Windows 11: Recall to get a second chance, coming in October 2024 as a preview for Insiders

Windows[German]Microsoft is not yet abandoning its AI feature "Recall" in Windows. After a real PR disaster when this feature was announced in May 2024, the project was scrapped and Microsoft wanted to reconsider. In an update on August 21, 2024, Microsoft has now announced that Recall for Copilot+ PCs will be made available again as a preview for Windows Insiders from October 2024. However, details will not be available until October 2024, when the feature in question will be made available in the Windows Insider Program (WIP) – presumably for Windows 11.

What is Recall?

On May 20, 2024, Microsoft presented the "Copilot+PC" concept. These are PCs whose hardware is equipped with AI support and Copilot. A special feature of these Windows 11 PCs should be the "Recall" function. The Recall function should enable Windows to constantly take screenshots of the user's screen and use a generative AI model to process the data and make it searchable.

Microsoft's promise was that the user would only have to type in a keyword to find out when they had done something or where the documents with this keyword could be found on their computer. But with Recall, "a surveillance unit" is implemented in Windows that precisely records everything the user does and then makes it searchable.

"Oh, you chatted with the red light offer on xyz for 13 minutes on xxx and paid for that with credit card xyz? Oops, I've just seen that you use Tor, but the website abc visited on xxx is not at all what we want to see. Uh, you logged in to the server with your credential xyz/abc." The examples could go on and on. The computer that was once started as "personal" then no longer has anything personal about it – everyone becomes transparent – a nightmare for every user who doesn't walk around with the "I don't care, I have nothing to hide" hat on.

The PR and security disaster

Microsoft's CEO, Satya Nadella, promised that it would all be safe for the user. In an interview where he presented the AI PCs and was asked about people's concerns regarding this recall function: "You have to bring two things together. This is my computer, this is my recall, and it's all done locally. So that's the promise. That's one of the reasons why Recall works like magic, because I can trust that it's on my computer."

Users should also be able to prevent the Recall function from taking screenshots if they are concerned about their privacy or do not want to use the feature. However, Microsoft's "move" backfired badly; security researchers railed against the "surveilance thing built into Windows". Security researcher Kevin Beaumont tore the concept of Recall apart in a series of tweets as the stupidest thing ever. After all, Recall is supposed to record all user activities and store them in a (local) searchable database.

This is a great opportunity for attackers to search this database for sensitive data such as passwords, account information, user names, email addresses, etc. Security researchers have been able to show how easy it is to extract such information from the database. I have reported on this problem in various blog posts (see links at the end of the article).

Withdrawn and new announcement

Due to the devastating criticism, Microsoft then decided not to deliver the Recall function, but to reconsider the issue. I had reported on this in the article Windows 11 Copilot+PC will be released without recall. But postponed is not canceled, it was clear that Recall would come back at some point.

In the article Update on the Recall preview feature for Copilot+ PCs from June 7, 2024, there is now an update from August 21, 2024, where Microsoft continues to talk about the goal of offering its customers a trustworthy and secure recall (preview) experience on Copilot+ PCs. Therefore, the (hopefully excited) users are informed that Recall will be available for Windows Insiders from October.

Reference is made to an announcement from June 13, 2024, where it was already announced that the Recall release had been adjusted and Microsoft "wants to use the valuable expertise of the Windows Insider community" before Recall is made available to all users of Copilot+ PCs. The "valuable expertise of the Windows Insider community" can – figuratively speaking – be smoked in the pipe. After all, reported bugs from the Insider Preview have often slipped into the final version of Windows. On the other hand, serious bugs were often overlooked by the insiders.

But in the spirit of "calm down the customers", the "valuable expertise of the Windows Insider community" is emphasized – if it is repeated often enough, people will believe it. Long story short: Microsoft says "Security remains our top priority. As soon as Recall is available for Windows Insiders in October 2024," they plan to publish a blog with further details.

I'm guessing that we won't run out of Recall disputes in the future. This recall will only be available on "Copilot+PC systems with Windows 11 for Insiders. But the long-term goal is to force every Windows user into this corset. I'm looking forward to the implementation and the response from security researchers. It may well be that Microsoft believes that "security is the top priority" – what they deliver on a daily basis speaks a different language, with marketing coming before sensible and secure functions – at least that's my impression.

Similar articles:
Copilot+AI: Recall, a security disaster – AI-assisted theft
Microsoft improves AI feature Recall and adds "security measures" – is that enough?
Windows 11 Copilot+PC will be released without recall

This entry was posted in Security, Software, Windows and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *