Microsoft has further detailed how its Windows Recall tool will work, months after it delayed the roll-out of the snapshotting tool following a privacy and security backlash.
Windows Recall is part of the AI-powered Copilot+ system. The tool would, if enabled by a user, take screenshots every few seconds of everything happening on screen, saving the images in an encrypted file.
That would allow a user to search the images, rather than have to dig through files to find content they need or answer questions. Passwords would not be snapped by the system, and users could turn Recall off for a period of time or disable it for specific apps, Microsoft noted. The data would all be saved locally rather than in the cloud.
Microsoft has now said in a blog post that Recall will launch from November, detailed further security improvements, and confirmed it will allow users to easily uninstall the tool — whether that proves enough to encourage widespread acceptance of the AI tool remains to be seen.
To start, Recall will now be off by default and users must actively opt in to use it — though it may prove a challenge to say no to employers who require the snooping snapshots to be enabled. Plus, Microsoft is allowing Recall to be fully uninstalled from your PC, including the AI models that power the system.
On the privacy front, Recall will never collect images from private browsing sessions, and users can choose apps and websites to ignore, choose how long to keep Recall images, and delete a time range or all content from an app if it's accidentally collected.
Encryption and virtualization in Windows Recall
In addition to those options for users, Microsoft has also properly encrypted all sensitive aspects of Recall, including the collection of snapshots. To access the images, the computer must be authenticated with Windows Hello, using a fingerprint, facial recognition, or a PIN.
"Recall leverages Windows Hello Enhanced Sign-in Security to authorize Recall-related operations," explained David Weston, Vice President Enterprise and OS Security, in the Microsoft post.
"This includes actions like changing Recall settings and run-time authorization of access to the Recall user interface (UI). Recall also protects against malware through rate-limiting and anti-hammering measures. Recall currently supports PIN as a fallback method only after Recall is configured, and this is to avoid data loss if a secure sensor is damaged."
Core to that is enclosing the snapshot system, search and images inside a virtualization-based security enclave (VBS Enclave).
"Within Recall, the services that operate on screenshots and associated data or perform decryption operations reside within a secure VBS Enclave," Weston said. "The only information that leaves the VBS Enclave is what is requested by the user when actively using Recall."
Accessing that sectioned off area requires credentials, he added. "This area acts like a locked box that can only be accessed after permission is granted by the user through Windows Hello," Weston said. "VBS Enclaves offer an isolation boundary from both kernel and administrative users."
Change enough?
Those security features sound like what should have been in place when Recall was first unveiled — but why weren’t they included? Weston said Microsoft saw Recall as a preview product with security still in development, and after the backlash moved up that work to include said features at launch.
"It’s not just about Recall, in my opinion we now have one of the strongest platforms for doing sensitive data processing on the edge and you can imagine there are lots of other things we can do with that,” Weston told The Verge.
“I think it made a lot of sense to pull forward some of the investments we were going to make and then make Recall the premier platform for that.”
Recall history
Microsoft first unveiled the Recall tool back in May, instantly sparking a backlash centered on privacy as well as security — despite the fact Recall was only intended to be made available on Copilot+ PCs and not rolled out to all Windows machines.
Security experts immediately criticized the tool, with one former Microsoft employee calling it a "new security nightmare", saying the feature fundamentally undermines Windows security.
The feature announcement also caught the attention of the UK data watchdog, the Information Commissioner's Office, which said at the time it was "making enquiries with Microsoft to understand the safeguards in place to protect user privacy."
The furor led Microsoft to delay the feature's availability. Recall was first supposed to be released in mid June, but that was delayed for further security testing and would be initially released as a preview via the Windows Insider Programme in the "coming weeks".
In August, that was pushed back to October; now, the tool won't be available until November.
Then, at the beginning of September, careful Windows watchers spotted an option to uninstall the tool in a preview version of the OS. However, Microsoft noted the setting's inclusion in the Windows Control Panel was a mistake.
The ICO last week said it had nothing to add on the looming Recall launch, but after the Microsoft news acknowledged the "series of changes" and said it would continue to assess the product before launch.
