Microsoft Recall: Tech giant u-turns on ‘complete nightmare’ AI feature after privacy outcry

  • Microsoft announced Copilot+ and Recall feature at the end of May.
  • Recall takes screenshots every few seconds to track everything you do on a Windows Laptop.
  • An ethical hacker quickly made a tool showing how easy it was to extract user data.
  • Microsoft has been forced to change Recall from being turned on as a default.

Microsoft has been left scrambling to salvage the launch of its flagship AI software after concerns were raised about how easy it would be to exploit by hackers. 

Surely, CEO Satya Nadella and the other executives could not have predicted the debut of Microsoft Copilot+ and Recall would have gone down as badly as it did. But cybersecurity experts soon raised the alarm about the AI tool and it was branded as a “complete nightmare” by users on social media. 

Hide Ad
Hide Ad

Following the outcry, Microsoft has been forced to rowback part of its plans with just days to go before the public launch. Here is the full story of what happened: 

Microsoft announces Copilot+ and Recall feature

At its Surface Event at the end of May, Microsoft became the latest tech giant to enter the battle royale arena that is the AI arms race. It lifted the lid on its Copilot+ AI features, set to be rolled out with its newer Surface laptops running on the powerful new Qualcomm Snapdragon X processors - having recently joined Apple in moving away from using Intel’s chips. 

But among the biggest headlines out of the presentation was the reveal of the Recall function. The tech giant claimed the AI programme would help to solve one of the “most frustrating problems we encounter daily”, allowing users to easily track down something “we know we have seen before on our PC”. 

Microsoft Corporate Vice President, Windows and Devices Pavan Davuluri speaks about Recall. Photo by JASON REDMOND/AFP via Getty ImagesMicrosoft Corporate Vice President, Windows and Devices Pavan Davuluri speaks about Recall. Photo by JASON REDMOND/AFP via Getty Images
Microsoft Corporate Vice President, Windows and Devices Pavan Davuluri speaks about Recall. Photo by JASON REDMOND/AFP via Getty Images | JASON REDMOND/AFP via Getty Images

What is Recall and how does it work? 

Recall was touted as allowing users to “access virtually what you have seen or done on your PC in a way that feels like having photographic memory”. It works by taking “screenshots” of your computer constantly and storing that information, users then make a simple search query and Microsoft’s state-of-the-art large language models then track down the requested information. 

It is similar to features announced by both Google - with its Ask Photos, which searches through your photos with its Gemini AI-tool - and Apple at its recent Worldwide Developers Conference.

Both Copilot+ and Recall were set to launch on 18 June, it was announced at the Surface Event and Recall would be active as the default. However the reveal of the AI features went down like a lead balloon. 

Security experts raise alarm about Recall 

In the announcement, Microsoft was at pains to stress security measures in place to avoid Recall data being accessed. But cybersecurity experts soon found ways to exploit the system and one ethical hacker quickly built a tool that was able to abuse Recall, Wired reported in early June.

Microsoft’s Recall tool stores all the information it has tracked into a database on compatible Windows Laptops. Alex Hagenah, a cybersecurity strategist and ethical hacker, created a demo tool dubbed TotalRecall, yes, like the Arnold Schwarzenegger film, which was able to quickly extract data from preview builds of Copilot+. 

Hide Ad
Hide Ad

He told Wired: “The database is unencrypted. It’s all plain text.” Hagenah explained that he built his demo tool in a bid to encourage Microsoft to make changes to Recall before it launched. 

It had been claimed that administrator privileges would be required on a laptop to access the Recall data stored on a Windows Laptop. However last week, James Forshaw, a researcher with Google's Project Zero vulnerability research team, published a blog on the safety of Recall and in an update added he was “wrong about Recall being secure” and concluded “no admin required ;-).” 

In a further post on Mastodon, Forshaw wrote: “Damn, I really thought the Recall database security would at least be, you know, secure.” Not exactly the glowing reception Microsoft was probably expecting when it announced Recall. 

Social media users slam ‘complete nightmare’ feature 

Twitter user GossiTheDog shared a brief clip of the Recall feature being hacked in a matter of seconds. The video was captioned: “To bring the Microsoft Copilot+ Recall feature dangers to life, here’s a 40 second video of Mental Outlaw hacking it. Avoid Copilot+ branded PCs until they make this feature fully opt in and fix it.” 

Mutahar (@OrdinaryGamers) shared to his 850,000 followers footage of Recall in action and labelled it a ‘complete nightmare’. While a cybersecurity based account added: “Microsoft Recall is a Privacy Disaster.” 

Wired writer, and published author Andy Greenberg tweeted: “As the security backlash has grown against Microsoft's Recall feature, it at least seemed the screenshots it takes every 5 seconds are stored such that a hacker would need admin privileges to access them. Turns out even that safeguard is easily bypassed.” 

Microsoft Copilot+ will launch on June 18. Photo by JASON REDMOND/AFP via Getty ImagesMicrosoft Copilot+ will launch on June 18. Photo by JASON REDMOND/AFP via Getty Images
Microsoft Copilot+ will launch on June 18. Photo by JASON REDMOND/AFP via Getty Images | JASON REDMOND/AFP via Getty Images

Microsoft u-turns on Recall ahead of launch 

In an update on June 7, Microsoft announced that it had changed tact on its plans for Recall and that it would no longer be switched on as a default with Copilot+. Pavan Davuluri, Corporate Vice President, Windows + Devices, said: “Even before making Recall available to customers, we have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards.” 

Users will now have to opt-in to Recall once Copilot+ launches on June 18. If you don’t proactively choose to turn it on, it will be off by default.

Hide Ad
Hide Ad

Windows Hello enrollment will also now be required before users can turn on Recall. In addition, proof of presence is also required to view your timeline and search in the AI feature. 

Davuluri added: “We are adding additional layers of data protection including “just in time” decryption protected by Windows Hello Enhanced Sign-in Security (ESS) so Recall snapshots will only be decrypted and accessible when the user authenticates. In addition, we encrypted the search index database.” If you are looking for a good video breakdown of the whole Microsoft Recall saga, TechLinked have a brilliant 9 minute explainer available to watch on YouTube right now. And if you want to share your thoughts on AI tools and Recall specifically, drop me an email at [email protected]

Related topics:

Comments

 0 comments

Want to join the conversation? Please or to comment on this article.