this post was submitted on 03 Sep 2024
907 points (99.2% liked)

Technology

59542 readers
4131 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Who is surprised?

you are viewing a single comment's thread
view the rest of the comments
[–] Andromxda@lemmy.dbzer0.com 32 points 2 months ago (3 children)

Hmm, I wonder if there could be an exploit where Recall is covertly turned on, so it can be used to exfiltrate data. Not a good idea to basically have a surveillance rootkit sitting passively on your system, with no ability to remove it, just waiting to get abused by attackers. But using this proprietary garbage OS nowadays isn't a good idea in general and there is a much better alternative.

[–] scutiger@lemmy.world 5 points 2 months ago (1 children)

Windows does have its own command-line package manager. I don't know if it can remove Recall, but last I checked it could remove Cortana. It would just get reinstalled soon after, but that could be prevented with some file-naming trickery. If you give a file the same name as the folder used to have and make it read-only, it couldn't remake the folder and wouldn't reinstall.

I wouldn't be surprised if you can still do that now.

[–] Andromxda@lemmy.dbzer0.com 6 points 2 months ago (2 children)

Which one do you mean? Winget which is their newest attempt at creating a package manager that isn't an absolute piece of garbage, or their crappy CLI for managing MSIX/APPX modules? Because I remember using the latter to try and remove Cortana back when I first tried Windows 10. Fast forward, I removed all the garbage I didn't need, applied a Windows update, restarted my PC and it was all reinstalled. I wiped that SSD the same day and went back to Linux. This was the last time I used Windows on any of my personal devices.

[–] scutiger@lemmy.world 8 points 2 months ago

I was talking about Appx. I haven't used Windows in a while, but that was how I got rid of Cortana. The key part was the read-only file named after the folder that couldn't be replaced.

[–] r_deckard@lemmy.world -1 points 2 months ago (1 children)

I'd say you didn't actually remove the garbage. "Settings, apps, uninstall" doesn't really get rid of it, the deployment package is still hanging around.

You need to use powershell to de-deploy those packages.

It's a bit like the difference between "apt remove" and "apt purge"

[–] Andromxda@lemmy.dbzer0.com 1 points 2 months ago

You need to use powershell to de-deploy those packages.

Oh I did, I spent hours looking up different pwsh commands and package names to clean it all up

[–] r_deckard@lemmy.world 1 points 2 months ago (1 children)

There's always the Microsoft telemetry blocklist in pihole. If you can't stop the computer collecting the data, you can stop MS getting hold of it.

[–] Andromxda@lemmy.dbzer0.com 1 points 2 months ago

It's not a 100% guarantee, they can easily bypass your DNS by either just connecting to another DNS sever over plain, unencrypted DNS (UDP on 53), or use something more sophisticated like DNS-over-TLS or DNS-over-HTTPS.

You can reroute unencrypted DNS requests to your Pi-Hole using a firewall like OPNSense, but things get more complicated with DoT and DoH