Tech
Microsoft fortifies Recall security
MICROSOFT has dialled back on its initial plan involving the Recall feature in Windows 11 due to various security concerns. The feature that would screenshot everything a user does on their PC by default is now an opt-in feature.
After being revealed last month, Recall sparked controversy among privacy advocates and cybersecurity experts, who called it a disaster in the making if it was launched as it was back then.
Now, Microsoft says that users will have the ability to disable the AI-powered feature during the setup of the new Copilot Plus PCs.
“If you do not proactively choose to turn it on, it will be off by default,” says Windows chief Pavan Davuluri.
Additionally, the company has made sure that in order to enable Recall, users will need to authenticate with their face, fingerprint or PIN.
Going even further with another layer of security, Pavan explained that a “proof of presence” or authentication will also be needed to view the screenshots timeline and search in Recall.
The way Recall works is by using AI models to screenshot almost every action a user executes on their Microsoft 11 computer, so that if they need to search, trace back their actions or retrieve missing files, the screenshots will make these tasks easier.
These changes came less than a week after cybersecurity expert Kevin Beaumont tested Recall and found out that the feature at that time stored the screenshot data in a database in plain text.
After Beaumont’s revelation on X (formerly Twitter), a number of tools appeared online with the ability to exfiltrate Recall’s data, presumably by malware authors.