Microsoft makes Windows Recall an opt-in feature, is it enough?

Microsoft makes Windows Recall an opt-in feature, is it enough?

Windows Recall stores all user interactions on the desktop to make use of it through AI. It’s a controversial feature that has got regulators and security researchers worried. Microsoft has seen which way the wind is blowing and is now making Recall an opt-in feature.

Recall is a core component of so-called Copilot+ PCs, computers that Microsoft describes as the “fastest, most intelligent Windows PCs ever.” Specifically, they are devices that locally support the broadest set of AI services under the Copilot banner, focused on applications from word processing to day planning. Recall continuously takes screenshots of the desktop to track the user’s work, habits and actions. 25GB of this data is stored on-device. Old data gets thrown out as this storage container is filled up. Unlike browser history, Recall lets users retrace their steps irrespective of the application used.

Controversy all around

The feature was immediately met with condemnation from security experts. A British privacy watchdog immediately asked Microsoft how the sensitive user data is stored. Former Microsoft employee and “cyber weatherman” Kevin Beaumont described Recall as a “disaster” and thinks Microsoft’s higher-ups have been living in an echo chamber, failing to fully grasp the privacy and security threats inherent to the feature. We, too, had grave concerns about Recall as soon as it was announced during Microsoft Build.

Tip: End of carefree Windows use as Recall records everything you do on your PC

The voicing of such concerns seem to have paid off. Through a blog on Friday, Microsoft let it be known that Recall is getting an opt-in. “If you don’t proactively choose to turn it on, it will be off by default”, the blog stated.

Security disasters

For AI to conquer the desktop, true insight into user behaviour is gold dust. In this case, such data is valuable not because Microsoft likes to collect it, but because it allows Copilot to adapt to the user. Whatever your occupation, if there was something recently on your desktop that you can’t immediately bring back yoursell, Recall can retrieve it (to some extent).

The immediate question was whether Microsoft is the appropriate vendor to introduce Recall. Incidentally, Google is thinking along the same lines with ChromeOS and Chromebook Plus and the mooted “Where Was I?” feature. One big difference: Google’s AI desktop capabilities are more limited and not ready to launch, whereas Microsoft Recall will already be available in preview as of June 18.

However, Microsoft has faced two large-scale security disasters in the past 12 months. Hackers from both Russia and China managed to penetrate the company’s IT infrastructure. The Chinese incident was made possible by a “cascade of errors,” according to the U.S. watchdog CSRB. That’s not the kind of resume that wins over the much-needed trust of end users.

Opt-in is not enough

Microsoft leans on Windows Hello Enhanced Sign-in Security (ESS) for Recall. It means the encrypted screenshots can only be accessed after authentication. The security is partially hardware-based, but Blackwing Intelligence research late last year found that it can be bypassed on laptops from Dell, Lenovo and even Microsoft itself. Combine this with social engineering phishing attacks which lead users to unlock Recall’s treasure trove of data themselves. Recall’s 25 gigabytes of valuable screen snaps makes Windows devices an even bigger target for cybercriminals than before.

The opt-in is not enough to trust Recall. After all, Microsoft can tie enough functionality to the option to make said opt-in very enticing indeed. The fact is that the whole Copilot+ concept already creates a somewhat artificial barrier against PCs without NPU. Any PC with respectable specs could run the AI workloads via the CPU and GPU, but Microsoft is choosing to standardize with NPUs and nothing else. Nothing prevents Microsoft from making the opt-in for Recall also a switch for all sorts of attractive Copilot features, which simply wouldn’t work without the feature’s photographic memory.

Also read: The Surface Pro 10 and Laptop 6 are already yesterday’s news

The downside

However, there is a somewhat surprising security upside to all this, which would work out well for AI/Copilot+ PCs and Recall. We recently spoke with Trend Micro, which attended the unveiling of Intel Lunar Lake just before Computex in Taipei. That company is deploying AI to monitor the security of e-mail messages. By necessity, that analysis is currently done in a cloud environment. Given the sensitive nature of user data, the transmission of literally every single e-mail message needs user permission because of privacy laws in the EU and the United Kingdom. That will come to an end as the AI PC emerges, and specifically thanks to the NPU. In fact, Trend Micro software can take the 40+ TOPS of NPUs from Intel, Qualcomm and AMD and analyze on-device whether an email can be trusted.

It’s an example of what the AI PC can offer, with Recall making such a security feature even more potent. After all, it can take the context of previous conversations and recognize whether suspicious behaviour is taking place in email traffic or through other communication channels. If all this is on-device and secure, Recall suddenly comes across as a security boon, not a burden. That’s the story Microsoft has yet to tell, although it must first reestablish its own reputation for security. That will take time and proof of good behaviour.

Also read: Microsoft very much wants users to say goodbye to Windows 10 and embrace 11