AI, copilot, copilot+ PC, Features, microsoft, NPU, Tech, Windows, Windows 11, windows 11 24h2 / Mike M. / June 4, 2024

Enlarge / The Recall feature as it currently exists in Windows 11 24H2 preview builds.

Andrew Cunningham

Microsoft’s Windows 11 Copilot+ PCs come with quite a few new AI and machine learning-driven features, but the tentpole is Recall. Described by Microsoft as a comprehensive record of everything you do on your PC, the feature is pitched as a way to help users remember where they’ve been and to provide Windows extra contextual information that can help it better understand requests from and meet the needs of individual users.

This, as many users in infosec communities on social media immediately pointed out, sounds like a potential security nightmare. That’s doubly true because Microsoft says that by default, Recall’s screenshots take no pains to redact sensitive information, from usernames and passwords to health care information to NSFW site visits. By default, on a PC with 256GB of storage, Recall can store a couple dozen gigabytes of data across three months of PC usage, a huge amount of personal data.

The line between “potential security nightmare” and “actual security nightmare” is at least partly about the implementation, and Microsoft has been saying things that are at least superficially reassuring. Copilot+ PCs are required to have a fast neural processing unit (NPU) so that processing can be performed locally rather than sending data to the cloud; local snapshots are protected at rest by Windows’ disk encryption technologies, which are generally on by default if you’ve signed into a Microsoft account; neither Microsoft nor other users on the PC are supposed to be able to access any particular user’s Recall snapshots; and users can choose to exclude apps or (in most browsers) individual websites to exclude from Recall’s snapshots.

This all sounds good in theory, but some users are beginning to use Recall now that the Windows 11 24H2 update is available in preview form, and the actual implementation has serious problems.

“Fundamentally breaks the promise of security in Windows”

Enlarge / This is Recall, as seen on a PC running a preview build of Windows 11 24H2. It takes and saves periodic screenshots, which can then be searched for and viewed in various ways.

Andrew Cunningham

Security researcher Kevin Beaumont, first in a thread on Mastodon and later in a more detailed blog post, has written about some of the potential implementation issues after enabling Recall on an unsupported system (which is currently the only way to try Recall since Copilot+ PCs that officially support the feature won’t ship until later this month). We’ve also given this early version of Recall a try on a Windows Dev Kit 2023, which we’ve used for all our recent Windows-on-Arm testing, and we’ve independently verified Beaumont’s claims about how easy it is to find and view raw Recall data once you have access to a user’s PC.

To test Recall yourself, developer and Windows enthusiast Albacore has published a tool called AmperageKit that will enable it on Arm-based Windows PCs running Windows 11 24H2 build 26100.712 (the build currently available in the Windows Insider Release Preview channel). Other Windows 11 24H2 versions are missing the underlying code necessary to enable Recall.

Windows uses OCR on all the text in all the screenshots it takes. That text is also saved to an SQLite database to facilitate faster searches.

Andrew Cunningham
Searching for “iCloud,” for example, brings up every single screenshot with the word “iCloud” in it, including the app itself and its entry in the Microsoft Store. If I had visited websites that mentioned it, they would show up here, too.

Andrew Cunningham

The short version is this: In its current form, Recall takes screenshots and uses OCR to grab the information on your screen; it then writes the contents of windows plus records of different user interactions in a locally stored SQLite database to track your activity. Data is stored on a per-app basis, presumably to make it easier for Microsoft’s app-exclusion feature to work. Beaumont says “several days” of data amounted to a database around 90KB in size. In our usage, screenshots taken by Recall on a PC with a 2560×1440 screen come in at 500KB or 600KB apiece (Recall saves screenshots at your PC’s native resolution, minus the taskbar area).

Recall works locally thanks to Azure AI code that runs on your device, and it works without Internet connectivity and without a Microsoft account. Data is encrypted at rest, sort of, at least insofar as your entire drive is generally encrypted when your PC is either signed into a Microsoft account or has Bitlocker turned on. But in its current form, Beaumont says Recall has “gaps you can drive a plane through” that make it trivially easy to grab and scan through a user’s Recall database if you either (1) have local access to the machine and can log into any account (not just the account of the user whose database you’re trying to see), or (2) are using a PC infected with some kind of info-stealer virus that can quickly transfer the SQLite database to another system.

Windows Recall demands an extraordinary level of trust that Microsoft hasn’t earned Read More »

Biggest Windows 11 update in 2 years nearly finalized, enters Release Preview

Tech, Windows 11, windows 11 24h2 / Mike M. / May 25, 2024

getting there —

24H2 update includes big changes, will be released “later this calendar year.”

Andrew Cunningham – May 23, 2024 7: 39 pm UTC

The Windows 11 24H2 update isn’t scheduled to be released until sometime this fall, but testers can get a near-final version of it early. Microsoft has released Windows 11 24H2 build 26100.712 to its Release Preview testing channel for Windows Insiders, a sign that the update is nearly complete and that the company has shifted into bug-fixing mode ahead of general availability.

Microsoft has generally stuck to smaller but more frequent feature updates during the Windows 11 era, but the annual fall updates still tend to be a bigger deal. They’re the ones that determine whether you’re still eligible for security updates, and they often (but not always) come with more significant under-the-hood changes than the normal feature drops.

Case in point: Windows 11 24H2 includes an updated compiler, kernel, and scheduler, all lower-level system changes made at least in part to better support Arm-based PCs. Existing Windows-on-Arm systems should also see a 10 or 20 percent performance boost when using x86 applications, thanks to improvements in the translation layer (which Microsoft is now calling Prism).

There are more user-visible changes, too. 24H2 includes Sudo for Windows, the ability to create TAR and 7-zip archives from the File Explorer, Wi-Fi 7 support, a new “energy saver” mode, and better support for Bluetooth Low Energy Audio. It also allows users to run the Copilot AI chatbot in a regular resizable window that can be pinned to the taskbar instead of always giving it a dedicated strip of screen space.

Other new Windows features are tied to the 24H2 update but will only be available on Copilot+ PCs, which have their own specific system requirements: 16 GB of memory, 256 GB of storage, and a neural processing unit (NPU) capable of at least 40 trillion operations per second (TOPS). As of right now, the only chips that fit the bill are Qualcomm’s Snapdragon X Plus and X Elite processors, though Intel and AMD systems with faster NPUs should be released later this year. Microsoft will maintain a separate list of processors that support the Copilot+ features.

The biggest 24H2 feature specific to Copilot+ PCs is Recall, which continually takes snapshots of everything you do with your PC so that you can look up your own activities later. This comes with obvious privacy and security risks, though Microsoft says that all of Recall’s data is encrypted on disk and processed entirely locally by the NPU rather than leveraging the cloud. Other Copilot+ features include Live Captions for captioning video files or video calls in real time and features for generating new images and enhancing existing images.

Collectively, all of these changes make 24H2 the most significant Windows 11 release since the 22H2 update came out a year and a half ago. 22H2 has served as the foundation for most new Windows features since then, including the Copilot chatbot, and 23H2 was mostly just a version number change released to reset the clock on Microsoft’s security update timeline.

Despite all of these changes and additions, the 24H2 update is still called Windows 11, still looks like Windows 11, and doesn’t change Windows 11’s official minimum system requirements. Unsupported installs will stop working on a few generations’ worth of older 64-bit x86 CPUs, though these chips are old and slow enough that they wouldn’t run Windows 11 particularly well in the first place.

For people who want to start fresh, ISO files of the release are available from Microsoft’s download page here (this is a slightly older build of the OS, 26100.560, but it should update to the current version with no issues after installation). You can update a current Windows 11 install from the Insider section in the Settings app. Microsoft says to expect the full release “later this calendar year.” Based on past precedent, it’s most likely to come out in the fall, but it will probably ship a bit early on the first wave of Copilot+ Arm PCs that will be available in mid-June.

Biggest Windows 11 update in 2 years nearly finalized, enters Release Preview Read More »

Copilot key is based on a button you probably haven’t seen since IBM’s Model M

AI, copilot, generative ai, Keyboards, laptops, microsoft, Tech, Windows, Windows 11 / Ari B / April 3, 2024

Microsoft chatbot button —

Left-Shift + Windows key + F23

Scharon Harding – Apr 3, 2024 7: 56 pm UTC

A Dell XPS 14 laptop with a Copilot key. — Enlarge / A Dell XPS 14 laptop. The Copilot key is to the right of the right-Alt button.

In January, Microsoft introduced a new key to Windows PC keyboards for the first time in 30 years. The Copilot key, dedicated to launching Microsoft’s eponymous generative AI assistant, is already on some Windows laptops released this year. On Monday, Tom’s Hardware dug into the new addition and determined exactly what pressing the button does, which is actually pretty simple. Pushing a computer’s integrated Copilot button is like pressing left-Shift + Windows key + F23 simultaneously.

Tom’s Hardware confirmed this after wondering if the Copilot key introduced a new scan code to Windows or if it worked differently. Using the scripting program AuthoHotkey with a new laptop with a Copilot button, Tom’s Hardware discovered the keystrokes registered when a user presses the Copilot key. The publication confirmed with Dell that “this key assignment is standard for the Copilot key and done at Microsoft’s direction.”

F23

Surprising to see in that string of keys is F23. Having a computer keyboard with a function row or rows that take you from F1 all the way to F23 is quite rare today. When I try to imagine a keyboard that comes with an F23 button, vintage keyboards come to mind, more specifically buckling spring keyboards from IBM.

IBM’s Model F, which debuted in 1981 and used buckling spring switches over a capacitive PCB, and the Model M, which launched in 1985 and used buckling spring switches over a membrane sheet, both offered layouts with 122 keys. These layouts included not one, but two rows of function keys that would leave today’s 60 percent keyboard fans sweating over the wasted space.

But having 122 keys was helpful for keyboards tied to IBM business terminals. The keyboard layout even included a bank of keys to the left of the primary alpha block of keys for even more forms of input.

Enlarge / An IBM Model M keyboard with an F23 key.

The 122-key keyboard layout with F23 lives on. Beyond people who still swear by old Model F and M keyboards, Model F Labs and Unicomp both currently sell modern buckling spring keyboards with built-in F23 buttons. Another reason a modern Windows PC user might have access to an F23 key is if they use a macro pad.

But even with those uses in mind, the F23 key remains rare. That helps explain why Microsoft would use the key for launching Copilot; users are unlikely to have F23 programmed for other functions. This was also likely less work than making a key with an entirely new scan code.

The Copilot button is reprogrammable

When I previewed Dell’s 2024 XPS laptops, a Dell representative told me that the integrated Copilot key wasn’t reprogrammable. However, in addition to providing some interesting information about the newest PC key since the Windows button, Tom’s Hardware’s revelation shows why the Copilot key is actually reprogrammable, even if OEMs don’t give users a way to do so out of the box. (If you need help, check out the website’s tutorial for reprogramming the Windows Copilot key.)

I suspect there’s a strong interest in reprogramming that button. For one, generative AI, despite all its hype and potential, is still an emerging technology. Many don’t need or want access to any chatbot—let alone Microsoft’s—instantly or even at all. Those who don’t use their system with a Microsoft account have no use for the button, since being logged in to a Microsoft account is required for the button to launch Copilot.

Additionally, there are other easy ways to launch Copilot on a computer that has the program downloaded, like double-clicking an icon or pressing Windows + C, that make a dedicated button unnecessary. (Ars Technica asked Microsoft why the Copilot key doesn’t just register Windows + C, but the company declined to comment. Windows + C has launched other apps in the past, including Cortana, so it’s possible that Microsoft wanted to avoid the Copilot key performing a different function when pressed on computers that use Windows images without Copilot.)

In general, shoehorning the Copilot key into Windows laptops seems premature. Copilot is young and still a preview; just a few months ago, it was called Bing Chat. Further, the future of generative AI, including its popularity and top uses, is still forming and could evolve substantially during the lifetime of a Windows laptop. Microsoft’s generative AI efforts could also flounder over the years. Imagine if Microsoft went all-in on Bing back in the day and made all Windows keyboards have a Bing button, for example. Just because Microsoft wants something to become mainstream doesn’t mean that it will.

This all has made the Copilot button seem more like a way to force the adoption of Microsoft’s chatbot than a way to improve Windows keyboards. Microsoft has also made the Copilot button a requirement for its AI PC certification (which also requires an integrated neural processing unit and having Copilot pre-installed). Microsoft plans to make Copilot keys a requirement for Windows 11 OEM PCs eventually, it told Ars Technica in January.

At least for now, the basic way that the Copilot button works means you can turn the key into something more useful. Now, the tricky part would be finding a replacement keycap to eradicate Copilot’s influence from your keyboard.

Listing image by Microsoft

Copilot key is based on a button you probably haven’t seen since IBM’s Model M Read More »

“Temporary” disk formatting UI from 1994 still lives on in Windows 11

Tech, Windows 11, windows 95, Windows NT / Ari B / March 25, 2024

some things never change —

“It wasn’t elegant, but it would do until the elegant UI arrived.” It never did.

Andrew Cunningham – Mar 25, 2024 4: 39 pm UTC

If you've formatted a disk in Windows in the last 30 years, you may have come across this dialog box. — Enlarge / If you’ve formatted a disk in Windows in the last 30 years, you may have come across this dialog box.

Andrew Cunningham

Windows 11 has done a lot to update and modernize long-neglected parts of Windows’ user interface, including many Settings menus and venerable apps like Notepad and Paint. But if you dig deep enough, you’ll still find parts of the user interface that look and work like they did in the mid-’90s, either for compatibility reasons or because no one ever thought to go back and update them.

Former Microsoft programmer Dave Plummer shared some history about one of those finely aged bits: the Format dialogue box, which is still used in fully updated Windows 11 installs to this day when you format a disk using Windows Explorer.

Plummer says he wrote the Format dialog in late 1994, when the team was busy porting the user interface from the consumer-focused Windows 95 (released in mid-1995) to the more-stable but more resource-intensive Windows NT (NT 4.0, released in mid-1996, was the first to use the 95-style UI).

Formatting disks “was just one of those areas where Windows NT was different enough from Windows 95 that we had to come up with some custom UI,” wrote Plummer on X, formerly Twitter. Plummer didn’t specify what those differences were, but even the early versions of Windows NT could already handle multiple filesystems like FAT and NTFS, whereas Windows 95 mostly used FAT16 for everything.

“I got out a piece of paper and wrote down all the options and choices you could make with respect to formatting a disk, like filesystem, label, cluster size, compression, encryption, and so on,” Plummer continued. “Then I busted out [Visual] C++ 2.0 and used the Resource Editor to lay out a simple vertical stack of all the choices you had to make, in the approximate order you had to make. It wasn’t elegant, but it would do until the elegant UI arrived. That was some 30 years ago, and the dialog is still my temporary one from that Thursday morning, so be careful about checking in ‘temporary’ solutions!”

The Windows NT version of the Format dialog is the one that survives today because the consumer and professional versions of Windows began using the NT codebase in the late ’90s and early 2000s with the Windows 2000 and Windows XP releases. Plenty has changed since then, but system files like the kernel still have “Windows NT” labels in Windows 11.

Plummer also said the Format tool’s 32GB limit for FAT volumes was an arbitrary decision he made that we’re still living with among modern Windows versions—FAT32 drives formatted at the command line or using other tools max out between 2TB and 16TB, depending on sector size. It seems quaint, but PC ads from late 1994 advertise hard drives that are, at most, a few hundred megabytes in size, and 3.5-inch 1.44MB floppies and CD-ROM drives were about the best you could do for removable storage. From that vantage point, it would be hard to conceive of fingernail-sized disks that could give you 256GB of storage for $20.

Plummer was involved with many bits and pieces of ’90s- and early 2000s-era MS-DOS and Windows apps, including the Task Manager, the Space Cadet Pinball game, and the first version of the product activation system that shipped with Windows XP. Plummer left Microsoft in 2003.

Listing image by Getty

“Temporary” disk formatting UI from 1994 still lives on in Windows 11 Read More »

Windows Notepad’s midlife renaissance continues with spellcheck and autocorrect

notepad, Tech, Windows 11 / Ryan Harris / March 22, 2024

noteworthy —

Now Windows’ only built-in text editor, there’s more room for Notepad to grow.

Andrew Cunningham – Mar 22, 2024 3: 01 pm UTC

Enlarge / “Notepad.exe but with spellcheck” looks pretty much exactly like you’d expect it to.

Microsoft

Whatever else you can say about Windows 11—and whatever you think about its pushy tendencies and the Copilot feature that has been rolled out to pretty much everyone despite being labeled a “preview”—the operating system has ushered in a bit of a renaissance for decades-old built-in apps like Paint and Notepad.

Notepad’s development in particular has been striking; it had gotten small under-the-hood updates over the years, but in many ways, the version that was still in Windows 11 at launch in 2021 was the same app that Microsoft shipped with Windows XP, Windows 95, Windows 3.1, or even Windows 1.0.

An updated version of Notepad currently rolling out to Windows Insiders in the Canary and Dev channels is adding two more modern features to the old app: spellcheck and autocorrect. Per usual, spellcheck in Notepad highlights misspellings with red squiggly underlines, and right-clicking the word or pressing Shift + F10 will pop up a short menu of suggested fixes.

Recognizing that Notepad is often used to view or edit log or config files, Microsoft says that spellcheck “is off by default in log files and other file types typically associated with coding.” Spellcheck can be enabled or disabled for any given file type (or for individual files) in Notepad’s settings. Individual words can also be ignored in that document or added to your dictionary so they’ll always be ignored in every document you open.

If you’re upgrading from the Windows 10 version of Notepad, the spellcheck and autocorrect features join the tabbed interface, redesigned Settings screen, an auto-resume feature, and a handful of other tricks that the app has learned throughout Windows 11’s development.

Notepad is still well short of becoming a rich text editor, but there’s room for it to pick up a few more basic text and document editing features since Microsoft formally killed off WordPad in a recent Windows 11 update. Unlike Notepad, WordPad had been mostly left alone since a Windows 7-era refresh that added a user interface ribbon like the one in the (then-current) Office 2007 update. For free-of-charge rich text editing, Microsoft pushes users toward the online version of Microsoft Word instead.

Microsoft is currently testing Windows 11 24H2 in the Canary and Dev Windows Insider channels, a preview of this fall’s major update that will mark the operating system’s third anniversary. Updates to Notepad and other apps could roll out before then, though, in keeping with Microsoft’s “release them when they’re ready” approach to feature additions in the Windows 11 era.

Windows Insiders also got some new Paint features earlier this month; Microsoft tweaked the way the brush size selector works and has added the option to designate one of your image layers as the background layer. Wonders never cease.

Windows Notepad’s midlife renaissance continues with spellcheck and autocorrect Read More »