30 September 24, 14:54
Quote:When Microsoft announced the AI-feature Windows Recall earlier this year, it was confident that it would receive praise for the feature.
The main idea behind Recall was to give users AI-powered access to past activity on their Windows PCs. Recall would capture a screenshot every five seconds, process the data, and allow users to interact with that data using natural language.
What followed was a wave of criticism. Privacy and security advocates criticized Microsoft for several key aspects:Microsoft pulled Recall shortly thereafter and promised to to better. The company has now highlighted changes that it made to Recall in a new blog post on the Windows Experience blog.
- Recall would run automatically after the initial setup. In other words, it was opt-out, not opt-in.
- The database and data was not specially secured during runtime.
Recall: the security and privacy changes
Microsoft addresses the criticism in several ways. First, by making Windows Recall and opt-in experience. Microsoft says that users will see an option to turn on Recall during the out-of-box experience.
They may also turn it on at a later point in time. Good news for users who do not want anything to do with Recall: it can be uninstalled, despite Microsoft's previous comment that this won't be possible.
Second, Microsoft is improving security by encrypting Recall's database and running essential Recall processes in an isolated environment.
Malware cannot just copy the data during runtime anymore, thanks to the extra security.
On top of that, Windows Hello is required for certain actions. Microsoft mentions that prompts are shown when users try to make changes to Recall's settings and when they want to access the Recall user interface.
There are also rate-limiting and anti-hammering measures to limit malware attacks.
...
Continue Reading