The updated Microsoft Recall AI feature will be rolled out to beta testers in October
Microsoft’s Windows Recall feature, which keeps a timeline of snapshots of activity on your PC, has a new release date for Windows Insiders. Microsoft revealed the feature in a very exciting way in May, only to delay it permanently (after a pushback from security researchers) a few weeks later. After taking some time to retool, the company said Wednesday it will launch Recall to beta testers using Copilot+ PCs in October.
Windows Recall keeps snapshots of everything you do on your PC. Designed as a “photographic memory” of your PC activity, it allows you to revisit things like products, emails, documents or conversations displayed on your screen. The benefits of the feature are easy to see, especially for those who spend long hours on their PC (or those with foggy memories).
But if that sounds like a privacy nightmare, security researchers think so, too. Despite security assurances from Microsoft during its announcement on Build 2024, cybersecurity and privacy experts are raising the alarm. The main problem is that intruders won’t find only good things in your native file system when they access your PC. In addition, they can see anything you’ve done on your computer from the time you activated Recall until now. That’s because Microsoft – for reasons we can’t understand (except put AI into all things as soon as possible) — left the Recall data written.
As security expert Kevin Beaumont detailed, Recall did not hide sensitive information such as passwords or bank details. Sure, your timeline was psychologically safe as long as no one could access your PC. But if you accidentally install malware or let a hacker in through other means, they’ll get a motherlode of sensitive data – unencrypted.
In response to the blowback, Microsoft added some sensible security features that left us wondering why they weren’t there in the first place. Also, it’s hard to determine the company’s motivations for that omission when the feature was announced — other than to speculate that it wants to prioritize a seamless user experience over strong security.
These security changes included making the feature optional instead of automatically enabled when you set up Copilot+ PC. In addition, Microsoft said that this feature will require Windows Hello – a face scan or fingerprint – and use “real-time” encryption (only activated with Hello). That means if a hacker gains access to your computer, your screenshot timeline should remain encrypted unless you lend your face or finger to unlock it (or somehow they figure out Hello’s encryption).
Microsoft says it will publish a new blog post when the feature becomes available in October through Windows 11 Insider. The feature will require a CoPilot+ PC (the first launched in June) with a compatible chip. That lineup of chips includes Qualcomm’s Snapdragon X Plus and Snapdragon X Elite, though Intel may have its CoPilot+ chips first in the wild when the feature hits previews.
Source link