The Windows recall became a hot topic as soon as it was announced in June with the release of Surface Laptop 7 and Surface Pro 11 PCs.
With Recall, you can use the timeline cleaner to retrace your digital footprint, or you can use natural language search to find specific content. For example, if you’re shopping for an orange sofa but forgot to bookmark it, you can search for “orange sofa” and Recall will theoretically find it.
Recall demo at Copilot+ PC launch event
Image source: Microsoft
Recall can be advantageous for forgetful users who want to retrieve past moments, but some security experts have called it a “privacy nightmare.”
Why? because it captures everythingFrom innocuous moments like shopping and browsing, to more sensitive situations like passwords for online banking.
As a result, Microsoft has delayed the release of Recall until October. On Friday, September 27, the Redmond-based tech giant revealed its plans to make Recall even more secure for users.
Windows recall: Three things Microsoft is doing to improve security
The recall is still in preview. This means that only Windows Insiders will have access to Recall in October. But even in the testing phase, Microsoft has outlined the steps it’s taking to make new AI features safer for users.
1. Recall is an opt-in experience
Recall that this feature is only available on Copilot+ PCs, such as the aforementioned Surface Laptop 7 and Surface Pro 11, and is not turned on by default.
Microsoft Surface Laptop 7
Photo credit: Joe Maldonado/Marsh
Before you start using Copilot+ PC, you will receive a prompt asking if you want to choose to enable Recall.
Mix and match speed of light
2. You can delete Recall completely
If rejection isn’t enough, you can completely remove Recall from your Copilot+ PC so you no longer have it on your system.
recall action
Image source: Microsoft
(Previous reports indicated that Microsoft had no plans to provide an uninstall option for Recall.)
3. Recall data encryption
Microsoft claims that any data saved through Recall is encrypted.
David said: “The encryption key is protected through the TPM, bound to the user’s Windows Hello Enhanced Login Security identity, and can only be operated by operations in a security environment called a Virtualization-Based Security Enclave (VBS Enclave) Used.” Weston, vice president of enterprise and operating system security at Microsoft.
If this sounds like gibberish to you, allow me to explain. Recall’s encrypted data is protected in three ways. First, the PC’s security chip (also known as TPM) plays a role in securely managing Recall data. So even if a hacker breaks into your computer, TPM will ensure that only authorized users can access it.
Secondly, Recall data can only be accessed through Windows Hello, and the authorized user (you) can ensure data security through biometric authentication such as facial recognition and fingerprint scanning.
Photo credit: Shomik Sen Bhattacharjee/Mashable India
Third, “VBS Enclave” is the technical term for an independent environment within a PC, separate from the main operating system, used to protect sensitive data that Recall will use to securely process snapshots.
Microsoft emphasizes that it will not share your snapshots or any other related Recall data with third parties. It also does not share Recall data with other users on the same PC.
Additionally, you can customize how Recall follows you. For example, you can filter out certain apps and websites.
“You are always in control and you can delete snapshots, pause or close them at any time. Any option for users to share data in the future requires clear and fully informed action by the user,” Weston said.
