Normal view
- Cybersecurity News and Magazine
- Microsoft Delays Recall Following Security, Privacy Backlash that Started on The Cyber Express
Microsoft Delaying Recall Feature to Improve Security
Microsoft is not rolling out Recall with Copilot+ PCs as it’s seeking additional feedback and working on improving security.
The post Microsoft Delaying Recall Feature to Improve Security appeared first on SecurityWeek.
Microsoft delays Recall again, won’t debut it with new Copilot+ PCs after all
Microsoft will be delaying its controversial Recall feature again, according to an updated blog post by Windows and Devices VP Pavan Davuluri. And when the feature does return "in the coming weeks," Davuluri writes, it will be as a preview available to PCs in the Windows Insider Program, the same public testing and validation pipeline that all other Windows features usually go through before being released to the general populace.
Recall is a new Windows 11 AI feature that will be available on PCs that meet the company's requirements for its "Copilot+ PC" program. Copilot+ PCs need at least 16GB of RAM, 256GB of storage, and a neural processing unit (NPU) capable of at least 40 trillion operations per second (TOPS). The first (and for a few months, only) PCs that will meet this requirement are all using Qualcomm's Snapdragon X Plus and X Elite Arm chips, with compatible Intel and AMD processors following later this year. Copilot+ PCs ship with other generative AI features, too, but Recall's widely publicized security problems have sucked most of the oxygen out of the room so far.
The Windows Insider preview of Recall will still require a PC that meets the Copilot+ requirements, though third-party scripts may be able to turn on Recall for PCs without the necessary hardware. We'll know more when Recall makes its reappearance.
Microsoft pulls release preview build of Windows 11 24H2 after Recall controversy
On Friday, Microsoft announced major changes to its upcoming Recall feature after overwhelming criticism from security researchers, the press, and its users. Microsoft is turning Recall off by default when users set up PCs that are compatible with the feature, and it's adding additional authentication and encryption that will make it harder to access another user's Recall data on the same PC.
It's likely not a coincidence that Microsoft also quietly pulled the build of the Windows 11 24H2 update that it had been testing in its Release Preview channel for Windows Insiders. It's not unheard of for Microsoft to stop distributing a beta build of Windows after releasing it, but the Release Preview channel is typically the last stop for a Windows update before a wider release.
Microsoft hasn't provided a specific rationale for pulling the update; the blog post says the pause is "temporary" and the rollout will be resumed "in the coming weeks." Windows Insider Senior Program Manager Brandon LeBlanc posted on social media that the team was "working to get it rolling out again shortly."
Microsoft Bows to Public Pressure, Disables Controversial Windows Recall by Default
Amidst public pressure, Microsoft changes the set-up experience of Copilot+ PCs to disable the controversial Windows Recall feature by default.
The post Microsoft Bows to Public Pressure, Disables Controversial Windows Recall by Default appeared first on SecurityWeek.
- Cybersecurity News and Magazine
- Microsoft Makes Windows Recall Opt-in, Encrypted in Response to Privacy Concerns
Microsoft Makes Windows Recall Opt-in, Encrypted in Response to Privacy Concerns
Microsoft Announces Windows Recall Opt-in, Authentication, Encryption
In a blog post today, Pavan Davuluri, Microsoft’s Corporate Vice President of Windows + Devices, said the company has heard those concerns. “Even before making Recall available to customers, we have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards,” Davuluri wrote. “With that in mind we are announcing updates that will go into effect before Recall (preview) ships to customers on June 18.” The first change is to update the set-up experience of Copilot+ PCs “to give people a clearer choice to opt-in to saving snapshots using Recall,” Davuluri wrote. “If you don’t proactively choose to turn it on, it will be off by default.” He provided a screenshot of what that opt-in screen will look like: [caption id="attachment_75793" align="alignnone" width="750"] Windows Recall opt-in screen (source: Microsoft)[/caption] Enrollment in Windows Hello authentication will be required to enable Recall, he said, and “proof of presence is also required to view your timeline and search in Recall.” Davuluri said Microsoft is also “adding additional layers of data protection including ‘just in time’ decryption protected by Windows Hello Enhanced Sign-in Security (ESS) so Recall snapshots will only be decrypted and accessible when the user authenticates. In addition, we encrypted the search index database.” “This gives an additional layer of protection to Recall data in addition to other default enabled Window Security features like SmartScreen and Defender which use advanced AI techniques to help prevent malware from accessing data like Recall,” he added.Beaumont Skeptical of Planned Recall Changes
In a Mastodon post, Beaumont said he’ll be skeptical of Microsoft’s planned changes until he sees the shipped product and can test it out. “Obviously, I recommend you do not enable Recall, and you tell your family not to enable it too,” Beaumont said. “It’s still labelled Preview, and I’ll believe it is encrypted when I see it. There are obviously serious governance and security failures at Microsoft around how this played out that need to be investigated, and suggests they are not serious about AI safety.”Researchers Show How Malware Could Steal Windows Recall Data
Cybersecurity researchers are demonstrating how malware could steal data collected by the new Windows Recall feature.
The post Researchers Show How Malware Could Steal Windows Recall Data appeared first on SecurityWeek.
Microsoft’s Windows Recall: Cutting-Edge Search Tech or Creepy Overreach?
SecurityWeek editor-at-large Ryan Naraine examines the broad tension between tech innovation and privacy rights at a time when ChatGPT-like bots and generative-AI apps are starting to dominate the landscape.
The post Microsoft’s Windows Recall: Cutting-Edge Search Tech or Creepy Overreach? appeared first on SecurityWeek.