Microsoft Unveils Cool Yet Potentially Risky Recall Function
"Recall" is a new feature that can simplify your search process on your computer. If you've ever tried to find a specific email, photo, or document on your PC and scoured your hard drive for over 10 minutes, you know the frustration. Microsoft is hoping to make this easier with the introduction of Recall. Here's what you need to know about this new feature and its potential risks.
So, what exactly is Recall? This tool silently takes screenshots of everything you do on your PC throughout your session. When you perform a search with "Recall," it scans through these screenshots to find relevant moments in your PC activity that might be what you're looking for, putting them together into a scrollable timeline. For instance, if you're looking for a slideshow for work, your search may show the times you edited it in PowerPoint and presented it. The same goes for images. If you're looking for a photo of your dog at the park, you might see it from when you opened it in your photos library, but also in the messaging app where you sent the pictures to friends and family.
Recall even associates these screenshots with the active app. As you scroll through your timeline, you can see which window was open, as well as the app you were using at the time. If you know you're searching for a specific PowerPoint session from a certain month, you can easily skip over any screenshots from Teams.
Microsoft isn't the first to introduce a feature like this. Rewind, a third-party developer on macOS, offers a similar experience, recording all activities (including transcribing your audio) to make everything on your Mac searchable. The main difference is Recall is a Microsoft-built feature, while Rewind is exclusively for macOS users.
However, you won't be able to use Recall on just any computer, even if it's running Windows 11. Instead, it's an exclusive feature for Copilot+ PCs—Microsoft's new AI-powered PC standard. These PCs are equipped with Snapdragon X Plus and Snapdragon X Elite chips, which have a dedicated neural processing unit (NPU) for handling local AI processes. If you don't have one of these new machines, like the Surface Pro or Surface Laptop, you won't be able to try Recall when it's launched.
One question on everyone's mind is, is Recall safe to use? According to Microsoft, yes. Recall is entirely handled on-device, with no cloud processing. This means all AI processing and screenshots are done on your PC. Microsoft claims the screenshots used for Recall are encrypted on your PC, even from other profiles on the machine, so if you lock your computer, your Recall screenshots are locked, too. You also have the option to control which apps and websites Recall takes screenshots for, as well as when. Additionally, you can pause Recall or delete individual or all screenshots stored on your device. InPrivate browsing sessions in Microsoft Edge and DRM content like Netflix shows and movies will not be recorded.
While Microsoft may be confident in the security of Recall, it's not without its risks. This is because Recall takes screenshots of almost everything you do on your PC (if you haven't adjusted the settings), including sensitive information like passwords, social security numbers, or banking data. If Recall encounters these details on the screen, it's likely recording them. While these screenshots are encrypted when you lock your device if a hacker manages to break into your computer, they'll have access to your entire Recall history, including this sensitive information.
A security researcher named Kevin Beaumont discovered this first-hand when he tested the feature on a PC without an NPU. He found that when Windows saves these screenshots to your computer, it actually saves all the text from the images as plain text. This means everything you've been doing on your PC—including accessing banking information, private websites, and messages—is saved as plain text, except for the exceptions listed above. This information is not deleted when you delete the associated data or app either. If you delete a message in Teams, for example, it still lives in your Recall database forever, no matter if it's set to auto-delete.
Hackers can take advantage of readily available software called infostealers to grab all your Recall data in just a few seconds - everything you've ever done on your PC since turning on this feature. They don't even need to touch your computer physically; they just need you to log in, decrypt your drive, and use remote hacking tools to steal your Recall information. In fact, Beaumont tested this on his own PC and found that Microsoft's built-in security software, Defender, managed to identify the infostealer, but it took over 10 minutes to block it, which was enough time for the software to gather all of Beaumont's Recall data.
Before this report, the Recall feature was being closely watched by the Information Commissioner's Office (ICO), a U.K. data protection organization. They believe that companies must evaluate and address potential risks to people's privacy and freedom before introducing new products. Since Microsoft only revealed Recall a few days earlier, it hasn't been determined what the ICO thinks about the feature yet, nor if other government organizations will also investigate it.
Another potential issue is that Recall is automatically activated on new Copilot+ PCs. As reported by Tom Warren from The Verge, you can't disable Recall when setting up a new Copilot+ PC. Instead, you can pick to "open Settings after setup is finished so I can manage my Recall preferences." This means many (or even most) people who purchase a Copilot+PC will have this feature turned on.
This feature is incredibly attractive to hackers. When it was first announced, I thought it came with significant privacy and security concerns, but not so severe that it would prompt users to immediately turn it off. However, after reading Beaumont's analysis, it's evident that Recall is not yet ready to use, and if Microsoft proceeds with its Recall plans, it could put both individuals and corporations in danger. Not only can hackers pry into your personal information by going through your entire Recall history, they can also grab any private company databases you accessed, even your login credentials for them. This creates the potential for huge hacking risks. So, if Microsoft intends to continue with Recall, please: Turn off the feature.
If you want to try out Recall and other Copilot+ PC-exclusive features, you can preorder one of Microsoft's new Surface devices here:
- Surface Laptop: Starting at $999.99
- Surface Pro: Starting at $999.99
The links in this text do not direct to the Microsoft Surface devices but are mocked to display example product names.
Read also:
The tech giant Microsoft is introducing Recall, a new feature exclusively available on Copilot+ PCs, as part of their AI-powered computer standard. This tool takes screenshots of your PC activities throughout a session and allows you to search for specific moments by performing a search with the term "Recall".
Despite the potential risks associated with Recall, such as the recording of sensitive information like passwords and banking data, some users might still be curious about what Recall is in relation to Windows 11.
