Microsoft has revised the Recall feature for its Copilot+ PCs and insists that the self-surveillance system is secure.
“Recall,” as Microsoft describes it, “is designed to help you instantly and securely find what you’ve seen on your PC.”
You may not recall what you were doing on your PC but rest assured that Microsoft’s Copilot AI can remember it for you wholesale, to borrow the title of the Philip K. Dick story that inspired the film Total Recall.
Microsoft Recall works by capturing snapshots of your Windows desktop every few seconds, and recording what you’re doing in applications, and storing the results so that it can be, well, recalled with text searches or by visually sliding back through the timeline. It’s a visual activity log with associated data that can be queried using an AI model, basically.
When Recall was announced in May at Microsoft Build 2024, it was pilloried as a privacy and security horror show. Security researcher and pundit Kevin Beaumont described it as a keylogger for Windows. And author Charlie Stross flagged the tool as a magnet for legal discovery demands. Recall could record sensitive info, such as your banking details, as well as your communications, app usage, and file updates, all while using your PC, users were warned.
So in June, after Microsoft Research’s chief scientist brushed off questions at an AI conference about the Recall backlash, Microsoft delayed its Recall rollout to rethink things.
By August, Microsoft determined that Recall had been sufficiently rethought and declared that the system monitoring software would be released this October to Windows Insiders.
Laying the groundwork for that happy occasion, David Weston, VP of enterprise and OS security at Microsoft, took a moment on Friday to explain in a blog post that Windows users have nothing to fear from the “unique security challenges” that Microsoft created with Recall and had to solve.
First, there’s the fact that “Recall is designed with security and privacy in mind,” which presumably makes it no different from any other Microsoft software. It’s not as if the IT giant openly markets a separate line of vulnerable, data broadcasting apps. OK, let’s not go there.
Next, you don’t even have to use Recall, assuming you have some say in such matters. Recall is opt-in. And Recall can be removed entirely via optional features settings in Windows.
But why would you want to exorcise Recall when it encrypts its snapshots in a vector database and locks the encryption keys away, under the protection of the associated PC’s Trusted Platform Module. Access requires the user’s Windows Hello Enhanced Sign-in Security identity (tied to fingerprint or face biometrics) and is limited to operations executed within a Virtualization-based Security Enclave (VBS Enclave).
Beyond that, authorization to Recall data is set to time-out so re-authentication is required for future sessions, a safeguard designed to prevent malware from leveraging user authentication to steal data. Enclaves also have rate limiting and anti-hammering protections to mitigate the risk of brute force attacks.
“Recall is always opt-in,” says Weston. “Snapshots are not taken or saved unless you choose to use Recall. Snapshots and associated data are stored locally on the device. Recall does not share snapshots or associated data with Microsoft or third parties, nor is it shared between different Windows users on the same device. Windows will ask for your permission before saving snapshots. You are always in control, and you can delete snapshots, pause or turn them off at any time. Any future options for the user to share data will require fully informed explicit action by the user.”
In defiance of its name, Recall won’t recall certain things. Private browsing in supported browsers (Edge, Chrome and Chromium, Firefox, Opera) isn’t saved. Nor are activities within user-designated apps and websites (blocking sites from Recall is available for Edge, Chrome but not all Chromium clients, Firefox, and Opera.)
Sensitive content filtering, active by default, tries to prevent passwords, national ID numbers, and credit card numbers from being recorded. And the user has controls for Recall content retention time, disk space allocation for snapshot storage, and record deletion – by time, app, website, or the entirety of what Recall can search.
And what is saved will be accessible via an AI agent.
“Recall’s secure design and implementation provides a robust set of controls against known threats,” says Weston. “Microsoft is committed to making the power of AI available to everyone while retaining security and privacy against even the most sophisticated attacks.” ®