Microsoft’s Copilot + PC flagship feature Recall will be getting some tweaks ahead of its public launch to assuage ongoing security concerns.
Late last week, Microsoft published a piece on its Windows Blog announcing an update to the artificially intelligent-powered search tool Recall that clarifies a number of changes the company is putting in place to address a myriad of security concerns cybersecurity experts have been pointing out while assessing the new feature.
To begin with, Microsoft will stick to its initial claim of making Recall an Opt-in experience. While Microsoft originally introduced Windows Recall as an Opt-in affair, during the past three weeks Insiders and developers have been allowed to evaluate it, it’s been turned on by default.
First, we are updating the set-up experience of Copilot+ PCs to give people a clearer choice to opt-in to saving snapshots using Recall. If you don’t proactively choose to turn it on, it will be off by default.
It is unclear if the Opt-out nature of Recall were intended to be a testing bed to measure users’ comfortability with default experience or if the company presumed early testers would inherently Opt-in, and the company had always intended to ship what they originally claimed.
The second change to Recall is a Windows Hello authentication requirement. According to Microsoft, “Windows Hello enrollment is required to enable Recall.” Recall enabled devices will also seek proof of presence before viewing searched timelines which should help address the threat of remote hacking, in some instances.
Microsoft made mention of encryption during its original unveiling of Recall and the company is doubling down on the practice by applying an additional “just in time” decryption layer applied by Windows Hello Enhanced Sign-In Security (ESS).
Microsoft is also encrypting the search index database beyond the ESS-powered encryption that’s triggered by a valid Windows Hello authentication.
As part of Microsoft’s Secure Future Initiative, the company will be expanding its current Windows security profile to support Recall with synergies between Windows Defender and Smart Screen, as well as leveraging the Windows 11 Secure-Core to utilize firmware protections and dynamic root-of-trust analyzations.
Microsoft’s Pluton security chip will also be leveraged to support Recall to protect all potential chip-to-cloud activity in addition to the original safe keeps the company introduced with the new search feature.
Microsoft also reiterated that the snapshots used as thumbnails in the Recall visual timeline are stored locally, not shared with Microsoft or its Azure servers. Users will have visual cues to rely on to know when Recall is active, indicated by a Recall icon on the system tray during sessions.
Microsoft also mentioned early on that Recall would default to other Digital Rights Managment applications as well as not saving snapshots when InPrivate browsing is being utilized.
In addition to all of that, users are still put in the control seat when it comes to filtering and deleting saved snapshots with options such as disabling saved snapshots after opting into Recall initially or pausing the collection of snapshots for period as well as the ability to set filters for specific application or websites while using the search feature.
The same control will be given to IT Admins to apply for work-related devices that are tied to Windows Enterprise licenses, and for those worried about spying employers, Microsoft assures users that “your IT administrator cannot enable saving snapshots on your behalf. The choice to enable saving snapshots is solely yours.”
All-in-all, a solid start for Microsoft before the launch of Recall, but we’ll have to wait and see what fringe security use cases crop up over time and how the company continues to address user feedback to make Recall is secure, yet user friendly as possible during this AI computing boom.
