Summary
Transcript
Okay, I’ve alerted you to some new threats. Expect now that Windows, iOS, Mac OS, and Android are going to have little running code on your device that will now be eyes over your shoulder watching what you do. The eyes will be from AI agents and the reason these OSS are dangerous are because they embed an AI in the OS which can be used for more purposes than just enhancing the user experience. Get ready for this. Microsoft already gave you the preview of this with Windows Recall. Apple already gave their preview when they built the CSAM scanning.
The risk is called AI client-side scanning. I exposed you to the impact of this on things like end-to-end encryption and how this is now compromised. The only OS that will not have a way of embedding client-side scanning is an open source operating system. On phones, you need to use the Google phones or phones running some version of Android open source project, AOSP. Examples are Brax OS, Calix OS, Lineage OS, Graphene OS, and so on. On computers, we have a tougher problem. The only option on computers is to run Linux. Understandably though, we have the reality that not everyone can just dump Windows, even I can’t, as there are apps that only run on Windows.
For example, gamers prefer Windows. But to avoid client-side scanning, you need to alter your setup. You need to move the majority of your activities away from client-side scanning. Using Linux with techniques like Linux Virtual Machines or WSL, Windows System for Linux, will not prevent client-side scanning. They’re good for learning but will not achieve anything against this threat. So the only answer is to boot Linux separately. However, this is not a minor task. I just did a conversion and I will explain my process to you so you can make your plans.
By the way, Apple Silicon users can also dual boot using Asahi Linux, so there are options for everyone. However, I’ll focus on the mechanics of Windows. I’m sure there are videos on doing this on a Mac. If you want to start planning out how to dual boot Windows and Linux, stay right there. I wish I didn’t have these Windows. Fortunately, it is now rare for me to use Windows. At the moment, the only task where I need Windows is when I’m editing these videos that you’re watching. This is a little tricky in my case because to speed up the editing and running of these videos, I need a computer with an NVIDIA GPU.
Initially, I was using a program called Adobe Premiere Pro which runs well only on Windows. So I switched to DaVinci Resolve which I thought would be an excellent alternative since it has a Linux version. The bad news for me was that DaVinci Resolve was crashing on Linux so I was back to square one with the need to use Windows. But do I really need a Windows 11 that’s doing key logging? And there are other hidden little tricks like forcing you to use OneDrive and then copying that to the cloud. Then we got the announcement of Windows Recall which was such a disgusting concept.
Here’s just an example of the ducking key logging that I can’t turn off. You see the activity history here and then I’ll show you my privacy settings that show I’ve turned activity history off yet it retains the information. And the reason of course is that this information logging your activities powers Windows Recall and the general AI client tag scanning which will be used by Copilot. To stick with Windows means I have to accept AI spyware the AI models running in the background and the collection of data made to power the information for that AI.
So we can’t have that. What’s the clean solution? Well the clean answer is dual boot. Yes dual boot. This means running Windows and Linux on the same machine. I don’t lose the ability to run some special apps on Windows but at least most of my activity like social media or private communications are not within the view of Windows. Now this requires some advanced thinking here. I wish this was just a mechanical task. I will do some generalizations but your mileage will vary. I have a fairly new computer so I will make an assumption that this is similar to most of you.
Meaning computers not older than three years old. First let’s clarify why you need to dual boot. Why won’t alternatives like using virtual machine or using WSL Windows subsystem for Linux work? The fact is that it is not enough to use Linux. Linux must be the only operating system running. If you’re running a Linux virtual machine then in the background the host machine can see what you’re doing. I already demonstrated that in a recent video. Screenshots can capture what’s happening in a virtual machine and of course the host OS can see your network traffic.
Given the new threats of AI agents embedded in your machine this is a no-go. The other option that you can’t use is Windows subsystem for Linux because this is actually running as a sub process of Windows which means Windows is controlling it. If the AI spyware is on Windows then that can see what you’re doing. The only way to avoid this is to run Linux by itself. We already established that many of you cannot do so and you must run both Windows and Linux so you have to dual boot. Dual boot means that when you start up your computer it will give you the option to load one OS or the other.
Here’s an example of what you would see in a dual boot setup. You will be given an option to select the OS during the boot process. By the way I know someone will bring up some complaint about the fact that I’m using Ubuntu because they think it’s not the most privacy safe option but I have a different problem here. I’m looking for hardware compatibility and Ubuntu is best for that. The reason is that Canonical invests a lot of time in including the drivers needed to support unusual hardware like the NVIDIA GPU I have.
It’s not perfect mind you it’s actually been a pain but I’ve gotten it to mostly work. At this time I don’t have the energy to expand to test alternative distros because making it work is the higher priority. I’m doing a lot of AI related research on Linux so to run open source AI models I need to use the GPU. It’s essential so I need the GPU to be running well on both Linux and Windows. Now the main problem you will uncover with dual boot is that you have to split your main drive between Windows and Linux.
Linux and Windows cannot share the same drive. The reason is that Windows uses the NTFS file system while Linux uses the ext4 file system. Here’s some new information as well. Linux can at least read the NTFS file system so if you’re on Linux you can at least see the files in Windows. However some of the files may be read only and here’s the other important tidbit. Windows cannot see an ext4 file system so this ability to see files is only one way. So in practice this means that if you dual boot you can drop a file directly into the Windows file system but if you’re on Linux you have to manually move a file from the Windows file system to your ext4 file system.
Or to make it easier you may want to just put all shared files in the Windows NTFS file system and you can easily grab it anyway. There will be issues with this but I’ll address it later. How to allocate the drive space between Linux and Windows will depend on your current computer setup. Most newer laptops were sold at a discount with 256 gigabytes or 512 gigabyte drives so this is likely the most common. Now if you research your particular computer model you will find that most modern laptops can accommodate a second NVMe hard drive.
Again the expectation is that most newer computers will be using NVMe solid-state drives. Research your own computer as you will find that if you can put in a second NVMe drive this job will be a lot simpler. For this discussion I will assume this configuration since it is again the most common and alternatively you can attach a USB drive to the computer which will require more steps. Because Linux needs a separate disk partition from Windows and cannot share a partition you need to plan out how you’re going to use your system and figure out what needs the most space.
Just to give you an example of a thought process I need a lot of space on Windows because I’m editing videos. Though what I will need to do on Windows is fairly limited I do need the hard disk space and on Linux I’m doing AI stuff. Running Olama and downloading many AI models means I get a lot of space for that too and unfortunately Olama is easier to run if the models reside in the main drive just from personal experience it’s buggy otherwise. So my computer originally came with 512 gigabytes on NVMe slot 1.
This is the boot drive then later I added a 2 terabyte NVMe on slot 2. Originally both of these were configured as NTFS. Windows can access any NTFS drive so my D drive can contain almost everything that Windows would need. So in essence Windows didn’t really need too much extra space since any data could easily be stored in my D drive. I don’t need to run Olama on Windows which would crowd the boot disk so realistically I can keep the 512 gigabytes for Windows and it would be fine. Now let’s think about how I was planning to use Linux.
Linux would need a lot of space in the boot drive because of the Olama models I use but Linux also has access to the Windows and NTFS drives directly so there’s a lot of space for extra data. Just keep this in mind though in theory client-side scanning and Windows could scan the drives so it could scan all content if it can see it. Thus it’s best to organize this so Windows sees as little as possible that’s important. So here’s my conclusion in my case. I’m leaving my 2 terabyte D drive alone. I’d like to have that still always available but I need Linux to have a good amount of space.
At least a terabyte Windows is fine at 512 gigabytes or even less. So what’s the strategy here? The strategy would be to change the boot drive from the current 512 gigabytes to a 2 terabyte drive. These NVMe drives are cheap now. I can show you a good one on Amazon which I recommend for just 179 and the link is in the description. We now have a plan. Now we have to figure out how to do this easily. Now I’m going to warn you that changing a boot drive without losing any data is a tedious and complicated task.
If you don’t know how to do this, head it over to some computer guy to do. Just take what you need to have done. But I’ll tell you how I did it. For a toolkit I created two USB sticks in advance. One is running an image of clonezilla. This is a free clone software you can download. Then I need to have my preferred Linux distro ready in another USB stick. By the way this is common knowledge but just to guide newbies you will need to flash the USB stick using software like Balina Etcher or Win32 Disk Imager.
You cannot copy this image to the USB stick. Flashing makes it bootable. As part of the prep we have to assume you have purchased your 2 terabyte NVMe and are ready to install it to your laptop. This is a solution to making the transfer windows so much easier than other methods. First I remove my D drive NVMe from the second slot. Then I move the original C drive NVMe from slot 1 to slot 2. Finally I installed the new 2 terabyte NVMe onto slot 1. So understand what we have now. Slot 1 empty 2 terabyte NVMe slot 2 boot Windows NVMe.
Now this will not boot anymore once you do this and slot 1 has no bootloader. The solution is to boot using clonezilla which in my case is actually running Ubuntu. By the way I won’t discuss how to boot a USB stick to your computer. Normally you have to disable secure boot and BIOS and then keep hitting some key to bring up the bootloader menu. In my Dell it is the F12 key but this is not standardized so follow your computer makers instructions. So once you get clonezilla started this is simple.
You can copy one drive to the other. So if you do that the bootloader will now be installed on drive 1 and depending on how you chose to do this the default I believe is that Windows will be given the max size for the partition. Windows has several side partitions loaded by the OEM in my case Dell but most of the available space will be given to Windows. So where are we now? Once you remove the clonezilla USB stick you should now have a bootable Windows drive like before but we no longer need the NVMe slot 2 drive so in my case I will bring back my original D drive NVMe with 2 terabytes.
Otherwise you can reformat the original Windows drive in slot 2 and use it for extra storage with no additional expense. Before you start installing Linux you need to allocate a partition for it. So to do this we have to go to Windows. First you have to launch the program disk management from the start menu as I show here. Now mine is already set up with partitions for Linux but you won’t have this. Instead you should have one large C drive partition for Windows. Using disk management right-click on this C drive and you will see an option to shrink the partition and you can see that option here.
You decide how much you want to shrink it for your purposes but whatever space you free up will be available for Linux so this depends on how much you will be doing on Linux. Hopefully a lot of stuff. After the partition is shrunk what will happen is that a new partition will be available and that new partition will be used by Linux later. So to do the actual Linux install boot the USB stick with Linux in it and then install Linux like normal by following instructions at the prompts and it should automatically detect the free partition and just verify that it gets installed in that partition.
There we go. The new bootloader using grub should give you the option to select the OS. By the way on Linux if you have to resize the ext4 partitions you can do that using the app disks which happens to be pre-installed on Ubuntu. The main hiccup when dealing with Windows and Linux is that both use a different time syncing mechanism. If you leave it alone Linux will use UTC time while Windows will use local time and the clock will be screwed up each time you switch OS. So run this command on Linux time date CTL set time RTC 1.
This will use local time instead of UTC. The next issue is that sometimes you will lose access to NTFS and this is because Linux has no ability to repair an NTFS drive. You have to go to Windows and using file manager go to the drive properties as I’m showing you here and do a repair. This is the same thing as check disk slash F from the command line by the way. This should now be visible on Linux. I have found that Linux sometimes encounters folders in the NTFS partitions that are marked read-only.
So go to Windows again and remove read-only permissions on these folders. This way you can actively share files between Linux and Windows and you do this on file manager. On my Ubuntu install the file manager will not directly display the NTFS drives. Instead they will show an area marked other locations. So they’re not as convenient. And note too that some Linux apps may not have access to files in other locations. So this is why it is always good to have a large partition for Linux. Being dual boot you will be going to the same sites from two different OS’s.
It would be nice to make sure you have access to the password manager database at all times. So I make sure that both Linux and Windows access the password database from the same NTFS folder. Has to be NTFS since Windows cannot see ext4. This is easy enough. Export your browser bookmarks so you can have the same bookmarks in either OS. Let’s make sure we understand what the end goal is. We want to have Windows see as little as possible. Windows is recording your clicks and keystrokes and screenshots. So if you’re doing something important or personal do that on Linux.
Next make sure you understand that Windows Defender is examining every file on NTFS. Thus it is possible for it to scan content. Keep private files on Linux. Finally the plan is to wean yourself from Windows use. Find Linux alternative apps and begin switching. No rush but have a plan. This is a long-term strategy. I’m guessing we have till the end of 2024 before full client-side scanning is in effect. This is our defense against evil AI. Hope this sets you up with the proper long-term computing environment from here on. Folks we have to be mindful of privacy threats that are being embedded in the operating systems that most of us got used to using.
Now we have to switch. I started a company to provide products that can help here. First we have D-Google phones running open source OSS in our store. Next we have a Brax virtual phone product so you can communicate without a phone and no SIM card. We have the Braxmail product which allows you to set up unlimited email address aliases to keep your identity private and it has no identifiers. We have bytes VPN and Brax router to protect your network from being spotted by external parties. All these are on my platform Braxme.
We have a community of over 100,000 users there who talk about privacy regularly. Join us and support what we do. The store is available when you are inside that platform. Thank you for watching and see you next time. [tr:trw].