Category: Microsoft|Sep 28, 2024 | Author: Admin

Windows Recall now can be removed, is more secure

Share on

Microsoft has announced security and privacy upgrades to its AI-powered Windows Recall feature, which can now be removed, and it has stronger default protection for user data and tighter access controls.

Today's announcement comes in response to customer pushback requesting stronger default data privacy and security protections, which prompted the company to delay its public release by making it first available for preview with Windows Insiders.

 

Redmond also previously revealed that customers would have to opt-in to enable Recall on their computers and that authentication via Windows Hello would be required to confirm the user's presence in front of the PC.

 

Recall takes screenshots of active windows on your PC every few seconds, analyzes them on-device using a Neural Processing Unit (NPU) and an AI model, and adds the information to an SQLite database. You can later search for this data using natural language to prompt Windows Recall to retrieve relevant screenshots.

 

Since Microsoft announced this feature in May, cybersecurity experts and privacy advocates warned that Windows Recall is a privacy nightmare and would likely be abused by malware and threat actors to steal users' data.

 

Enhanced security and privacy controls
In response to negative feedback from customers and privacy and security experts, David Weston, Microsoft's vice president for Enterprise and OS Security, revealed today that Recall is always opt-in, automatically filters sensitive content, allows users to exclude specific apps, websites, or in-private browsing sessions, and can be removed if needed.

 

"If a user doesn't proactively choose to turn it on, it will be off, and snapshots will not be taken or saved. Users can also remove Recall entirely by using the optional features settings in Windows," Weston said.

 

Recall now also comes with a sensitive information filter designed to protect confidential data, such as passwords, credit card numbers, and personal identification details, by automatically applying filters over this content.

 

Weston assured users that they retain complete control over their data, as Recall will allow them to delete snapshots, pause them, or turn them off at any time. "Any future option to share data will require fully informed, explicit action by the user," he added.

 

Recall has also been redesigned to operate on four core principles: user control, encryption of sensitive data, isolation of services, and intentional use.

 

​Weston says snapshots and associated data are also encrypted, with the encryption keys protected by the device's Trusted Platform Module (TPM). This module is tied to the user's Windows Hello credentials and biometric identity and ensures that no data leaves the system without the user's explicit request.

 

"Recall snapshots are only available after users authenticate using Windows Hello credentials. Windows Hello's Enhanced Sign-In Security ensures privacy and actively authenticates users before allowing access to their data," he said.

 

"Using VBS Enclaves with Windows Hello Enhanced Sign-in Security allows data to be briefly decrypted while you use the Recall feature to search. Authorization will time out and require the user to authorize access for future sessions. This restricts attempts by latent malware trying to 'ride along' with user authentication to steal data."

 

Furthermore, Recall also includes malware protection features such as rate-limiting and anti-hammering measures.

 

"Recall is always opt-in. Snapshots are not saved unless you choose to use Recall, and everything is stored locally," Weston concluded.

 

"Recall does not share snapshots or data with Microsoft or third parties, nor between different Windows users on the same device. Windows will ask for permission before saving any snapshots."

 

Microsoft announced last month that Recall will start rolling out to Insiders with Copilot+ PCs in October.

Sponsored Ads:

Comments:


Over 200 malicious apps on Google Play downloaded millions of times

Category: Google|Oct 15, 2024 | Author: Admin

Google warns uBlock Origin and other extensions may be disabled soon

Category: IT|Oct 14, 2024 | Author: Admin

Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server

Category: Microsoft|Oct 13, 2024 | Author: Admin

Microsoft fixes Word bug that deleted documents when saving

Category: Microsoft|Oct 12, 2024 | Author: Admin

Microsoft Outlook bug blocks email logins, causes app crashes

Category: IT|Oct 11, 2024 | Author: Admin

The Internet archive is down - and your user information may have been stolen

Category: IT|Oct 10, 2024 | Author: Admin

Discord blocked in Russia and Turkey for spreading illegal content

Category: IT|Oct 9, 2024 | Author: Admin

Google ordered to open up the Play Store in Epic Games antitrust ruling

Category: Google|Oct 8, 2024 | Author: Admin

Recently patched CUPS flaw can be used to amplify DDoS attacks

Category: IT|Oct 7, 2024 | Author: Admin

Google removes Kaspersky's antivirus software from Play Store

Category: Google|Oct 6, 2024 | Author: Admin

UK nuclear site Sellafield fined $440,000 for cybersecurity shortfalls

Category: IT|Oct 5, 2024 | Author: Admin

Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps

Category: IT|Oct 4, 2024 | Author: Admin

Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues

Category: Microsoft|Oct 3, 2024 | Author: Admin

Microsoft Office 2024 now available for Windows and macOS users

Category: Microsoft|Oct 2, 2024 | Author: Admin

HPE Aruba Networking fixes critical flaws impacting Access Points

Category: IT|Oct 1, 2024 | Author: Admin
more