Recall from Recall: New Windows function becomes opt-in
The pressure from users was too strong: Recall is switched off by default on new PCs with Copilot+, and the database and screenshots are encrypted.
So far, there has only been a "Yes" or "No" for Recall. According to Microsoft, Windows 11 will indicate the function during the initial setup in future.
(Image: Microsoft, Bearbeitung: heise online)
After weeks of criticism of the upcoming "Recall" function for Windows 11, Microsoft has relented. The automatic storage of screenshots, including analysis by AI, will become an opt-in feature. The company also wants to improve the protection of the data generated in this way.
This emerges from a Microsoft blog post. In it, Windows boss Pavan Davuluri writes, among other things, that the screenshots can no longer be searched so easily. For example, confirmation of presence via Windows Hello is required before the Recall data can be queried. The Recall database is now also to be encrypted, which was promised previously but has not been implemented in the current preview versions.
It is therefore currently still possible to search both the screenshots themselves and Recall's SQL-lite data. Third-party tools are already available for this purpose, and in addition to our own experiments, heise online has also received letters from readers stating that Copilot+ worked even without new PCs. This means that access to the recall data is currently possible for anyone who has a user account on such a computer. The screenshots are available unencrypted as JPEG files.
Recall only via Windows Hello
By linking to Windows Hello, which allows users to authenticate themselves using a PIN, facial recognition or fingerprint, Microsoft now promises that access to Recall will only be possible with "just-in-time encryption". In addition, the function and its peculiarities will be pointed out during the initial setup of Windows. The screenshots of this process shown in the blog post indicate configuration options, but so far, only show two yes/no options for saving so-called "snapshots"; Microsoft avoids the word "screenshots", which would probably be clearer.
In a section that promises that privacy is also protected when using Recall, Microsoft points out the options for user control in six subsections. The last point there mentions an important innovation for companies: For centrally managed PCs, the administrator can only switch Recall off, but not on. The activation of the function should always be reserved for the user of the computer.
There is also a promise in several places that Recall data will always remain on the device, so literally "nothing goes to the cloud". Microsoft's head of research Jaime Teevan stated this in an interview a few days ago. A statement from Microsoft CEO Satya Nadella, who praised Recall as the "photographic memory of a PC" three weeks ago, is still pending. Recall will be released in mid-June 2024 with the first PCs with Copilot+. So far, the function only works with ARM chips from Qualcomm's Snapdragon X series.
(nie)
