It turns out that the storm of criticism Microsoft’s recently unveiled Recall feature has actually pushed Microsoft to change its mind and make some very significant changes to the feature. Today, after over a week of sustained criticism and worries, Redmond announced it’s going to implement Recall very differently.
First and foremost, instead of Recall being enabled by default and only configurable after installation and the out-of-box experience, it will not be disabled by default, and the user will be prompted during the OOBE if they want to enable the feature or not. This in and of itself should alleviate quite a few worries, since having this on by default without most users really realising it was a recipe for disaster and privacy issues.
Second, Recall will not be taking advantage of Windows Hello, and using Window Hello will be a requirement before you can use Recall. On op of that, Recall will use Windows Hello presence detection, so that it will only show any collected and saved data if you’re the one sitting behind the computer. It’s wild to me that they didn’t think of this one sooner, but alas – I have a feeling a lot of this “AI” stuff has been implemented in a bit of a hurry.
Last but definitely not least, the Recall database, where information extracted from the screenshots is stored as well as the search index will now be properly encrypted. They will only be decrypted once the user in question is authenticated. Here, too, one really has to wonder why it wasn’t implemented this way from the very beginning, and the fact that it wasn’t makes me think we’ll be finding more questionable security and implementation details as the feature becomes widely available in a few weeks.
I question the encryption stuff. When I read this I just think, “Oh, now the malware needs to wait until you’re logged in to beam all your personal data somewhere.”
Not to mention the fact that turning off the feature might mean jack all when MS has a history of “accidentally” enabling features during updates.
Microsoft has not earned the trust to offer this feature.
I’m very disappointed there was such a public backlash over this. I was looking forward to, and getting ready to laugh at the fireworks of Recall from the sanctity of my Linux computers. No tub of popcorn would have been big enough!
Right from the start, my spidey senses were telling me Recall is a bad idea, especially being opt-out. But, a wise man once said, never interrupt your enemy while they are making a mistake.
kbd,
I notice this happening on work laptops. I disable the MS windows search/ads/recommendations/etc only to find microsoft has enabled them via windows update. This is no mistake, they do it on purpose. I guess that’s why you put “accidentally” in quotes.
It’s just a keylogger with steroids.
Questionable security and implementation details in Windows? Really? NOOO!
I am still quite a bit amazed about what this all means for web services that allow their users to access sensitive data on computer equipment they don’t control. Since there’s no way for a website editor to disable Recall for their pages, how are they supposed to avoid sensitive data being stored on the users device (and probably synced to MS servers), without said users probably even realizing it ? My thoughts go, e.g. to health agencies and their security people that will have to accept MS crapping all over their DLP policies… Nice !
I only have one device at home that is even Windows Hello capable, a Surface Go 2, and it runs OpenBSD (yes, really! Guide here[1]) so I have zero worries about Recall ever ending up on any of my devices. With that said, I’d be willing to bet that Microsoft is getting ready to flip the switch to “Windows Hello Capable” and “Copilot+ ready” for a huge swath of existing Windows 11 devices that have the proper hardware but weren’t originally sold with those features enabled. They will do this so they can offer Recall on as many PCs as possible and can scrape as much data as they can, in a sneaky path around all the controversy.
And just as they did with other features they’d rather you leave turned on by default, with every major OS update they will have a mini OOBE screen that resets your original choices to opt-in and you’ll have to pay attention to avoid the dark patterns[2] that will try to trick you into staying opted in to all the privacy-averse settings and screen scraping shenanigans.
[1] https://jcs.org/2020/05/15/surface_go2
[2] https://www.urbanexile.net/2022/12/windows-11-dark-patterns
Wording here still requires a follow up. Snapshots will be encrypted. Snapshots are not the OCR processed result stored in the sqlite database if you want to be legally nit picky. All Recall data the screenshots and the generated results need to be equally protected.
I still worry that recall could be still employee monitoring with a future update once the noise dies down. It would not be the first time Microsoft said they will do X at first for security then have a latter update undo it.
They way I see it, Recall will be quiickly and with relish activated for employee monitoring. This kind of stuff is like catnip for bad managers and awful companies.
At this point, I don’t care how MS changes things. I don’t want this crap anywhere near my work or personal computers.
> Recall will not be taking advantage of Windows Hello, and using Window Hello will be a requirement before you can use Recall
English is not my primary language, maybe that’s why i am confused here
English is my primary language, and I am confused. I suspect its a typo. It seems clear that windows Hello will be required and used by recall.
It’s hard not to feel smug behind my MXLinix machine, and be dismissive about these things, but windows in is the workplace so it pays to be vigilant about what’s going on.
So basically it’s still the same thing, minus an additional checkbox, but now totally acceptable? That indeed is drastic.