Microsoft Backtracks: Copilot+ AI PCs Won’t Have Recall Feature On by Default

Recall is a feature to help recover data on Copilot AI PCs. However, it has glaring security ommissions. Luckily, Microsoft is changing that.

When Microsoft announced its Copilot+ AI laptops in May, it introduced a new feature that helps users find and recover data. However, the company is reversing course and making it an opt-in feature due to security concerns. The company is also adding encryption and other security options to the Recall feature.

When Microsoft announced the Recall feature for Windows 11 (available on Copilot+ AI-powered PCs), it was met with controversy due to its glaring security omissions. Recall takes system snapshots, including screengrabs of virtually everything you do on the machine. Microsoft said Windows would back up these screen grabs to your local drive. Testers quickly discovered how easily accessible they were to anyone with access to your PC.

The idea of Recall is to allow you to recover missing data quickly. However, most in the security community have found security vulnerabilities in how it works. In addition to recording everything you do, including NSFW content, Windows Recall stores everything on your local drive in a plaintext database.

Anyone with basic computer knowledge with access to your laptop could find sensitive information like usernames and passwords. In addition, malicious code could be injected into your system, see your Recall database, and send it to nefarious actors.

To top off all the security omissions, Microsoft has been unclear about whether Windows would enable the Recall feature by default. Luckily, things are about to change.

Everyone Hated Recall, So Microsoft is Changing it

Everyone hates the idea of having everything they do on their PC recorded and saved in an unencrypted plaintext database. So, before the Copilot+ AI laptops hit the shelves, Microsoft is changing the feature.

In a blog post, Microsoft exec Pavan Davuluri notes the changes. “Even before making Recall available to customers, we have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards. With that in mind, we are announcing updates that will go into effect before Recall (preview) ships to customers on June 18.”

As we mentioned earlier, Microsoft was unclear about whether Recall is on by default. The only factual information we got was the company telling the BBC it’s an “optional experience.”

Microsoft now says the Recall experience on Copilot+ PCs will give users a more apparent choice to opt into the snapshot saving feature. If you don’t proactively turn it on, it will be off by default.

opt-in for Recall feature copilot PC

Image courtesy: Microsoft

Also, Windows Hello is required to turn on Recall. Proof of privilege is required to view your timeline and search Recall on your system. This will make it harder to access Recall by requiring your face, fingerprint, or PIN each time you open Recall to view your data.

windows hello needed to search recall history

Image courtesy: Microsoft

Finally, developers are adding more layers of data security, including ” just-in-time” decryption protected by Windows Hello Enhanced Sign-in Security (ESS).

Better Recall Security on Copilot+ AI PCs

The Recall feature is available on Copilot+ PCs with fast NPUs, 16GB RAM or more, and a minimum of 256GB of storage. Existing Windows PCs, even those with NPUs, won’t have the Recall feature. The first Copilot+ PCs will use Qualcomm’s Snapdragon X Elite and X Plus processors. Intel and AMD systems that meet Copilot+ requirements won’t be available until later this year.

While it’s designated to a handful of PCs out of the gate, it’s essential to see Microsoft change its stance and develop the security of the Recall feature. Plus, if you end up with a first-generation Copilot+ PC, deciding whether to use Recall will be easier, which is a welcome security measure from the company.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


To Top