The recall will be available in preview form in late November 2024 for Windows Insider Insiders running the right hardware. And now the full version has been released.
So, is there any cause for concern about the recall and the privacy of personal information or data linked to the company? Whether you have a work laptop, home PC, or multiple work computers, let’s take a closer look so you can understand exactly what’s happening and what decisions you need to make.
First, the good news. Windows Recall is only available on new CoPilot+ PCs. Updates are not available for Windows 11 or Windows 10 PCs currently in use. You don’t even have to think about recalls until you buy a new PC from the “CoPilot+ PC” brand.
What is a Windows Recall?
Recall will be built into Windows 11 in the future. And again, this feature is only available on new PCs that Microsoft has certified as “CoPilot+ PCs.”
These PCs are equipped with an NPU with 40 TOPS performance, which can accelerate local AI tasks, that is, AI tasks performed on a PC without an online server, in a way that does not consume a lot of battery power.
If you’re using a CoPilot+ PC, you can use the optional recall feature that allows you to capture a snapshot of the screen every five seconds. It does not capture audio or video; it only captures an image of the screen. You can then search for that snapshot using plain language search. For example, you could say: “Show me the PowerPoint presentation you were looking at three weeks ago, the one with the green bar chart.” or “What was the message David sent me two months ago about the quarterly budget? All of these searches are done entirely on the device and operate offline. Microsoft’s servers are not involved.
As an easier way to help your computer remember and retrieve what you were doing, this type of feature can improve the productivity of anyone who uses their PC for other tasks, from shopping online to planning a vacation to chatting with friends. You can clearly see how it can be improved.
The Mac also has a similar feature called Rewind, which allows you to capture and search computer activity. However, Rewind is not built into macOS by Apple, but is a third-party tool.
What has changed since the initial announcement
Since first announcing the recall in May, Microsoft has delayed its rollout several times and announced changes to strengthen privacy and security and make the feature more reliable. The specific changes are as follows.
- Recalls are turned off by default unless you choose to turn them on during the Windows installation process.
- Recall basically filters out sensitive information such as passwords, credit card information, and social security numbers.
- Recall requires Windows Hello authentication to access snapshots.
- Recall’s data is securely encrypted in the VBS enclave, making it inaccessible to other users and applications. Keys are only released upon authentication via Windows Hello.
- Recall is disabled by default on managed business PCs. Companies must choose to use it, and employees cannot activate the recall at will.
- The recall will be tested through the Windows Insider Program before being rolled out to stable CoPilot+ PCs. For reference, testing began at the end of November 2024.
Microsoft detailed these changes in a June 2024 blog post and a recall architecture update released in September 2024.
Overall, it’s a reasonable change that addresses many of the criticisms people have raised about how the recall was originally implemented. Additionally, because the release has been done more slowly and with more testing, it doesn’t feel like a rushed release to surprise people like it did when it was originally announced.
Is Microsoft secretly installing recalls on my PC through updates?
no. It cannot be overemphasized. The recall is not available for current Windows 11 or Windows 10 PCs. As Microsoft says, this feature is available “exclusively” on the new CoPilot+ PC. It won’t suddenly install on your existing PC through Windows Update or any other mechanism.
As of November 2024, Co-Pilot+ PCs are laptops equipped with a Qualcomm Snapdragon
Should recalls be used unconditionally?
Recall is entirely optional. When you first log in to your new CoPilot+ PC, Microsoft will provide you with information about the recall and allow you to make a decision. At this point, you can choose not to use Recall, in which case Recall will do nothing and collect no data of any kind.
When you enable Recall, the Recall icon will be pinned to your taskbar by default, and the system tray icon will be displayed while Recall is running. Rather than running quietly in the background, it is very visible. Ultimately, Microsoft wants users to use recall to find things.
Microsoft says you can pause the recall at any time using the system tray icon or the option in Settings > Privacy & Security > Recalls & Snapshots. You can turn this feature on or off, delete existing snapshots, and choose to filter specific apps and websites to prevent the recall from capturing them. Additionally, the recall does not capture any activity in the ‘Private Browsing’ window in browsers such as Chrome, Edge, and Firefox.
How do companies control recalls?
Microsoft says the recall is disabled by default on managed business PCs. Businesses don’t need to do anything to disable device recalls. In fact, to ensure employees have access, companies must activate the recall themselves.
Companies that want to enable recalls can use group policies or mobile device management (MDM) policies. Microsoft provides a recall control guide for IT managers.
Where are recall snapshots stored?
Recall saves all snapshots and other data on your PC. When performing a search, Recall performs the search on your PC. Microsoft says your data is not uploaded to Microsoft servers. All work is done completely locally, and there is no PC phoning home (the system reporting information to other computers).
If you use multiple PCs, it is somewhat less useful because recall activity is not synchronized across PCs. If you use multiple PCs, you’ll need to search for recalls on the original PC where you actually did the work to find what you’re looking for. However, this can be a good thing in terms of privacy, especially from a business perspective.
Additionally, recall data is stored in an encrypted manner for each device user account.
You won’t be able to access the recall and view activity on the device unless you first authenticate with Windows Hello authentication. Because it requires your face, fingerprint, or PIN to activate, the recall data cannot be viewed by anyone sitting in front of the PC, and is encrypted with a key that is only released for access when the corresponding authentication occurs.
Does Microsoft take recall data?
Microsoft says the recall data is only stored on the user’s PC and is not processed on its servers. Because Microsoft does not see or receive this data, recall snapshots are not used for purposes such as sending ads to users or training AI models.
Couldn’t someone steal your laptop and view the snapshots?
Modern Windows PCs, like other modern devices, have encrypted storage. Anyone who steals your PC must be able to log in as a user to view your data.
The recall is only available on CoPilot+ PCs, and Microsoft has set higher security standards for these PCs. For example, it must be a secured-core PC and include a Microsoft Pluton secure processor. This means it comes with encrypted, secure storage backed by hardware security features.
In reality, if someone steals the PC of an office worker or home PC user and successfully logs in, they can already access a lot of personal data. This can include financial documents stored on the PC itself, sensitive business information, email accounts the computer is logged into, and more.
The recall certainly creates additional data that criminals can access if they break into your PC. But overall, it’s less risky to use Recall on a securely encrypted CoPilot+ PC than to carry around a Windows 10 laptop that doesn’t use Bitlocker or another encryption feature.
Can other users of my PC see the snapshots?
Recall data is stored separately for each user account on the PC. This means that even if you share your PC with others, they won’t be able to see your recall snapshots unless they can log in to the computer with your user account and credentials.
Are bank account numbers and passwords stored in the recall?
“The recall does not perform any content moderation,” Microsoft originally said. The recall was that if a password or account number was displayed on the screen, it would be saved.
But Microsoft changed its mind. Recall now filters out sensitive information such as passwords, credit card information, and social security numbers by default. Of course, the user can choose. You can go to Settings > Privacy & Security > Recovery & Snapshots and turn off the ‘Filter sensitive information’ option to see this information in snapshots.
Either way, the recall doesn’t capture most passwords that users enter because most websites ‘conceal’ passwords by marking the password entry dialog box as ****. You can also choose to ignore recalls by filtering specific websites, using private browsing, or filtering entire applications. You can also delete recall snapshots at any time.
Such data is not displayed in recall snapshots by default. Even if you choose not to filter, remember that only people with physical access to your PC and who can log in to your user account will have access to this information. And anyone with physical access to your PC could actually do much worse, like installing malware.
But what if someone else with access to my PC can’t snoop on it?
To snoop on personal information through snapshots, you must have physical access to your PC and log in as a user. Additionally, due to Microsoft’s recall change, you will need to authenticate as yourself through Windows Hello. Even if users step away from their PCs and leave them logged in, recall data cannot be accessed without biometrics or a PIN.
To be honest, even the possibility of that happening raises concerns. For example, a malicious colleague or family member could find your personal information through the snapshot if recall snapshots are enabled and they know your Windows Hello PIN or are given access.
But this risk is always there even if there is no recall. That same person could use their access rights to install keyloggers and remote monitoring software to spy on their coworkers’ PC usage, regardless of whether they use Recall or not. Anyone you temporarily grant access to your PC may be able to view your email or retrieve sensitive financial documents. The recall feature introduces a new way for anyone who already has access to your PC to find sensitive information, but even if you don’t use the recall feature, you can still do a lot of damage.
How worried should you be about recalls?
The reason for concern about the recall is clear. This is because there have been changes in the way computers remember and store information. And it seems like an obvious privacy concern if people with access to your PC can comb through your saved PC history using ‘AI-style’ plain language searches.
In other respects, nothing changes. This feature is disabled by default, so you can choose whether to use it or not. Even with this feature enabled, all data is stored on your PC, providing more privacy than many of the cloud-connected services we use every day.
Importantly, Recall does not transmit this data. PC and Internet users already hand over a lot of detailed information to Microsoft and other companies. If you’re worried about these companies receiving information about you, the recall may not be the issue, but many other Windows and Web features may be the issue.
Recall can significantly improve productivity by helping many office workers retrieve all the information they have seen on their work PC. If you use Discord to chat while working, you can filter Discord so that what you say on Discord isn’t captured while Recall takes snapshots of every Word document, Excel spreadsheet, and Outlook email you look at throughout the day. there is. And as I said before, recalls generally offer a lot of control. If you don’t want Recall to capture your browsing session, you can use the private browsing mode.
Veteran Windows journalist Paul Serratt, who has been critical of Microsoft’s privacy practices, also argued that the recall does not pose a privacy issue. As Serratt says, Recall doesn’t upload anything to Microsoft; it just stores data on your PC.
But aren’t there still concerns about privacy?
Especially if you have a lot of information stored on your PC and a way to find it faster, you can increase your productivity and save time. But there are a few elements to the recall that are making everyone hesitate. Never before has a PC captured and stored information in this way. It’s a somewhat shocking method.
However, Microsoft has responded to the initial criticism and made changes in a positive direction. Disabling recall by default on work PCs, filtering out personal information from snapshots, and requiring Windows Hello authentication to access snapshots are all smart changes.
But there are reasons for people to be concerned about recalls. An attacker with access to a PC could enable recall without installing a keylogger and then retrieve personal information from the recall snapshot. This type of attack can be a bit more subtle and difficult to detect than a full keylogger installation attack. It’s a good thing that this feature is disabled by default on work PCs.
Answers that need verification and the potential of a new Windows PC
Above all, it remains to be seen how these risks will manifest themselves in the real environment. When I first raised this issue, I pointed out that Microsoft needs to strengthen privacy filtering and make efforts to protect recall snapshots from anyone with access to the PC. Microsoft changed it this way.
Perhaps the recall will make you realize how dangerous it is to allow others access to your PC. This has always been dangerous, and sensitive documents, emails, and browser history can be exposed with just a few clicks.
Of course, Microsoft’s massive CoPilot+ PC push is aimed at more than AI. Now the PC industry finally has a thin and light laptop with incredibly long battery life that can compete with the MacBook. Even disabling recall and turning off all AI-based features on your new CoPilot+ PC will see a significant upgrade in battery life over your current laptop.
editor@itworld.co.kr
Source: www.itworld.co.kr
