Today, Microsoft announced big updates to its controversial Recall feature, which was supposed to launch in June alongside the first Copilot+ PCs. After a wave of criticism for lackluster security, Microsoft took Recall back to the drawing board, and now, it is ready to show how the feature will make sure all the data it captures is properly secured.
Right off the bat, Microsoft makes it clear that Recall is an opt-in experience, and the user will have two distinct buttons: yes and no. Also, Microsoft confirmed that Recall will be uninstallable despite previously stating the opposite when users spotted the option to delete the feature. Uninstalling Recall from your machine will remove everything, including AI models.
One of the biggest concerns about the initial version of Copilot was the fact that all of its data was way too easy to access. Now, everything that Recall has on you is encrypted and tied to the Trusted Platform Module, and accessing that data requires Windows Hello authorization with your face, fingerprint, or PIN.
In addition, Recall now processes data in a virtualization-based security enclave (virtual machine). In an interview with The Verge, David Weston, Microsoft's VP of enterprise and security, described the change:
We’ve moved all of the screenshot processing, all of the sensitive processes into a virtualization-based security enclave, so we actually put it all in a virtual machine. The app outside the virtualization-based enclave is running in an anti-malware protected process, which would basically require a malicious kernel driver to even access.
Besides under-the-hood changes that may not look very impressive to an average consumer, Microsoft implemented a bunch of software updates to Recall, such as the ability to filter out apps and websites. Sensitive content, such as passwords, IDs, credit cards, and everything you view in InPrivate mode, will be filtered out automatically. You will also be able to delete specific parts of your data, such as a certain period of time, an app, a website, or everything at once.
As part of strengthening Recall's security, Microsoft is also making it impossible to install the feature on a non-Copilot+ PC. Earlier this year, enthusiasts managed to make Recall work on ineligible systems, and it seems that Microsoft wants to end that by making Recall verify that your system is a Copilot+ PC with all the requirements, such as BitLocker, VBS, kernel DMA protections, and more.
The revamped Recall will be available to Windows Insiders in October. So far, there is no information on when the feature will be available outside the Insider program. You can read more about the latest security updates to Recall in a post on the official Windows Experience Blog.
3 Comments - Add comment