Windows Recall has proven to be a highly controversial AI feature since it was first announced in May. What it does is constantly take screenshots of everything you do on your PC and then places the images in a searchable database on the device. And yes, that includes images that show sensitive information.
People were quick to call it a “security nightmare” after Microsoft openly admitted that the software did not hide “passwords or financial account numbers.” The company attempted to defend its decision, but recently decided to make multiple security improvements to Recall ahead of its fast-approaching launch on June 18.
Arguably the most important of these changes is that recovery will no longer be enabled by default when you wake up your PC. According to a recent post on the Windows Experience Blog, the feature will be disabled by default, meaning you'll have to enable it yourself during the process of setting up a computer.
Next, signing up for Windows Hello is now a requirement to turn on Recall and view your screenshot timeline. This means you will need to authenticate as the primary user using a biometric entry or PIN before accessing the feature.
As for the final update, Microsoft is beefing up security by adding “additional layers of data protection.” [including] “just-in-time” decryption of Windows Hello ESS (Enhanced Sign-On Security). As a result, snapshots can only be viewed when a user proves their identity. Additionally, the Recall search index database is now encrypted.
The strange thing is that this suggests that the database that would have stored images containing bank account numbers was initially unprotected and vulnerable to external forces. You might be surprised to learn how unsafe it was, but at least they're fixing it before launch and not after.
Analysis: Remain skeptical
The rest of the blog post reiterates previously known Windows Recall security features. For example, snapshots will be stored locally on your computer and will not be uploaded to Microsoft servers. An icon representing the feature will appear in the system tray, “letting you know when Windows is saving” images. Additionally, users can “pause, filter, [or] delete” snapshots whenever they want.
Microsoft also emphasizes that Recall will only be available on the upcoming Copilot Plus PCs as they have strong security to ensure privacy.
Does this mean we can fully rely on Windows Recall to keep data safe? No, not really.
Jake Williams, vice president of R&D at cybersecurity consultancy Hunter Strategy, told Wired that he “still sees serious risks.” [as well as] “Unresolved privacy issues.” Individuals may receive a subpoena requiring them to provide PINs to gain access to Recall databases.
Although Microsoft claims it can't view snapshots, who's to say the tech giant can't change its mind a year or two later and decide to collect all that sensitive information. They may find some loophole that gives them carte blanche to do whatever they want with Recall data. It's scary though.
If you're looking for ways to improve your online security, check out TechRadar's huge list of the best privacy tools for 2024.