Microsoft hastily rethinks controversial Copilot+ PC feature ahead of launch
A rethink for Recall
Late last week, Microsoft announced it would be changing how the flagship Recall feature of its recently announced Copilot+ PCs would work. The decision from Microsoft to change how Recall performs comes after an outcry from Windows users over potential privacy and security concerns.
Recall, expected to launch on June 18, is an all-new Windows 11 feature designed to run on Copilot+ PCs exclusively. It seeks to renew the way users can interact with their devices by harnessing AI to intelligently capture and analyze snapshots of your activity so users can search across an interactive timeline of events of every action taken during their computing sessions — from pages visited to songs listened to.
However, while Recall is easily one of the more promising AI PC features we've seen to date, it's also the one that's drawn the most ire from users who see it as a potential invasion of privacy and a possible security risk.
How Windows users reacted to Recall
Reactions to Microsoft's Recall feature for Windows have been one-sided. While there are those who defend the software, and the fact it's an optional service for Windows users, they're few and far between in the overall conversation.
"Calm down. You can switch it off!" states one redditor, attempting to calm down those concerned about Microsoft's latest AI-powered feature. However, it does little to calm the instant agitation felt by many.
Within another Reddit thread, users even show suspicion about the legitimacy of being able to truly "turn off" Recall, with one user asking: "Has there been any investigation on whether this setting is actually disabling Recall, as in not taking snapshots at all, or if it's simply disabling the long term storage?"
Comment from r/technology
In one thread, a Reddit user frames Recall in the harshest light possible: "It's literally spyware." Drawing conclusions as to why the feature was developed, the same redditor continues "Bet it was added at the behest of companies to spy on remote workers easier."
Stay in the know with Laptop Mag
Get our in-depth reviews, helpful tips, great deals, and the biggest news stories delivered to your inbox.
Comment from r/technology
But was the ire well warranted? After all, it took only days of Recall entering early testing before security researcher Kevin Beaumont showed video proof of the feature being hacked remotely.
To bring the Microsoft Copilot+ Recall feature dangers to life, here’s a 40 second video of Mental Outlaw hacking it. Avoid Copilot+ branded PCs until they make this feature fully opt in and fix it. pic.twitter.com/6TFdtCM0oOJune 6, 2024
Clearly, as it currently exists, Recall has a considerable number of security flaws that are rightfully drawing criticism online. It appears that the concerns of users about the safety of this feature weren't unfounded, but what can Microsoft do to resolve matters ahead of the feature's June 18 launch date?
Microsoft refit Recall for Copilot+ PCs: What's changed?
In a recent post to the Windows Experience Blog, Microsoft responded to growing criticism of Recall by highlighting several ways it intends to update the tool to patch any security loopholes and rebuild trust with Windows users.
The blog covers forthcoming changes that deal with everything from Recall's switch to an opt-in feature, as well as various updates to the security requirements of the software in the future.
- Windows Recall will now require a user to opt-in to the service, meaning the service will be disabled by default.
- Recall will now require Windows Hello to be active to use the feature. Windows Hello will be used to provide proof of presence for users to view and search through saved timelines.
- Windows Hello enhanced sign-in security (ESS) will also be used to bypass "just in time" decryption of snapshots and the search index database, to further ensure that Recall snapshots are only accessible when the user provides authentication.
Alongside these updates, Microsoft reaffirms the privacy of Recall, reminding users that snapshots are stored locally and won't be shared with any other applications or companies — including Microsoft.
It's also been revealed that a Recall icon in the taskbar will let users know when the feature is running, and that users will be able to pause, filter, and delete what's saved at will.
Microsoft has also confirmed that InPrivate or digital rights managed browsing will not be saved when using supported web browsers.
Outlook
How Windows users react to Recall's security enhancements remains to be seen, however, Microsoft will be under heavy scrutiny as the feature goes into release later this month — and with so much user data on the line, it's difficult to dismiss these concerns as unfounded.
We'll keep a close eye on Windows Recall and its subsequent updates in the testing period before release. However, without significant change, Microsoft's killer Copilot+ app could quickly become a liability for the company.
More from Laptop Mag
- I spy with my little AI: Are Copilot+ PCs a threat to your privacy?
- What are Copilot+ PCs? Microsoft's new era of AI PCs explained
- Surface Pro and Surface Laptops may finally match MacBooks in one key area
Rael Hornby, potentially influenced by far too many LucasArts titles at an early age, once thought he’d grow up to be a mighty pirate. However, after several interventions with close friends and family members, you’re now much more likely to see his name attached to the bylines of tech articles. While not maintaining a double life as an aspiring writer by day and indie game dev by night, you’ll find him sat in a corner somewhere muttering to himself about microtransactions or hunting down promising indie games on Twitter.