Who is surprised?

  • Andromxda 🇺🇦🇵🇸🇹🇼
    link
    fedilink
    English
    322 months ago

    Hmm, I wonder if there could be an exploit where Recall is covertly turned on, so it can be used to exfiltrate data. Not a good idea to basically have a surveillance rootkit sitting passively on your system, with no ability to remove it, just waiting to get abused by attackers. But using this proprietary garbage OS nowadays isn’t a good idea in general and there is a much better alternative.

    • @scutiger
      link
      English
      52 months ago

      Windows does have its own command-line package manager. I don’t know if it can remove Recall, but last I checked it could remove Cortana. It would just get reinstalled soon after, but that could be prevented with some file-naming trickery. If you give a file the same name as the folder used to have and make it read-only, it couldn’t remake the folder and wouldn’t reinstall.

      I wouldn’t be surprised if you can still do that now.

      • Andromxda 🇺🇦🇵🇸🇹🇼
        link
        fedilink
        English
        62 months ago

        Which one do you mean? Winget which is their newest attempt at creating a package manager that isn’t an absolute piece of garbage, or their crappy CLI for managing MSIX/APPX modules? Because I remember using the latter to try and remove Cortana back when I first tried Windows 10. Fast forward, I removed all the garbage I didn’t need, applied a Windows update, restarted my PC and it was all reinstalled. I wiped that SSD the same day and went back to Linux. This was the last time I used Windows on any of my personal devices.

        • @scutiger
          link
          English
          82 months ago

          I was talking about Appx. I haven’t used Windows in a while, but that was how I got rid of Cortana. The key part was the read-only file named after the folder that couldn’t be replaced.

        • Not a replicant
          link
          English
          -12 months ago

          I’d say you didn’t actually remove the garbage. “Settings, apps, uninstall” doesn’t really get rid of it, the deployment package is still hanging around.

          You need to use powershell to de-deploy those packages.

          It’s a bit like the difference between “apt remove” and “apt purge”

          • Andromxda 🇺🇦🇵🇸🇹🇼
            link
            fedilink
            English
            12 months ago

            You need to use powershell to de-deploy those packages.

            Oh I did, I spent hours looking up different pwsh commands and package names to clean it all up

    • Not a replicant
      link
      English
      12 months ago

      There’s always the Microsoft telemetry blocklist in pihole. If you can’t stop the computer collecting the data, you can stop MS getting hold of it.