Microsoft Flips Off AI Recall After Alarming Privacy Backlash Concerns

Yusef Mehdi on stage in front of a Recall image.
Microsoft is somewhat pulling in the reins on its Recall feature, which is a key part of the company's Copilot+ initiative for next-gen PCs (starting with Snapdragon X Elite/Plus systems). In theory, Recall is supposed to make life easier for users by helping to find things by continually taking snapshots of content on the screen, enabling a more seamless search experience without having to dig through, say, lengthy Discord conversations or browser histories. However, security researchers and the public at large have raised concerns over the privacy and security of allowing Windows to take snapshots every five seconds.

Adding to the controversy, Kevin Beaumont, a cybersecurity expert and former Senior Threat Intelligence Analyst at Microsoft, called Recall a "disaster" in a blog post. He noted that InforStealer trojans could be "easily modified to support Recall," and obviously that would be a bad thing.

Another security expert and white hat hacker, Alexander Hagenah, released a proof of concept tool on GitHub called TotalRecall that demonstrates how a nefarious actor could rather extract and display data from the Recall feature in Windows 11.

Database screenshot captured by TotalRecall.

"TotalRecall copies the databases and screenshots and then parses the database for potentially interesting artifacts. You can define dates to limit the extraction as well as search for strings (that were extracted via Recall OCR) of interest. There is no rocket science behind all this. It's very basic SQLite parsing," Hagenah states.

The chorus of concerns grew loud enough that Microsoft is rethinking how to roll out Recall in a more safe and secure manner. In a blog post of its own, Microsoft shared an update on Recall, which is in preview form for Copilot+ PCs, outlining some key changes that it hopes will put the collective mind of users at ease.

One of the big changes is that Recall will not be automatically enabled on Copilot+ PCs. It's now an opt-in feature, and "if you don't proactively choose to turn it on, it will be off by default."

Screenshot of Windows Hello.

The second major change is that Windows Hello (a biometric security feature) is a requirement in order to enable Recall. This ties in with a proof of presence requirement to view timelines and search in Recall, adding another layer to thwart remote hackers from abusing the feature.

Finally, Microsoft says it's "adding additional layers of data protection including 'just in time' decryption protected by Windows Hello Enhanced Sign-in Security (ESS) so Recall snapshots will only be decrypted and accessible when the user authenticates. In addition, we encrypted the search index database," Pavan Davuluri, corporate vice president of Windows + Devices, wrote in a blog post.

Microsoft Recall banner.

Most of the rest of the blog post reiterates Recall protections that already existed, such as storing snapshots locally on PCs rather than in the cloud, the ability for users to filter apps and websites from being in snapshots as well as being able to sift through and delete them, and the inherent security of a Copilot+ PC, including the default enabling of Microsoft's Pluton security chip, among other things.

All of the changes outlined will be part of the final version of Recall when it exits preview and ships to customers on June 18 with its Windows 11 24H2 release. It's also possible that Microsoft will make more tweaks between now and then, depending on user feedback.