Skip to main content

Microsoft outlines Recall security: ‘The user is always in control’

Recall promotional image.
Microsoft

Microsoft just released an update regarding the security and privacy protection in Recall. The blog post outlines the measures Microsoft is taking to prevent a data privacy disaster, including security architecture and technical controls. A lot of the features highlight that Recall is optional, and that’s despite the fact that Microsoft recently confirmed that it cannot be uninstalled.

Microsoft’s post is lengthy and covers just about every aspect of the security challenges that its new AI assistant has to face. One of the key design principles is that “the user is always in control.” Users will be given the choice of whether they want to opt in and use Recall when setting up their new Copilot+ PC.

Recommended Videos

Microsoft also notes that Recall will only run on PCs that are eligible for Copilot+, and that comes with a hefty set of hardware requirements that bolster the security. This includes Trusted Platform Module (TPM) 2.0, System Guard Secure Launch, and Kernel DMA Protection.

Setting up Microsoft Recall.
Microsoft

Let’s circle back to the user being in control of what Recall can or cannot access. During setup, you can choose to use it or not; if you don’t choose to use it, it’ll be off by default. Microsoft now also says that you can remove Recall entirely in Windows settings, although it’s unclear whether that means it’ll be completely uninstalled from the PC.

If you choose to opt in, you can filter out certain apps or websites and not allow Recall to save data related to them. Incognito mode browsing is never saved either. You’ll be able to control how long Recall will save your data for, and how much disk space you’re willing to spare for those snapshots. And if you ever want to delete something, you can get rid of snapshots from a certain time range or all content from a specific website or app. To summarize, everything that’s found in Recall can be deleted at any given time.

Microsoft is also adding an icon to the system tray. This will indicate whether Recall is currently collecting snapshots, and you’ll be able to pause this whenever you want. Moreover, you won’t be able to access Recall content without biometric credentials, meaning the use of Windows Hello.

A screenshot of the Recall feature in Windows.
Microsoft

Microsoft promises that sensitive data in Recall is always encrypted and protected via the TPM and tied to your Windows Hello identity. Other users on the same PC won’t be able to access your Recall data; it’ll only be accessible within the Virtualization-based Security Enclave (VBS Enclave). That’s where all the Recall data resides, and only select bits of it are allowed to leave the VBS when requested.

Microsoft also described the Recall architecture in greater detail, saying: “Processes outside the VBS Enclaves never directly receive access to snapshots or encryption keys and only receive data returned from the enclave after authorization.” Sensitive content filtering is also in place to filter out things like passwords, ID numbers, and credit card details from what Recall can remember.

Lastly, Microsoft says that it’s working with a third-party security vendor to run a penetration test and confirm that Recall is secure. All in all, it sounds like the company did its homework here, but we’ll have to wait and see how it all pans out when Recall is widely available.

Will these new measures be enough to alleviate the worries of those who have been boycotting Recall from day one? It’s hard to say, but it’s clear that Microsoft is aware of the controversies and is taking steps to prove that its AI assistant can be trusted.

Monica J. White
Monica is a UK-based freelance writer and self-proclaimed geek. A firm believer in the "PC building is just like expensive…
AMD and Intel are finally getting the Copilot+ treatment
The Asus Zenbook S 16 sitting on a coffee table.

Microsoft confirmed at IFA 2024 that its slate of Copilot+ features are coming to AMD and Intel laptops later this year. In a blog post, Microsoft revealed that AMD and Intel PCs that meet the minimum Copilot+ requirements will receive the AI features in November through free Windows 11 updates.

The inclusion of AMD and Intel has been up in the air since Microsoft released Copilot+ laptops exclusively with Qualcomm CPUs earlier this year. Although AMD and Intel held strong that the AI features would be available on Ryzen AI 300 and Lunar Lake CPUs, respectively, neither company would provide a definitive time frame.

Read more
Microsoft’s controversial Recall feature can’t be uninstalled
Recall promotional image.

The Recall saga continues. As it turns out, Microsoft's controversial AI feature cannot be uninstalled, although that was spotted as an option in the latest version of Windows 11 24H2.

The ability to uninstall it was initially observed by Desk Modder as a part of the "Turn Windows features on and off" menu in Control Panel, but Microsoft has now confirmed to The Verge that it was merely a bug. The statement to The Verge says that being listed in that menu is an issue that "will be fixed in an upcoming update."

Read more
Don’t use your Windows PC without using these security settings
The Windows Security app in Windows 11.

Historically, Windows has had a bad reputation for security, and there are far more malware strains that target Windows than any other operating system out there -- largely due to the scale of PCs that exist in the world. With such a vast array of potential threats, it’s more important than ever to keep your Microsoft PC safe and protected.

But doing so doesn’t have to be difficult or expensive. In fact, you can start right now with just the computer you own, no extra software necessary. And if you do want to supplement your PC with some of the best Windows apps that will boost your security and privacy, you don’t need to pay a penny.

Read more