Comment by xp84
17 hours ago
> Instead of letting an agent act directly as you, Windows spins up this extra workspace, gives it limited access (like specific folders such as Documents or Desktop), and keeps its actions isolated and auditable.
> Each agent can have its own workspace and access rules, so what one agent can see or do doesn’t automatically apply to others, and you stay in control of what they’re allowed to touch.
This actually sounds thoughtful. I know it's super popular to crap on MS about AI since the Windows Recall feature, but at this point it just seems like intentional bad faith. This feature here is something you'd have to turn on, anyway.
I disagree. Maybe certain sensitive things are outside that folder such as browser cookies, but most users have a LOT of sensitive stuff there. "Tax forms 2023.pdf" for instance.
It's similar to UAC - a good and important protection, but fundamentally if you're letting code run with access to your plain old non-administrator documents that's where the biggest data threats are.
But how is this worse? If you run an agent now, it will run with your privileges. If you run an agent after this feature, it will run with limited privileges as specified by you.
Heaps of ranting here about agents sucking down private data to Microsoft servers without your knowledge, where a cursory look at this feature is to give you more control if you actually want to use agents. Sure, it might be learned reflex behavior, but that is exactly what OP was talking about.
It's worse because they're exposing these features to the kind of people who aren't running agents now.
1 reply →
> but most users have a LOT of sensitive stuff there. "Tax forms 2023.pdf" for instance.
So don’t give it access?
It clearly says it’ll have granular ACLs. How is this any different from something like Gemini CLI or Claude Code where you’re running it in your src directory?
It’s basically that, but for non-devs and with a GUI instead of a TUI.
Interesting that you see the sheer amount of criticism, week after week, and assume it must be bad faith by microsoft critics rather than bad faith by microsoft.
the critics always complain about what bad thing Microsoft will do in the future, rarely about what they are actually doing
secureboot was supposedly an evil conspiracy to block running linux on computers. secureboot is everywhere now, and Linux still runs on personal computers
Except that one line of Microsoft PCs that only run Windows because secureboot enabled Microsoft to make it so.
1 reply →
Obligatory https://xkcd.com/1200/
Just replace "someone steals my laptop" with "Microsoft installs malware"
Are you kidding? This is pure theft. If I got into your computer and accessed your Documents and Desktop, I'd be in jail but its OK when Microsoft does it.
Most apps on Windows can already access those folders though, except for UWP/AppContainer apps (which require particular capabilities to access them). I think the same is generally still true of the equivalents on most Linux distributions despite that things like SELinux exist.
That, and how many commenters in this thread are using something like Claude Code with their src directory as context? This is no different. It’s [claude code/gemini CLI/codex] but for non-devs and with a GUI instead of a TUI.
I feel like everyone here is overly dismissive of this because it’s cool to hate Windows in these parts, but this could be genuinely useful for your average office drone. Much like we love to shit on Copilot for M365 but it’s been extremely useful to the non-tech folks at my work.
2 replies →
Does this not run locally?