I read your link, and you need to retake basic literacy if you believe that satisfies any sort of proof. All it says is “Microsoft totally has a keylogger, this setting disables it.” It does not show any evidence of the claim. It does not link to evidence of that claim.

No one’s arguing that they aren’t gathering typing data. I’m arguing that it isn’t a full-on keylogger siphoning passwords.

Please stop fighting a strawman. I’ve not said anything good about Microsoft here. I’ll insist again that I’m more familiar with their rot than most, given my career.

I did Google, with multiple search terms. Check my last post again. There’s a spoiler with plenty under it. It’s the line in a section all it’s own that says “Did my research, I’m not finding the hard evidence.” Tap to expand the multiple paragraphs not only summarizing my findings but also linking specific examples. If you have some specific issue with what I found, let’s hear it.

I’ll state it again and clearly: Everyone should turn off the feature. But hundreds of sites copy pasting the same article, the headline claiming it’s a keylogger, the same instructions to disable predictive text data collection, and nothing else is not evidence. It’s copy paste tech support slop.

If sites claiming things about how Windows worked were reliable, or repetition meant reality, “sfc /scannow” wouldn’t be a meme in the sysadmin world. 90% of the time it doesn’t help. It’s a specific tool for fixing issues caused by corruption to the OS files, not the cure all it’s touted to be by many sources.

So show me some network traffic analysis. Show me a whitepaper. Show me a security reseacher’s write up. Show me process explorer screenshots showing the file lock for the file where the data is stored. Show me someone testing two default Windows installs in VMs, one with keystrokes entered and one without, and the clear difference in network traffic, file activity, anything.

Anything more than simply saying “trust me bro”.

Because headlines can’t be wrong right? The CrowdStrike outage was totally an issue with Microsoft Update, as originally reported far and wide, and not an issue with an update to CrowdStrike software running at kernel level that mirrored the same issue they caused in Linux deployments a few months earlier. People still don’t get that wrong, not at all.

Look. The ball’s in your court. Again, if it’s so easy, prove it. Stop wasting effort trying to rub my nose in it like I’m a bad dog, and just prove I’m wrong.

My research doesn’t show what you insist is so evident it doesn’t need to be sourced. If it’s as you say, spoonfeed me. Prove it. It’ll be faster, and I’ll gladly edit all my previous comments here to say whatever disparaging thing about myself you desire.

Crow is delicious and I look forward to eating it.

Come. On.

---

Edit: I’m not normally the kind of person to look up who up/downvoted me, but I spent the better part of an hour trying to find evidence in support of this guy’s claim. Apparently it’s easier to downvote than prove me wrong in such a simple way that they claimed I couldn’t have done a google search or I would have found it.

---

So let’s fucking go. I’ll extend this “bet” to anyone.

Show me evidence that Microsoft is capturing all (or most) keystrokes, specifically including passwords entered across multiple programs, through the setting for predicitve text and handwriting analysis which can be switched off through the settings menu, it is happening on live/prod/general use releases of Windows, not preview builds, and it does not rely on unlikely edge cases like a user somehow accidentally running Calculator with a debugger attached to the process and then typing passwords into Calculator.

Note: Being able to hijack the service and exploit speculative execution shit like spectre to access other areas in memory doesn’t count. This has to be inteded behavior.

If you can prove that for Windows 7, 10, or 11, I will do just about anything you want as a punishment. Want me to speedrun getting banned across the fediverse? Want me to make a video smearing peanut butter on my junk while singing your praises?

No doxxing myself, no physical harm, permanent body modifications, nothing that would get the cops called, make me ill, or jeapordize my job. Monetary cost can’t be over $20. Thinking more like I’d write that you were right on my ass, make it my profile picture here, and edit every comment I made on here (over 4000 at time of writing) to add praises for you and to point to my shame. That sort of thing.

If you can get the instance admins in on it, I’d fully accept old 4chan rules of deliver or suffer permaban.

Just to cover my ass for Microsoft doing something dumb as hell with Recall, that doesn’t count (see specifications about it having to be connected to this predictive text/handwriting thing), and this offer is only valid for the year of 2026.