Microsoft revealed a new Recall feature for Windows 11 back in May, promising a searchable timeline for your entire PC history using generative AI. Microsoft is now making changes to the feature following many security concerns.
Recallwas announced in May as an AI-powered search for everything you do on your PC, including web pages you visit, files you open, and message conversations. However, unlike most other system search functions (like macOS on Spotlight) that just scan and index your files, Recall takes screenshots of your screen and indexes the text. Recall is exclusive toCopilot+ PCs, like the upcoming Snapdragon X Elite-based laptops and thenew Surface Pro, but it has already been hacked to run on other ARM-based hardware.
The feature wasquickly pannedbysecurity experts, since the screenshots captured by Recall were saved in a folder that could be easily accessed by other applications. The data from the scanned images, which could potentially includeanything on the screen(such as bank numbers, unhidden passwords, etc.), was also stored in an unencrypted SQLite database. Researchers quickly builtproof-of-concept toolsfor reading the database, showing how much data would be easily available for malware (or anyone with physical access to the computer) to steal.
Microsoft was also not clear about the feature being enabled by default, only telling the BBC and other outlets that it would be an “optional experience.” Microsoft has a long history ofignoring default settings, so even if it was turned off by default, there was no guarantee that it would stay that way and properly inform PC owners.
To quote Douglas Adams, “This has made a lot of people very angry and been widely regarded as a bad move.” Microsoft has not apologized for almost shipping a significant security vulnerability in Copilot+ PCs, but it has announced a series of changes that will go into effect before Recall ships on the first Copilot+ PCs on June 18th.
Recall will be an opt-in feature on Windows 11, with a setup screen that explains the screenshots and gives you “No, don’t save” or “Yes, save” buttons. Recall will also only be accessible throughWindows Hello, so other people won’t be able to access your PC’s history (unless they know your secret PIN). Finally, the Recall database and screenshots will be encrypted.
The changes are addressing all the primary complaints with Recall, but there might still be issues with the implementation that will be discovered by security researchers in the future. There’s also no guarantee that Microsoft won’t secretly turn on Recall in the future, like how the default browser is oftenreset back to Microsoft Edgeafter Windows updates.
Microsoft also reiterated in its blog post that the Recall screenshots are stored locally, and they are not sent to Microsoft or shared with anyone. The feature can also be paused at any time, and you can set up filters to block specific applications or sites from being scanned.
Recall will only be available on new Snapdragon X Elite-based laptops to start, but it should also roll out to laptops withRyzen AI 300andIntel Lunar Lakechips once those become available.
