Microsoft revealed a new Recall feature for Windows 11 back in May, promising a searchable timeline for your entire PC history using generative AI. Microsoft is now making changes to the feature following many security concerns.
Recall was announced in May as an AI-powered search for everything you do on your PC, including web pages you visit, files you open, and message conversations. However, unlike most other system search functions (like macOS on Spotlight) that just scan and index your files, Recall takes screenshots of your screen and indexes the text. Recall is exclusive to Copilot+ PCs, like the upcoming Snapdragon X Elite-based laptops and the new Surface Pro, but it has already been hacked to run on other ARM-based hardware.
The feature was quickly panned by security experts, since the screenshots captured by Recall were saved in a folder that could be easily accessed by other applications. The data from the scanned images, which could potentially include anything on the screen (such as bank numbers, unhidden passwords, etc.), was also stored in an unencrypted SQLite database. Researchers quickly built proof-of-concept tools for reading the database, showing how much data would be easily available for malware (or anyone with physical access to the computer) to steal.
Microsoft was also not clear about the feature being enabled by default, only telling the BBC and other outlets that it would be an “optional experience.” Microsoft has a long history of ignoring default settings, so even if it was turned off by default, there was no guarantee that it would stay that way and properly inform PC owners.
To quote Douglas Adams, “This has made a lot of people very angry and been widely regarded as a bad move.” Microsoft has not apologized for almost shipping a significant security vulnerability in Copilot+ PCs, but it has announced a series of changes that will go into effect before Recall ships on the first Copilot+ PCs on June 18th.
Recall will be an opt-in feature on Windows 11, with a setup screen that explains the screenshots and gives you “No, don’t save” or “Yes, save” buttons. Recall will also only be accessible through Windows Hello, so other people won’t be able to access your PC’s history (unless they know your secret PIN). Finally, the Recall database and screenshots will be encrypted.
The changes are addressing all the primary complaints with Recall, but there might still be issues with the implementation that will be discovered by security researchers in the future. There’s also no guarantee that Microsoft won’t secretly turn on Recall in the future, like how the default browser is often reset back to Microsoft Edge after Windows updates.
Microsoft also reiterated in its blog post that the Recall screenshots are stored locally, and they are not sent to Microsoft or shared with anyone. The feature can also be paused at any time, and you can set up filters to block specific applications or sites from being scanned.
Recall will only be available on new Snapdragon X Elite-based laptops to start, but it should also roll out to laptops with Ryzen AI 300 and Intel Lunar Lake chips once those become available.
Source: Windows Experience Blog