I have been Binging it on with Bing rewards for close to a decade now and while I would occasionally need to switch to google that was pretty rare and I am a heavy internet user. There legitimately might have been a stretch of over a year where Bing was totally fine and I didn't even need to google it on.

Bing has recently become r-slurred. It can't tell me basic facts. Every search is bumped down the screen so that copilot can go on a watchmojo rant about how I can solve my problem. It is always wrong. After I scroll past the numbered list I am greeted by the worst search results I have ever seen in my life.

Some exaggeration was used for comedic effect but this next part is 100% true. Every time I click on one of bing's top links I am sent to an article that was written by or . It's always:

"When does the next smiling friends episode air"

"WHEN DOES THE NEXT SMILING FRIENDS EPISODE AIR?

Hello sir smiling friends is a show. It is a show on cartoon network's ADULT SWIM. It is known for its edgy but clever comedy! Here we will tell you when it airs. It airs typically not during the week but on Friday - Monday, the weekend. In this article we will go over when those air dates are so you can enjoy this most harmonious form of televised entertainment. Read on to see the exact air dates and times. We will do our best to give you the most true an honest results. Scroll on to find the answer to all your questions and more!

THE SHOW

(paragraph poorly explaining the show)

WHEN DOES THE NEXT EPISODE AIR?

Smiling friends is a great show and its very popular so many people want to know when the next episode will air! These typically happen on weekends, which can be any time from Friday to Monday. We will do our best to tell you exactly when it will air but sometimes that information isn't known very far in advance! The show's second season aired on May 24th. Smiling friends is actually in its second season after a very successful first-season run last year! Some readers might want to know when the 6th episode, (the next one to come out) will air. That answer is June 10th"

(3 more paragraphs of vapid nonsense)

What the FRICK. If you just bing "When does the next smiling friends episode air" on google it tells you the date you don't even need to click on robojeet's article.

If you bing "When does the next smiling friends episode air" on bing it just straight up tells you the wrong answer. I thought I went overboard but even if you click on bings first link it is fricking talking about birdgirl. This is an MSN article. I don't know what the frick bird girl is.

Personally I think the AI artists could have done better.

Only #5 is good IMO. (For AI art, they all cute)

hhhhhhhhhhhhhhhhhhheeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeelp

https://www.healthline.com/health-news/bird-flu-u-s-could-produce-and-ship-100-million-vaccine-doses-within-months

A Chinese AI video generator just dropped before we got access to Sora

Can generate 2-minute videos at 30fps, 1080p quality, available on the KWAI iOS app with a Chinese phone number

A few generations from their site:

1. pic.twitter.com/NEmWiqKHiO

— Rowan Cheung (@rowancheung) June 6, 2024

Can any of our chinese dramatards verify this

https://kling.kuaishou.com/

@X please ping the needful

This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.

On May, 20th 2024 Microsoft announced it's new Copilot+ PCs running on ARM architecture.

With this, they also announced Windows Copilot+ Recall which will be released on 18. June 2024.

Retrace your steps with Recall Search across time to find the content you need. Then, re-engage with it. With Recall, you have an explorable timeline of your PC's past. Just describe how you remember it and Recall will retrieve the moment you saw it. Any photo, link, or message can be a fresh point to continue from. As you use your PC, Recall takes snapshots of your screen. Snapshots are taken every five seconds while content on the screen is different from the previous snapshot. Your snapshots are then locally stored and locally analyzed on your PC. Recall's analysis allows you to search for content, including both images and text, using natural language. Trying to remember the name of the Korean restaurant your friend Alice mentioned? Just ask Recall and it retrieves both text and visual matches for your search, automatically sorted by how closely the results match your search. Recall can even take you back to the exact location of the item you saw.

Requirements

To run or use this feature, you need to have one of the new CoPilot+ PCs running on ARM. Some of them can be found here

How can I play with it if it's not released yet?

Some smart folks released AmperageKit, which shows how you can either emulate such an ARM machine locally or spin one up on Azure. I opted for the latter.

Technical Details

Earlier this month, Microsoft's CEO emailed all their staff saying “If you're faced with the tradeoff between security and another priority, your answer is clear: Do security.”

So, do they? Not quite. Windows Recall stores everything locally in an unencrypted SQLite database, and the screenshots are simply saved in a folder on your PC. Here's where you can find them:

C:\Users$USER\AppData\Local\CoreAIPlatform.00\UKP{GUID}

The images are all stored in the following subfolder

.\ImageStore\

The database, ukg.db, is relatively straightforward in its structure, but it holds a wealth of information.

So what does the tool do?

TotalRecall copies the databases and screenshots and then parses the database for potentially interesting artifacts. You can define dates to limit the extraction as well as search for strings (that were extracted via Recall OCR) of interest. There is no rocket science behind all this. It's very basic SQLite parsing.

$ totalrecall.py -h

usage: totalrecall.py [-h] [--from_date FROM_DATE] [--to_date TO_DATE] [--search SEARCH]

Extract and display Windows Recall data.

options:

-h, --help show this help message and exit

--from_date FROM_DATE The start date in YYYY-MM-DD format.

--to_date TO_DATE The end date in YYYY-MM-DD format.

--search SEARCH

Search term for text recognition data.

Example Output

$ totalrecall.py --search password --from_date 2024-06-04 --to_date 2024-06-04

📁 Recall folder found: C:\Users\alex\AppData\Local\CoreAIPlatform.00\UKP{D87DDB65-90BE-4399-BB1B-5BEB0B1D12CB}

🟢 Windows Recall feature found. Do you want to proceed with the extraction? (yes/no): yes

📂 Creating extraction folder: C:\Users\alex\Downloads\TotalRecall\2024-06-04-13-49_Recall_Extraction

🪟 Captured Windows: 133

📸 Images Taken: 36

🔍 Search results for 'password': 22

📄 Summary of the extraction is available in the file:

C:\Users\alex\Downloads\TotalRecall\2024-06-04-13-49_Recall_Extraction\TotalRecall.txt

📂 Full extraction folder path:

C:\Users\alex\Downloads\TotalRecall\2024-06-04-13-49_Recall_Extraction

How TotalRecall Works

Data Extraction:

TotalRecall copies the ukg.db database and the ImageStore folder to a specified extraction folder. This ensures the original data remains intact while you explore the extracted data.

Database Parsing:

It parses the SQLite database to extract potentially interesting artifacts, such as window titles, timestamps, and image tokens. The tool looks for entries that match the criteria you specify (e.g., date range, search terms).

Screenshot Management:

TotalRecall renames the image files in the ImageStore folder with a .jpg extension if they don't already have one. This makes it easier to view and manage the screenshots.

Search Functionality:

You can search for specific terms within the database, leveraging the Optical Character Recognition (OCR) capabilities of Windows Recall. This means you can find text that appeared on your screen, even if it was within an image.

Output Generation:

The tool generates a summary of the extracted data, including counts of captured windows and images taken. It also creates a detailed report in a text file, listing all the captured data and search results.

Key Features

Date Filtering:

Specify start and end dates to limit the extraction to a particular time frame.

Text Search:

Search for specific text within the captured data, making it easy to find relevant information.

Comprehensive Reports:

Generate detailed reports summarizing the captured windows, images, and search results, all stored in a TotalRecall.txt file for easy reference.

TotalRecall provides a straightforward way to explore the data collected by Windows Recall. It's no rocket science whatsoever.

FAQ

Kevin Beaumont (@GossiTheDog) wrote a very good article about the Recall disaster as well with a spot-on FAQ that I will blatantly steal with his permission.

Q. The data is processed entirely locally on your laptop, right?

A. Yes! They made some smart decisions here, there's a whole subsystem of Azure AI etc code that process on the edge.

Q. Cool, so hackers and malware can't access it, right?

A. No, they can.

Q. But it's encrypted.

A. When you're logged into a PC and run software, things are decrypted for you. Encryption at rest only helps if somebody comes to your house and physically steals your laptop — that isn't what criminal hackers do.

For example, InfoStealer trojans, which automatically steal usernames and passwords, are a major problem for well over a decade — now these can just be easily modified to support Recall.

Q. But the BBC said data cannot be accessed remotely by hackers.

A. They were quoting Microsoft, but this is wrong. Data can be accessed remotely.

This is what the journ*list was told for some reason:

Q. Microsoft say only that user can access the data.

A. This isn't true, I can demonstrate another user account on the same device accessing the database.

Q. So how does it work?

A. Every few seconds, screenshots are taken. These are automatically OCR'd by Azure AI, running on your device, and written into an SQLite database in the user's folder.

This database file has a record of everything you've ever viewed on your PC in plain text. OCR is a process of looking an image, and extracting the letters.

Q. What does the database look like?

A:

Q. How do you obtain the database files?

A. They're just files in AppData, in the new CoreAIPlatform folder.

Q. But it's highly encrypted and nobody can access them, right?!

A. Here's a few second video of two Microsoft engineers accessing the folder:

Q. …But, normal users don't run as admins!

A. According to Microsoft's own website, in their Recall rollout page, they do:

In fact, you don't even need to be an admin to read the database — more on that in a later blog.

Q. But a UAC prompt appeared in that video, that's a security boundary.

A. According to Microsoft's own website (and MSRC), UAC is not a security boundary:

Q. So… where is the security here?

A. They have tried to do a bunch of things but none of it actually works properly in the real world due to gaps you can drive a plane through.

Q. Does it automatically not screenshot and OCR things like financial information?

A. No:

Q. How large is the database?

A. It compresses well, several days working is around ~90kb. You can exfiltrate several months of documents and key presses in the space of a few seconds with an average broadband connection.

Q. How fast is search?

On device, really fast.

Q. Have you exfiltrated your own Recall database?

A. Yes. I have automated exfiltration, and made a website where you can upload a database and instantly search it.

I am deliberately holding back technical details until Microsoft ship the feature as I want to give them time to do something.

I actually have a whole bunch of things to show and think the wider cyber community will have so much fun with this when generally available.. but I also think that's really sad, as real world harm will ensue.

Q. What kind of things are in the database?

A. Everything a user has ever seen, ordered by application. Every bit of text the user has seen, with some minor exceptions (e.g. Microsoft Edge InPrivate mode is excluded, but Google Chrome isn't).

Every user interaction, e.g. minimizing a window. There is an API for user activity, and third party apps can plug in to enrich data and also view store data.

It also stores all websites you visit, even if third party.

Q. If I delete an email/WhatsApp/Signal/Teams message, is it deleted from Recall?

A. No, it stays in the database indefinitely.

Q. Are auto deleting messages in messaging apps removed from Recall?

A. No, they're scraped by Recall and available.

Q. But if a hacker gains access to run code on your PC, it's already game over!

A. If you run something like an info stealer, at present they will automatically scrape things like credential stores. At scale, hackers scrape rather than touch every victim (because there are so many) and resell them in online marketplaces.

Recall enables threat actors to automate scraping everything you've ever looked at within seconds.

During testing this with an off the shelf infostealer, I used Microsoft Defender for Endpoint — which detected the off the shelve infostealer — but by the time the automated remediation kicked in (which took over ten minutes) my Recall data was already long gone.

Q. Does this enable mass data breaches of website?

A. Yes. The next time you see a major data breach where customer data is clearly visible in the breach, you're going to presume company who processes the data are at fault, right?

But if people have used a Windows device with Recall to access the service/app/whatever, hackers can see everything and assemble data dumps without the company who runs the service even being aware. The data is already consistently structured in the Recall database for attackers.

So prepare for AI powered super breaches. Currently credential marketplaces exist where you can buy stolen passwords — soon, you will be able to buy stolen customer data from insurance companies etc as the entire code to do this has been preinstalled and enabled on Windows by Microsoft.

Q. Did Microsoft mislead the BBC about the security of Copilot?

A. Yes.

Q. Have Microsoft mislead customers about the security of Copilot?

A. Yes. For example, they describe it as an optional experience — but it is enabled by default and people can optionally disable it. That's wordsmithing.

Microsoft's CEO referred to “screenshots” in an interview about the product, but the product itself only refers to “snapshots” — a snapshot is actually a screenshot. It's again wordsmithing for whatever reason. Microsoft just need to be super clear about what this is, so customers can make an informed choice.

Q. Recall only applies to 1 hardware device!

A. That isn't true. There are currently 10 Copilot+ devices available to order right now from every major manufacturer:

https://www.microsoft.com/en-gb/windows/copilot-plus-pcs#shop

Additionally, Microsoft's website say they are working on support for AMD and Intel chipsets. Recall is coming to Windows 11.

Q. How do I disable Recall?

A. In initial device setup for compatible Copilot+ devices out of the box, you have to click through options to disable Recall.

In enterprise, you have to turn off Recall as it is enabled by default:

WindowsAI Policy CSP - Windows Client Management

Learn more about the WindowsAI Area in Policy CSP

learn.microsoft.com

The Group Policy object for this has apparently been renamed (the MS documentation is incorrect):

Q. What are the privacy implications? Isn't this against GDPR?

A. I am not a privacy person or a legal person.

I will say that privacy people I've talked to are extremely worried about the impacts on households in domestic abuse situations and such.

Obviously, from a corporate point of view organisations should absolutely consider the risk of processing customer data like this — Microsoft won't be held responsible as the data processor, as it is done at the edge on your devices — you are responsible here.

Q. Are Microsoft a big, evil company?

A. No, that's insanely reductive.They're super smart people, and sometimes super smart people make mistakes. What matters is what they do with knowledge of mistakes.

Q. Aren't you the former employee who hates Microsoft?

A. No. I just wrote a blog this month praising them:

Breaking down Microsoft's pivot to placing cybersecurity as a top priority

My thoughts on Microsoft's last chance saloon moment on security

doublepulsar.com

Q. Is this really as harmful as you think?

A. Go to your parents house, your grandparents house etc and look at their Windows PC, look at the installed software in the past year, and try to use the device. Run some antivirus scans. There's no way this implementation doesn't end in tears — there's a reason there's a trillion dollar security industry, and that most problems revolve around malware and endpoints.

Q. What should Microsoft do?

A. In my opinion — they should recall Recall and rework it to be the feature it deserves to be, delivered at a later date. They also need to review the internal decision making that led to this situation, as this kind of thing should not happen.

https://github.com/xaitax/TotalRecall

https://github.com/thebookisclosed/AmperageKit

!chuds

pic.twitter.com/gmh0sxme4v

— tk (@tomkysar) June 5, 2024

ITS OVER.

https://hexdocs.pm/google_api_content_warehouse/api-reference.html

https://hexdocs.pm/google_api_content_warehouse/0.4.0/GoogleApi.ContentWarehouse.V1.Model.QualityNavboostCrapsCrapsData.html#module-attributes

https://hexdocs.pm/google_api_content_warehouse/0.4.0/GoogleApi.ContentWarehouse.V1.Model.QualityNavboostCrapsCrapsClickSignals.html#module-attributes

A collection of 2,500 leaked internal documents from Google filled with details about data the company collects is authentic, the company confirmed today. Until now, Google had refused to comment on the materials.

https://www.theverge.com/2024/5/29/24167407/google-search-algorithm-documents-leak-confirmation

https://ipullrank.com/google-algo-leak

https://sparktoro.com/blog/an-anonymous-source-shared-thousands-of-leaked-google-search-api-documents-with-me-everyone-in-seo-should-see-them/

Internal documentation for Google Search's Content Warehouse API has leaked. Google's internal microservices appear to mirror what Google Cloud Platform offers and the internal version of documentation for the deprecated Document AI Warehouse was accidentally published publicly to a code repository for the client library. The documentation for this code was also captured by an external automated documentation service.

Based on the change history, this code repository mistake was fixed on May 7th, but the automated documentation is still live. In efforts to limit potential liability, I won't link to it here, but because all the code in that repository was published under the Apache 2.0 license, anyone that came across it was granted a broad set of rights, including the ability to use, modify, and distribute it anyway.

https://github.com/googleapis/elixir-google-api/blob/main/clients/content_warehouse/lib/google_api/content_warehouse/v1/api/projects.ex

https://www.blackhatworld.com/seo/google-search-api-documents-leak.1602216/

!chuds OMG

Yeah every single video is just scrolling the text of a SO question. Yeah great job bastard, frick you.

!g*mers

reminder of who caused this in the first place

https://www.vanityfair.com/news/2021/10/nih-admits-funding-risky-virus-research-in-wuhan

https://theintercept.com/2021/09/09/covid-origins-gain-of-function-research/

https://www.yahoo.com/news/nih-admits-funding-gain-function-125103852.html

https://www.cnn.com/2023/02/28/politics/wray-fbi-covid-origins-lab-china/index.html

https://www.cnn.com/2023/02/26/politics/covid-lab-leak-wuhan-china-intelligence/index.html

This guy was a real jerk. I have a no-compete contract with him and he tried to go around me, plus he cussed me out over the phone.

I wasn't going to worry about the $25 he owes me, but after all that I think I'd like to at least open collections against him.

People in the thread question whether it is a good use of his time to go to small claims court, final comment tells him to set aside his bruised ego.

A crazy experience — I lost my earbuds in a remote town in Chile, so tried buying a new pair at the airport before flying out. But the new wired, iPhone, lightning-cable headphones didn't work. Strange.

So I went back and swapped them for another pair, from a different brand.…

— Josh Whiton (@joshwhiton) May 30, 2024

what is dear moon?

Dear moon is a mission that was set to take 11 people to orbit the moon on SpaceX's Starship. It is fully funded by Yusaku Maezawa, a crazy Japanese billionaire who has previously visited the ISS, and he is taking 10 "communicators" with him. The "communicators" had to post videos justifying why they should be chosen in a public competition to be selected personally by Maezawa. The end result was a group of humanity's finest with everything from Kpop stars to youtubers or turbo woke writers . This is an unironic serious project, Elon Musk has talked about it and there were actual plans.

Here's the full crew:

• Yusaku Maezawa

  • Commander, crazy billionaire

• Steve Aoki

  • DJ

• Tim Dodd

  • YouTuber

• Yemi A.D

  • Dancer & grifter or something idk

• Rhiannon Adam

  • queer Irish woke writer & serial tweeter

• Karim Iliya

  • Unknown photographer

• Brendan Hall

  • Unknown filmmaker

• Dev Joshi

  • Bollywood actor

• Choi Seung-hyun

  • kpoop

Unfortunately for them (but luckily for God and any Aliens that would be forced to see them) the mission has just been cancelled. The original timeline was to launch in late 2023 but realistically there is no way for it to launch before 2028 . The official reason for the cancellation is due to the delays and uncertainty. 2023 was never a realistic target in the first place and delays are common in aerospace projects so chances are it might have more to do with him losing half his net-worth over the last year

Anyways, no matter the reason most of these "communicators" are left in shambles as their spaceflight dream is crushed from one second to the other. Maezawa didn't event bother to let them know before cancelling publicly in a tweet lmao

it's over

Tim Dodd

Tim Dodd, the everyday astronaut, commonly referred to as the everyday estronaut is probably one of the few with a genuine passion for space. He makes generally high quality videos on decently advanced rocketry stuff and is actually pretty cool. During his livestream of the first starship testflight he shouted "I'M GOING TO RIDE THAT THING!" which we now know he never will. Makes me kind of sad to see tbh

Tim then posted this to twitter

And just like that, the dreams of my crew are over.

I have such mixed emotions about dearMoon's cancellation. Of course I'm extremely disappointed, having dreamt about this mission since I first heard about it in 2018 and even more for the last 3 years since the selection process started. I slowly allowed myself to envision a trip to the Moon one little bit by little bit. On the other hand, I have guilt about being upset about a gift that was retracted. A part of me doesn't feel I'm entitled to grieve since I wasn't entitled to this mission in the first place. But the reality is, I'll need to allow myself to grieve this loss as it became a big part of my life, my dreams, and my visions.

Going to space has never been a thing I've actively pursued in general. It's not a goal of Everyday Astronaut. It was simply a cherry on top. Granted, a HUGE cherry, but I'll be just fine without this mission. I'm extremely fortunate to have the life and the career I have and this mission's cancellation changes none of that. In fact, I've gained new friends, had new adventures and learned more about myself in the last three years because of dearMoon. Unfortunately, I can't speak for everyone on the crew who all have different emotions, consequences and realities of this cancellation. For those who this affects the most, my heart goes out to them.

The one thing I have a hard time reconciling is the timeline. Had I known this could have ended within a year and a half of it being publicly announced, I would've never agreed to it. We had no prior knowledge of this possibility. I voiced my opinions, even before the announcement, that it was improbable for dearMoon to happen in the next few years.

I still firmly believe that, within my lifetime, we will see missions like this happen, and while I will never be the first to do such a mission, it brings me great joy to know the future is bright and exciting. And I'm proud to be able to continue to cheer those on who will do these exciting firsts! I'll still be here to help explain rocket science to anyone who will listen to me babble on about spaceflight.

In 2018 I started looking at the Moon and imagining artists going around it, then as the selection process narrowed, I allowed myself to imagine going around it. But unfortunately now every time I look at the Moon, it's a painful reminder of dreams lost. But I will continue on as I always have, one giddy rocket nerd who's here to witness history, absorb as much knowledge as I can, and break down what I learn for my fellow everyday person.

I love you all, thank you for the ongoing support and encouragement at this time.

Rhiannon Adam (histrionic foid)

This is the most insane, narcissistic & histrionic foid I have ever seen. Every single tweet in her 30 (that's right) long chain is absolutely deranged. It's hard to just pick a few but here are some highlights. Her timeline is also filled to the brim sneeding about this. https://twitter.com/blackbirdsfly/status/1796883320577376406

As a queer person too, it has taken a lifetime of unlearning to believe that I could be deserving, and in an instant, I have retraced 30 years. This is also deeply ironic considering today is day 1 of pride month.

NOOO NOT DURING PRIDE MONTH

A couple of days ago, I shared an image of Gaza. Or rather a pair of images. The first, in September 2023, and then later in October 2023. Side by side, they showed a bird eye view of Gaza viewed from space. The first, light filled, glowing.

This is just like getting bombed in Gaza

I truly believe that we need artists and writers in space, and that is a mission I will also be channeling my energy into. I believe it's worth fighting for. Heck, I even thought it was worth potentially dying for.

I guess they could be useful as ballast

This is why we need cultural critics to pay attention. Space becomes a dangerous place when a diversity of people and viewpoints are not represented. Diversity is our check and balance.

Less phallic rockets

And not so much as an offer of a therapy session to get over the shock. There has been no care at all towards the crew which is the most irresponsible and tone deaf approach I've ever witnessed. I'm shocked.

This is beyond parody

This mission was there to inspire world peace. Ironically, I write this as the world is falling to pieces. We needed our new earth rise image to unite us all. We needed a new perspective.

THE WORLD IS FALLING APART

She looks exactly like you would expect btw

!spacechads