Microsoft Addresses Windows Recall Concerns; Makes It Opt-in By Default
Jun. 8, 2024At the Copilot+ PC event, Microsoft announced the much-hypedRecall featurethat takes screenshots of your screen and performs AI analysis in the background. You can later find things and activities using semantic search. However, just after a few days, a security researcher discovered many security gaps in Recall’s implementation and called the feature aprivacy nightmare.
Finally, after a huge uproar, Microsoft has responded. In ablog post, Pavan Davuluri, the Microsoft VP for Windows and Devices, confirmed that users could enable or disable Recall during the onboarding setup. It means Recall is now opt-in by default which is great.
Next, Microsoft is adding an additional layer of security to protect Recall’s vector index. The local database will now remain encrypted and will only be decrypted when the user authenticates using Windows Hello. Microsoft is using Windows Hello Enhanced Sign-in Security (ESS) for “just in time” decryption.
Finally, to even view your activity history and timeline on Recall, your presence will be required. It means that Windows Hello enrollment is now strictly required to use the Recall feature. There were criticisms from many quarters that law enforcement agencies or abusive partners may access the Recall timeline to find incriminating information from the past without user’s consent.
Besides that, Microsoft now says that “Recall doesn’t share snapshots with other users who are signed into the same device, and per-user encryption ensures even administrators cannot view other users’ snapshots.” We need to test whether other users on the same PC can view stored snapshots.
And all of these changes to Recall will come into effect beforeCopilot+ PCsship on June 18. I think Microsoft has done a great job listening to users’ feedback. This will bode well for building user trust. I am also glad that Microsoft made Recall an opt-in feature, by default.
So will you use the AI feature ordisable Recall on your PCaltogether? Let us know in the comments below.
Passionate about Windows, ChromeOS, Android, security and privacy issues. Have a penchant to solve everyday computing problems.
