I hate these kind of “saves power” things in windows settings. The OS itself pings home so often, sends network request for everything you do, shows ads on the login screen, makes screenshots (for Recall), Edge sends contents from web forms for “AI”. And now it is my responsibility to disable showing seconds in the taskbar??? If microsoft really wants to be green, windows shouldn’t do all these wasteful things!
This is only true if you enable extended spell checks, which makes some sense. By default, no form data is sent to Microsoft AFAIK. Note that the same holds for Google Chrome.
Reminds me to a video I saw on YouTube from the "PC Security Channel", who was utterly flabbergasted that the Start Menu would send all keypresses inputted into its search bar to MS.
They had searching on the web enabled... Pretty hard to search the web using Bing without sending along a search term.
Stuff like that and the one you replied to are why I stopped caring. The outrage is so often complete and utter nonsense that my default response is disbelief.
It came enabled by default. It is not as if this setting was searched for, then enabled, then had some unintended consequence - taskbar searches used to not search the internet, then they did.
Which would be a perfectly fine thing to take issue with. It just also wouldn't be quite as eye-catching as misleadingly portraying the thing as now being a keylogger.
I disagree. Being covert and having access to user input are necessary criteria for a keylogger, but not sufficient. They also have to, well, log. And since keyloggers are a kind of malware, using these logs for malicious purposes is also implied, and so is that the data would be tied to your identity. They also tend to operate all the time, rather than just in specific contexts.
But the criterion of "having access to user input" is also necessary for goofy unneeded features like showing web search results in the Start Menu though, which they shove down people's throat like they do with every other feature their product team thinks is a great idea (explaining the "being covert" bit), at which point you have a complete, non-malicious explanation for the entire thing.
The reasonable thing to do then is to apply Hanlon's razor, at which point no, it's no longer reasonable to believe or portray it to be a keylogger anymore. Not essentially, not otherwise. Not only that, but the YouTuber in question made this portrayal knowing full well that it's impossible for them to actually properly demonstrate this feature doubling as a keylogger, as they have no access to the server side. They relied on people being gullible enough to simply not grasp this, and leveraged people's preexisting privacy concerns to farm views.
Having the capability to engage in crime doesn't make a criminal. Imagine if I portrayed 107M (!) of the 340M residents of the U.S. as a criminal because they own a gun, despite knowing full well that gun ownership sensibilities are just fundamentally different over there.
“if you use the windows taskbar, by default Microsoft sees your keystrokes now. Here’s how to disable it” is a completely reasonable take. Every week there’s a new announcement of a some-million-count leak of personal information. People’s privacy fears are well-founded.
Is appealing to those fears to deliver misinformation ethical? Does it help this issue or worsen it? Cause I'd say poisioning the well is not a good thing. The road to hell being paved with good intentions and all. See the effect lies like this had on the person in this very thread above us: https://news.ycombinator.com/item?id=44552625 I share in their disbelief at decent amounts by this point, too.
It's like making up a bunch of rubbish when there's a hate train going on against something or somebody just to participate. Then having all of that backfire disproportionately when the tides turn. Why make things up when reality has plenty bad enough stuff going on already that one can report on? Rhetorical question of course.
> The road to hell being paved with good intentions and all.
Why are we assuming good intentions from a company who for years has increased places and amounts of data it collects and tracks, and removed more and more ways to opt-out of this?
The intention of "search web first before searching local computer even if the user never asked for it" didn't appear from the intent of "let's create a keylogger", but it never came from a good innocent intention either.
In what world does holding the user's private data for 30 days make sense for a spell checker? Even sending the data at all is sad. We've had offline spell checking for decades.
This is often (though not always) blanket statement.
Logs are always generated, and logs include some amount of data about the user, if only environmental.
It's quite plausible that the spellchecker does not store your actual user data, but information about the request, or error logging includes more UGC than intended.
Note: I don't have any insider knowledge about their spellcheck API, but I've worked on similar systems which have similar language for little more than basic request logging.
> dear HN user who decided to silently downvote - you could do better by actually voicing your opinion
Sure, I'll bite. Let's address the obvious issue first: what you're saying is speculation. I can only provide my own speculation in return, and then you might or might not find it agreeable, or at least claim either way. And there will be nothing I can do about it. I generally don't find this valuable or productive, and I did disagree with yours, hence my silent downvote.
But since you're explicitly asking for other people's speculation, here I go. Advanced "spellchecking" necessitates the usage of AI, as natural languages cannot ever be fully processed using just hard coded logic. This is not an opinion, you learn this when taking formal languages class at university. It arises from formal logic only being able to wrangle formal logic abiding things, which natural languages aren't (else they'd be called formal languages).
What the opinion is, and the speculation is, is that this is what the feature kicks off when it sends over input data to MS's servers for advanced "spellchecking", much like what I speculate Grammarly does too. Either that, or these services have some proprietary language engine that they'd rather keep on their own premises, because why put your moat out there if you don't strictly have to.
Technologically speaking, at this point it might be possible to do this locally, on-device now. This further didn't use to be the case I believe (although I do not have sources on this), and so this would be another reason why you'd send people's inputs to the shadow realm.
It's further pretty hard to write like this, but I still prefer it over getting trivially checkmated by ill meaning people, and over being misinterpreted silently and that causing issues downstream. It's at this point an instinctual defense mechanism, that I've grown to organically develop in the low-trust environments that are forums like this.
I 100% agree with the principle, but (regrettably) in practice you can't do this in a lot of places where the community is critical (which isn't a bad thing by itself) but doesn't call out/downvote/moderate bad criticism (which is bad).
I can't count the number of times on HN that I've seen responses to posts that took advantage of the poster not writing defensively to emotionally attack them in ways that absolutely break the HN guidelines, and weren't flagged or downvoted. And on other sites, like Reddit, it's just the norm.
The defensive writing will continue until morals improve.
> By default, Microsoft Edge provides spelling and grammar checking using Microsoft Editor. When using Microsoft Editor, Microsoft Edge sends your typed text and a service token to a Microsoft cloud service over a secure HTTPS connection. The service token doesn't contain any user-identifiable information. A Microsoft cloud service then processes the text to detect spelling and grammar errors in your text. All your typed text that's sent to Microsoft is deleted immediately after processing occurs. No data is stored for any period of time.
And Linux for desktop is finally easy enough for those of us with both.
Microsoft ordered me to buy a new computer for Win 11, so I took said kids to Microcenter, asked for a machine whose specs could play a particular steam game on Linux, returned to my mortgage, installed Ubuntu and haven't given Windows a second thought in months.
Looked into it, the answer seems like it can be both a yes or a no, depending on the website and user actions.
By default, when you implement a form that takes a password, you (the developer) are going to be using the "input" HTML element with the type "password". This element is exempt from spellchecking, so no issues there.
However, many websites also implement a temporary password reveal feature. To achieve this, one would typically change the type of the "input" element to "text" when clicking the reveal button, thereby unintentionally allowing spellchecking.
As long as Red Hat keeps embracing and extending free desktop, and Apple keeps disallowing standard features like native Vulkan (Mac is not for games I get it but come on, please?), people will either keep using Windows or, more likely, switch to Android devices for their home and business needs.
Both things can be true/desirable at the same time.
If, as tested, this setting makes a double-digit percentage difference, I'm glad Microsoft exposes it in the UI. I'd also be glad if they didn't do as much weird stuff on their user's devices as they do.
> If, as tested, this setting makes a double-digit percentage difference, I'm glad Microsoft exposes it in the UI.
I'd rather them write more performant code. This feels like your car having the option to burn motor oil to show a more precise clock on the dash; you don't get kudos for adding an off-switch for that.
In keeping with the theme of the comment you're replying to, writing better-performing code and providing performance options are not mutually exclusive. Both are good ideas.
> This feels like your car having the option to burn motor oil to show a more precise clock on the dash; you don't get kudos for adding an off-switch for that.
(Sounds more like you're arguing that it should be forced off instead of being an option? Reasonable take in this case, but not the same argument.)
No, I think they’re arguing that showing seconds in the system tray shouldn’t be so inefficient that turning it off gives back double-digit percentage energy savings.
I think we all agree there needs to be some additional power draw for the seconds feature, but it’s unclear how much power is truly necessary vs this just being a poor implementation.
there's a dramatic increase in how frequently you interrupt the CPU to update the display. That is true at the OS level no matter how efficient you make the second display code.
It shouldn't take any noticable power/cycles to accomplish this task. Having flags for "performance" littered through the codebase and UI is a classic failure mode that leads to a janky slow base performance. "Do always and inhibit when not needed".
Better analogy would be reducing your MPGs (fuel efficiency) to show a more precise clock, and arguably we all make that sacrifice to get CarPlay.
Energy isn’t free.
Even if they wrote more performant code, it would just mean less relative loss of energy to show seconds but still loss compared to not showing seconds.
This feels like your car having the option to burn motor oil to show a more precise clock on the dash
I actively don't want to see seconds; the constant updating is distracting. It should be an option even if there were no energy impact. (Ditto for terminal cursor blinking).
I have cursor blinking off anywhere I can. The prompt is what tells me I can type something, or in a GUI program, you can always type if there is a cursor no matter if it's solid or blinking. At least, that's my experience, perhaps you're familiar with another system or piece of software where the blinking is what tells you that you can enter something?
Mentioning that some setting uses more power can be useful and desirable. I think Jaxan might be irked by "energy recommendations" Windows gives you in power & battery settings, though. It suggests applying "energy saving recommendations" to lower your carbon footprint, and while I absolutely support energy saving, I also find those "recommendations" obnoxious.
The recommendations suggest, among other things, switching to power-saving mode, turning on dark mode, setting screen brightness for energy efficiency, and auto-suspending and turning the screen off after 3 minutes.
Power-saving mode saves little at least on most laptops but has a significant performance impact, dark mode only saves power on LED displays (LCDs have a slight inverse effect), and both dark/light mode and screen brightness should be set based on ergonomics, not based on saving three watts.
When these kinds of recommendations are given to the consumer for "lowering your carbon footprint", with a green leaf symbol for impact, while Microsoft's data centres keep spending enormous amounts of power on data analysis, I find it hard to see that as anything more than greenwashing.
The test setting is important here - the test is on an otherwise idle machine. This means that the update ensures that some thread wakes on a timer every second which may explain the large drop. This test is interesting, but not very representative of a real world usage scenario. It’ll be interesting to compare it to the results of the other test they running, where they keep a video running in the background.
I'm still a little curious of what's causing the increase in power use. A single additional wakeup per second should not have a two-digit percentage impact on power use when even an idle machine is probably going to have dozens of wakeups per second anyway. I wonder if updating the seconds display somehow causes lots of extra wakeups instead.
And it is only getting worse. I would consider windows update on its own enough reason for not using this shit os at all. Be aware!
https://youtu.be/4RQ6pek3JoM
This is not Windows-specific, it has been shown wrt. Linux systems also. It's why recent Linux desktop environments have gotten rid of the blinking cursor in command prompt windows (that also causes frequent wakeups and screen updates) and why it probably makes sense to disable most animations too.
There was a fight in Vista time frame about whether or not animated/video desktop backgrounds were a good idea. They were definitely cool, but AT WHAT COST. Ended up shipping as an "extra".
That reminds me of Chrom[e|ium]'s insanely bad form suggest/autofill logic: The browser creates some sort of fuzzy hash/fingerprint of the forms you visit, and uses that with some Google black box to "crowdsource" what kinds of field-data to suggest... even when both the user and the web-designer try to stop it.
For example, imagine you're editing a list of Customers, and Chrome keeps trying to trick you into entering your own "first name" and "last name" whenever you add or edit an entry. For a while developers could stop that with autocomplete="off" and then Chromium deliberately put in code to ignore it.
I'm not sure how much of a privacy leak those form-fingerprints are, but they are presumptively shady when the developers ignore countless detailed complaints over many years in order to keep the behavior.
> For a while developers could stop that with autocomplete="off" and then Chromium deliberately put in code to ignore it.
To be fair, websites with a horrible misunderstanding of security kept on using that for "this password is important, better make sure the user is forced to enter it by hand!"
And forcefully overrides personal preferences to NOT ahouls any Windows Spotlight images and trivia on lock screen, and news and recommended content on Edge homescreen
> And now it is my responsibility to disable showing seconds in the taskbar??? If microsoft really wants to be green, windows shouldn’t do all these wasteful things!
and building multiple gigawatt consuming data centres to produce AI slop no-one asked for and no-one wants
"This is Windows 11, you'll need a new PC for it, throw away your old PC and wreck the planet some more, and by the way we'll stop supporting Windows 10 in October 2025, if your PC gets a malware and your bank account gets hacked and drained it's not our fault".
