Microsoft Enhances Recall Feature for Copilot+ PCs Ahead of Launch

Soon after showcasing the preview of the Recall feature for Copilot+ PCs, Microsoft is making a significant change to address the newly highlighted security risks associated with the feature.

The company has decided to make the experience an opt-in offering on these eligible machines. For those unaware, Recall allows users to instantly skim across previous updates of an app, image, website, and document via a screenshot-based timeline.

Encryption and Local Analysis

According to Microsoft, these images are encrypted, stored, and analyzed locally using AI. The Recall feature, often referred to as having a "photographic memory," can be adjusted by users to pause saving, filter apps, and delete saved screenshots.

On June 18, Copilot+ PCs with the recall (preview) capability will begin delivering. Microsoft plans to update the set-up experience for these PCs to allow users to choose whether to start saving snapshots or not. If users do not proactively choose to turn it on, the feature will remain off by default, as noted by the Windows Experience Blog.

User Enrollment and Data Protection

To enable the Recall feature, users must enroll with Windows Hello. Additionally, a "proof of presence" will be required to view the timeline and perform searches. For enhanced data protection, Microsoft will implement "just in time" decryption protection through Windows Hello Enhanced Sign-in Security (ESS). This means that the screenshots will only be visible when the user authenticates access.

Updated Set-up Experience

Microsoft is set to refine the set-up experience of the Windows Recall feature. This update will allow users to either start saving snapshots or opt out. If users do not make an active choice to enable the feature, it will remain disabled by default.

The update emphasizes user control and security, ensuring that only authorized individuals can access the saved screenshots.

Security Enhancements

Additionally, the search index database of the firm is encrypted. The Verge stated that cybersecurity specialist Kevin Beaumont found that the function saved data in a database in plain text, which led to the latest adjustment.

This may have given malicious actors the ability to retrieve the data from these databases. To mitigate this risk, the snapshots are stored locally, and no cloud or internet-based processing is involved. Additionally, these snapshots are not used to train AI models.

Privacy Measures

Microsoft has taken several steps to ensure user privacy. When many users are logged into the same device, Recall does not exchange photos with them. Even administrators cannot see other users' photos because of per-user encryption.

A Recall icon will appear in the system tray when the feature is actively saving screenshots. Furthermore, snapshots for digital rights-managed content or InPrivate browsing on supported browsers will not be saved, providing an additional layer of privacy protection.

Conclusion

These changes highlight Microsoft's commitment to user security and privacy in the development and deployment of the Recall feature for Copilot+ PCs. By making the feature opt-in and enhancing data protection measures, Microsoft aims to provide a secure and user-friendly experience for its customers.