Microsoft makes Windows Recall opt-in, secures data with Windows Hello


Following massive customer pushback after it announced the new AI-powered Recall for Copilot+ PCs last month, Microsoft says it will update the feature to be more secure and require customers to opt in to enable it.

To further improve the feature’s privacy and security, the company will also require users to prove that they’re in front of the computer via Windows Hello to enable and use Recall.

“We are updating the set-up experience of Copilot+ PCs to give people a clearer choice to opt-in to saving snapshots using Recall. If you don’t proactively choose to turn it on, it will be off by default,” said Windows & Devices Corporate Vice President Pavan Davuluri.

“Windows Hello enrollment is required to enable Recall. In addition, proof of presence is also required to view your timeline and search in Recall.”

Windows Hello proof of presence
Recall’s Windows Hello proof of presence (Microsoft)

Davuluri added that Recall also encrypts the search index database, allowing users to access the data only after authenticating.

“We are adding additional layers of data protection including ‘just in time’ decryption protected by Windows Hello Enhanced Sign-in Security (ESS) so Recall snapshots will only be decrypted and accessible when the user authenticates,” Davuluri said.

Microsoft initially claimed that the Windows Recall databases were secure because they were encrypted by Bitlocker and only decrypted when the user logged in to Windows 11. However, if malware was running on the computer, it could access the database fully because it runs after a user logs in and the data is decrypted.

With this change, the Windows Recall data will remain encrypted until a user authenticates with Windows Hello when they open the app. This adds an additional layer of security to the database.

These privacy and security updates will be shipped to customers with Copilot+ PCs when Recall (preview) ships on June 18.

The company has yet to share if the future will also be turned off by default in corporate environments, which was a big issue raised by enterprise customers after the initial announcement.

Recall asking users to enable snapshots during OOBE
Recall asking users to enable snapshots during OOBE (Microsoft)

Windows Recall is a feature designed to help you access past information on your computer by using a simple search function.

It works by taking screenshots of your active window every few seconds and recording your activities in Windows for up to three months by default.

These screenshots are then analyzed by an on-device Neural Processing Unit (NPU) and an AI model to extract data. The extracted data is saved in a semantic index, allowing Windows users to browse their screenshot history or search using natural language queries.

With Recall’s “virtual and completely private photographic memory” (as Davuluri described today), users can find historic information loaded in apps, websites, images, and documents.

Currently, this feature is only available on Copilot+ PCs running Snapdragon X ARM processors, but Microsoft is working to make it compatible with Intel and AMD CPUs.

Today’s announcement aligns with Microsoft’s recent pledge to prioritize security above all else after regular users and cybersecurity experts tagged the Recall’s initial iteration as a privacy nightmare.

“If you’re faced with the tradeoff between security and another priority, your answer is clear: Do security. In some cases, this will mean prioritizing security above other things we do, such as releasing new features or providing ongoing support for legacy systems,” Microsoft’s CEO Satya Nadella said in an email to Microsoft employees.

“This is key to advancing both our platform quality and capability such that we can protect the digital estates of our customers and build a safer world for all.”



Source link