Microsoft’s AI-powered recall gets these new security features
Microsoft unveiled new artificial intelligence (AI) features with the introduction of Copilot+ PCs during last month’s Microsoft Surface and AI event. However, one feature, called Recall, received a lot of criticism from users when it was added to the preview to let users test the feature. Many users took to social media to voice concerns about privacy and the lack of an opt-in mechanism. Now, the tech giant has allayed those concerns by introducing three new security features to help users trust the AI-powered feature that enables visual tracking of user history.
Microsoft Recall Gets Three New Features
In a Windows blog afterthe company acknowledged the user feedback and highlighted the changes it was making. The message said: “We’ve heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security measures. With that in mind, we’re announcing updates that will take effect before Recall (preview) ships to customers on June 18.”
There are three changes in total. First, Recall will be completely opt-in. The feature’s installation process will show a screen where users can turn it off. Furthermore, the feature will remain disabled by default, so the only way to enable it is to proactively go through the installation process.
Next, Microsoft is integrating Windows Hello, the security feature that requires biometric information or a PIN to grant the user access to the device, with Recall. To enable the feature, users will now need to enable and set up Windows Hello. Additionally, the tech giant said the device will require “proof of presence” to view and search the timeline in Recall.
Finally, the Windows maker adds encryption to Recall to make it harder for malicious parties to access the data. The first layer of encryption comes from Windows Hello, and it also encrypts the search index database of Recall’s snapshots, making them inaccessible to a hacker.
What is the Recall function?
Announced on May 20, Recall is an AI-powered search history tracking functionality across the entire device. It takes periodic screenshots of the PC and, using computer vision, can answer questions from users. Users can ask the AI about a specific task performed on a given day or show the highlight of a day and Recall will quickly be able to share the information.
Even at launch, Microsoft had already added a number of security features to make the invasive nature of the feature more appealing to users. The snapshots taken by Recall were stored locally and were locked to each user account on the PC. Once Recall was activated, users would also get persistent notifications reminding them that the feature was periodically taking screenshots. Users were also given the option to disable the feature for certain apps.
Additionally, Recall did not take snapshots of digital rights content or InPrivate browsing, which is supported on some PCs. Users also get control over which screenshots are saved. The feature can be paused or filtered, and users can manually delete snapshots. Additionally, the feature is protected by Copilot+ PCs’ chip-to-cloud security technology, Microsoft’s Pluton security processor based on Zero Trust principles.
Despite these features, many Internet users complained that the snapshots were not encrypted and that the lack of an opt-in mechanism made the feature feel forced. Microsoft has now addressed all of these concerns.
