Microsoft announced that, following the discovery by security researchers that attackers may access the underlying data, an artificial intelligence function on new PCs that takes screenshots and allows searching of user activity will be turned off by default.
TakeAway Points:
- After Microsoft announced its Recall feature for Copilot+ AI PCs, security researchers said it could expose user data to hackers.
- According to Microsoft, the feature will be turned off by default on Friday.
- Security measures were also disclosed by the software provider.
Screenshot Feature on the new Microsoft PC will be off
During a press briefing last month, Microsoft highlighted the Recall capability as one of the key features for the next Copilot+ PCs with AI computing power included.
“If you don’t proactively choose to turn it on, it will be off by default,” Pavan Davuluri, Microsoft’s head of Windows and Surface devices, wrote in a blog post Friday.
Microsoft has been trying to balance competing interests of late as it moves to incorporate new generative AI tools into its products and keep up with the competition. While the market is evolving rapidly, user privacy and security are under a microscope. A U.S. government review board recently criticized Microsoft’s handling of China’s breach of U.S. government officials’ email accounts.
Copilot conversational chatbot
Microsoft has already added the Copilot conversational chatbot into Windows in a way that resembles OpenAI’s popular ChatGPT. Both ChatGPT and Copilot rely on servers in the cloud to perform necessary computations and then send back responses to PCs. Recall is different in that it keeps data on users’ computers and doesn’t need to access supplemental computing power over the internet.
Satya Nadella, Microsoft’s CEO, directed employees to put security first and announced changes to its security practices following the U.S. government report.
After Microsoft announced Recall, which can search through a log of previous actions on PCs, industry experts began questioning the potential for hackers to retrieve users’ information.
Security practitioners released software called Total Recall that displays data Recall collects.
“Windows Recall stores everything locally in an unencrypted SQLite database, and the screenshots are simply saved in a folder on your PC,” they wrote in a description of Total Recall on GitHub.
Concerns about Hackers
They expressed concern about attackers developing tools that can look for usernames and passwords contained in Recall screenshots.
Microsoft is adding security protections to Recall in addition to requiring people to manually turn it on once Copilot+ PCs become available on June 18. The search index database will be encrypted, Microsoft said.
“Windows Hello enrollment is required to enable Recall,” Davuluri wrote. “In addition, proof of presence is also required to view your timeline and search in Recall.”
With Windows Hello, users prove their identity by entering a PIN number, showing their face to the PC camera or providing a fingerprint.
“I think overall having a choice around opting in on home systems will save a lot of people security problems further down the line,” Kevin Beaumont, a former Microsoft cybersecurity analyst who criticized the original implementation of Recall, said in a Friday post on X. “It never should have been enabled by default.”
