It has only been a little over a month since Microsoft announced Recall, a new feature for its AI PC, Copilot+. The idea behind this AI tool was to allow users to easily search their PC usage history, but the public felt otherwise, pointing to serious privacy and security concerns. Microsoft updated the system to address some of these issues, adding the most important ones.
The recall updates are covered on Microsoft's blog (via Ars Technica), and while there are only three changes, they are quite significant. The first, and most important, is that Recall is now completely optional.
When the new Copilot+ AI PC first boots up, during the Windows setup procedure, you will be asked if you want to enable Recall. It is not hard to imagine what most people would choose here.
Next, for added security, you must enable Recall using Windows Hello to view and search the timeline of PC activity recorded by Microsoft's AI feature. If you are not familiar with Windows Hello Windows Hello is a security feature that uses a facial recognition camera, fingerprint scanner, or local PIN to access your PC and software.
Finally, Microsoft has fully encrypted the snapshots of your PC that Recall takes, along with the search index database. All of this is stored locally on your computer rather than using a cloud service, but the main concern about Recall was that someone else could potentially access Recall's data if they logged into the same PC. With this update, snapshots will only be decrypted when unlocked via Windows Hello. 9]
In a blog post, Microsoft said, "Even before offering Recall to customers, we are making it easier for them to choose to enable Recall on their Copilot+ PC We have heard clear signals that we can improve privacy and security safeguards by making it easier for customers to choose to enable Recall on their Copilot+ PCs even before we offer it to them."
Microsoft has also stated that it is "working to make it easier to enable Recall on Copilot+ PCs and to improve privacy and security safeguards.
Frankly, all updates should have been in place from the beginning. Microsoft stated that while Recall's data is always encrypted, it is not specific to the snapshot and search index databases, only that the entire disk uses Bitlocker. Given that this encryption is not 100% secure, the vast amount of personal information collected by Recall should have been additionally encrypted or secured in some other way from the beginning.
Given that public perception of AI is not good at the moment, Microsoft should have anticipated the reaction to the recall announcement and taken excessive security measures. A little more effort could have been a big plus for the reputation of this feature.
It will be interesting to see how well the update is accepted when the recall finally ships to customers with Copilot+ AI PCs on June 18. However, Recall will not be available for those using Windows 11 on x86 desktop or laptop PCs, as this AI tool will only be available on these computers.
Comments