Microsoft Will Disable Default 'Recall' Feature Due to Security Concerns
Microsoft's controversial new Recall feature (currently in preview) will not be activated by default for Windows users, the company announced.
Recall, which was unveiled in May, records every action taken by a user to help create more personalized queries in its AI-powered Copilot. While the new feature has been designed to improve the Copilot experience, some in the security community began to express possible concerns.
In an article posted to Medium (soft paywalled), security expert Kevin Beaumont broke down how, with just a few lines of code, Microsoft's newest Copilot feature could allow attackers to steal a user's entire PC usage history. In his analysis, he said that, while the new feature would be useful to many, Microsoft's security track record would make this feature too risky for public use.
"I think it's an interesting entirely, really optional feature with a niche initial user base that would require incredibly careful communication, cybersecurity, engineering and implementation. Copilot+ Recall doesn’t have these," Wrote Beaumont. "The work hasn’t been done properly to package it together, clearly."
Responding to feedback from Beaumont and others, along with disabling the feature by default, Microsoft said it is adding an additional "enrollment" level to use the service and enhancing Recall's security with "just in time" decryption, which uses Windows Hello Sign-In Security (ESS).
It also laid out the current security settings for the Copilot feature. Recall, locally stores and processes snapshots without relying on Internet or cloud connections. These snapshots are never shared with Microsoft or other entities, and per-user encryption ensures privacy even on shared devices.
According to Microsoft, users will be clearly notified when Recall is saving snapshots, with icons visible on the taskbar and system tray. Digital rights managed content and InPrivate browsing data are excluded from snapshots.
Finally, users can manage their snapshots with options to pause, filter or delete them at any time, maintaining control over what is saved. For enterprise users, IT administrators can disable the snapshot-saving feature, but cannot enable it on behalf of users.
Microsoft also said the line of Copilot+ PCs, also announced last month, will come with additional security features, including hardware-level baked-in security, Microsoft Pluton security processor and Windows Hello ESS turned on by default.
"We are on a journey to build products and experiences that live up to our company mission to empower people and organizations to achieve more, and are driven by the critical importance of maintaining our customers’ privacy, security and trust. As we always do, we will continue to listen to and learn from our customers, including consumers, developers and enterprises, to evolve our experiences in ways that are meaningful to them," wrote Pavan Davuluri, corporate vice president, Windows + Devices.