Microsoft Prepares To Reboot Windows Copilot Recall With A Security Revamp

29 Sep 2024, 14:32 by Alan Velasco · HotHardware

When Microsoft kicked off the Copilot+ PC era earlier this year, one of the more highly touted features was Recall, which would create a searchable history of everything a user did on their PC. It was immediately torn apart by many security researchers and criticized by many users. This backlash led to the company deciding to not include this feature with the first wave of Copilot+ PC devices. After going back to the drawing board, it seems that Microsoft is ready to roll out the feature after seemingly tackling both the security and privacy criticisms.

To address security concerns, data generated by Recall will be protected using encryption, with the corresponding keys secured using the Trusted Platform Module (TPM). Additionally, these keys and data can only be accessed from within the Virtualization-based Security Enclave (VBS Enclave). To safeguard from any unintended changes to Recall settings, it’s now possible to lock them down with Windows Hello Enhanced Sign-in Security. Lastly, Recall now “protects against malware through rate-limiting and anti-hammering measures.”

To alleviate any worries about privacy, Microsoft is making the feature opt-in by default and offering users a suite of settings to control how Recall operates. These include choosing which sites Recall can take snapshots of, how long data is held and how much disk space can be used, and filtering for sensitive content such as identification cards or credit card numbers. Furthermore, a helpful icon will be available in the system tray that will notify users when snapshots are taken and allow users to pause Recall.

These new design principles are a change in the right direction and should go a long way to calming both everyday users and security professionals. Far and away the best decision Microsoft made for Recall’s reboot is making it an opt-in feature, and even giving users the ability to completely uninstall it. PC users are accustomed to having control over their devices, especially when it comes to security and privacy. Time will tell if the changes are enough to make Recall a feature as popular as Microsoft envisioned.