this post was submitted on 03 Sep 2024
897 points (99.2% liked)
Technology
58125 readers
3857 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Hmm, I wonder if there could be an exploit where Recall is covertly turned on, so it can be used to exfiltrate data. Not a good idea to basically have a surveillance rootkit sitting passively on your system, with no ability to remove it, just waiting to get abused by attackers. But using this proprietary garbage OS nowadays isn't a good idea in general and there is a much better alternative.
Malware developers don't even need to have their malware running anymore to grab keylogs and screenshots.
Just enable Recall, schedule your malware for a month from now and it doesn't even have to run anymore.
Windows does have its own command-line package manager. I don't know if it can remove Recall, but last I checked it could remove Cortana. It would just get reinstalled soon after, but that could be prevented with some file-naming trickery. If you give a file the same name as the folder used to have and make it read-only, it couldn't remake the folder and wouldn't reinstall.
I wouldn't be surprised if you can still do that now.
Which one do you mean? Winget which is their newest attempt at creating a package manager that isn't an absolute piece of garbage, or their crappy CLI for managing MSIX/APPX modules? Because I remember using the latter to try and remove Cortana back when I first tried Windows 10. Fast forward, I removed all the garbage I didn't need, applied a Windows update, restarted my PC and it was all reinstalled. I wiped that SSD the same day and went back to Linux. This was the last time I used Windows on any of my personal devices.
I was talking about Appx. I haven't used Windows in a while, but that was how I got rid of Cortana. The key part was the read-only file named after the folder that couldn't be replaced.
I'd say you didn't actually remove the garbage. "Settings, apps, uninstall" doesn't really get rid of it, the deployment package is still hanging around.
You need to use powershell to de-deploy those packages.
It's a bit like the difference between "apt remove" and "apt purge"
Oh I did, I spent hours looking up different pwsh commands and package names to clean it all up
There's always the Microsoft telemetry blocklist in pihole. If you can't stop the computer collecting the data, you can stop MS getting hold of it.
It's not a 100% guarantee, they can easily bypass your DNS by either just connecting to another DNS sever over plain, unencrypted DNS (UDP on 53), or use something more sophisticated like DNS-over-TLS or DNS-over-HTTPS.
You can reroute unencrypted DNS requests to your Pi-Hole using a firewall like OPNSense, but things get more complicated with DoT and DoH