The Windows recall was the talk of the town when it was announced alongside the launch of the Surface Laptop 7 and Surface Pro 11 PCs in June.
Recall lets you track your digital footprint using a timeline scrubber or find specific items using natural language search. For example, if you bought an orange sofa but forgot to bookmark it, you can search for “orange sofa” and Recall will theoretically find it for you.
Recall demo for Copilot+ PC launch
Credit: Microsoft
Recall may be advantageous for forgetful users who want to relive moments from the past, but some security experts have called it this. “Privacy nightmare.”
why? Because it captures allFrom innocuous moments like shopping or browsing to more sensitive situations like logging in with your password to your online bank.
As a result, Microsoft delayed the recall launch until October. And on Friday, September 27, the Redmond-based tech giant revealed its plans to make Recall safer and more secure for users.
Windows recall: 3 steps Microsoft has taken to improve security
The recall is still in preview. This means that only Windows Insiders will have access to the recall in October. But even in the testing phase, Microsoft outlined what it has done to make the new AI-based feature more secure for users.
1. Recall is an optional experience.
The recall, which is only available on Copilot+ PCs like the aforementioned Surface Laptop 7 and Surface Pro 11, isn’t turned on by default.
Microsoft Surface Laptop 7
Credit: Joe Maldonado / Mash
Before using your Copilot+ PC, you will be asked to select a recall.
Mashable Speed of Light
2. You can delete the entire recall.
If opting out isn’t enough, you can completely uninstall Recall from your Copilot+ PC, preventing it from being included on your system at all.
Recall running
Credit: Microsoft
(It was previously reported that Microsoft had no plans to offer an uninstall option for Recall.)
3. Recall data is encrypted.
Microsoft claims that all data stored through Recall is encrypted.
“Encryption keys are protected by a TPM tied to the user’s Windows Hello enhanced login security identity and can only be used within a secure environment called the VBS Enclave (Virtualization-Based Secure Enclave),” David said. I’m Weston, Vice President of Enterprise and OS Security at Microsoft.
If this sounds like gibberish to you, let me explain. Recall’s encrypted data is protected in three ways: First, your PC’s security chip, also known as TPM, is responsible for safely managing recall data. So even if a hacker breaks into your computer, the TPM ensures that only authorized users can access your computer.
Second, recall data can only be accessed through Windows Hello. This allows authorized users (you) to keep things safe through biometric authentication, such as facial recognition and fingerprint scanning.
Credit: Shomik Sen Bhattacharjee / Mashable India
Third, “VBS Enclave” Recall is a technical jargon that refers to an isolated environment within a PC, separate from the main operating system, that protects sensitive data and is used to securely process snapshots.
Microsoft emphasized that it does not share your snapshots and other related recall data with any third parties. Additionally, we do not share your Recall data with other users on the same PC.
You can also customize how Recall follows your footsteps. For example, you can filter out specific apps and websites.
“You are always in control and can delete, pause or turn off snapshots at any time. Users must take informed, explicit action to choose future options for sharing their data,” Weston said.