Microsoft has seemingly pulled its Recall feature – the AI-powered search that screenshots your PC activity and has caused controversy aplenty – not just from Copilot+ PCs at launch, but now from Windows 11 test builds, too.
If you cast your mind back to a week ago, June 14, Microsoft came forth with an announcement that Recall had been withdrawn from Copilot+ PCs, where it was supposed to be in ‘preview’ at launch, and would instead be available to preview in the “Windows Insider Program (WIP) in the coming weeks.”
In other words, Windows test builds – but of course, the mention of the ‘coming weeks’ suggests that testing of the feature won’t happen immediately in the Canary channel (or other preview channels for that matter).
Following that, build 26241 emerged in Canary testing, and as Tom’s makes clear, it has no sign of the Recall feature – it has all been stripped out.
Analysis: Recall won’t be ready until it’s ready – and that’s a good thing
Really, then, this is to be expected. As we noted above, Microsoft has said Recall is going into testing, but only in the coming weeks, hinting it’s still a little way off reaching that point. But it’s still interesting to see that Microsoft has stripped it out completely in the Canary channel, after pausing the preview build which had the feature (albeit with changes discovered by Albacore that were hidden in the background).
To us, this indicates that it might be a bit more of a long haul than Microsoft suggests for Recall actually going live even in test builds of Windows 11. But frankly – if this turns out to be the case – we think that’s something to be grateful for, being very much of the opinion that Recall likely isn’t remotely ready yet.
If Microsoft is taking the time to pull it completely, and really get the Recall house in order, before deploying it to Windows 11 testers, that’s a good sign. It’s a kingpin AI feature for Copilot+ PCs, after all, so Microsoft needs to get Recall right, and if that takes time, all well and good as far as we’re concerned.
Microsoft’s flagship AI feature for Copilot+ PCs, Recall, has been through the wringer lately, and at the risk of sounding like a hater – rightfully so.
In case you missed it, Recall takes screenshots every few seconds, building up a library of images you can search via AI, but the feature has some serious issues on the privacy front, to the point that the launch of Recall was pulled and banished back to the Windows Insider Program for further testing.
However, that hasn’t stopped Microsoft from quietly adding new features to Recall as the tech giant runs damage control around this whole controversy.
As discovered by well-known leaker Albacore, writing for Tom’s Hardware (via Neowin), there are a few new chunky bits of functionality hidden away in the latest Windows 11 preview build (in the Canary channel).
One of those is ‘screenray’ which is a utility that’ll pop up to analyze what’s currently on the screen. It’s summoned via a keyboard shortcut and allows the user to get extra information from Copilot about anything present on-screen, or access a translation for something in a foreign language.
While we have a limited understanding of the exact nature of this new tool, it does seem similar to the Reader feature in Safari that Apple introduced during WWDC – which leverages Apple Intelligence to scan a web page and translate, summarize, or add insight to whatever content is currently being browsed. Of course, Windows 11’s Recall tool is available across your entire system, not just in a browser.
Alongside this, Microsoft has implemented a revamped homepage design for Windows 11’s Recall feature. This means that when you fire up Recall, instead of being presented with a new snapshot, you get a grid of recent snapshots (there’s still a button to allow you to create a new snapshot – this just doesn’t happen by default anymore).
Also new is a ‘Topic’ section that organizes snapshots by themes, so you can group together related screenshots (for, say, Spotify) to make for easier searching.
Finally, Windows Recall also has better integration with Copilot in this new preview build. Clicking on a snapshot will produce a drop-down menu with context-sensitive choices, so you can get Copilot to copy something, open it in an app, or if it’s an image, find pictures in the same vein, or create a similar image. All the standard Copilot options, essentially.
While these new additions to the controversial feature seem useful, I’m finding it hard to get past how bizarre the whole feature feels in the first place. I’m sure I won’t be the only one, either, and with all the concerns raised about Recall in recent times, Microsoft has a lot of work to do. It’ll definitely take a lot more to get me on board than a homepage redesign and this new screenray functionality.
For now, Windows Recall lives in the Windows Insider Program, where it’ll be tinkered with and tested for quite some time, most likely, before Microsoft dares try to launch it again. Whatever happens, when the feature hits release, Microsoft needs to make sure it gets things right this time around, and that means working on privacy and security as an absolute priority.
Apple has the proverbial knives out for Microsoft when it comes to AI, landing a blow over the recent backtracking with Windows 11’s Recall feature for Copilot+ PCs.
In a video clip from WWDC 24 – which yes, was last week, but this footage only just surfaced on X – an Apple exec pulled no punches when the subject of Windows 11’s Recall feature came up.
Joz’s answer to Microsoft’s ”Recall” failure is hilarious. pic.twitter.com/5RkRsUvb4OJune 15, 2024
See more
John Gruber (a well-known Apple pundit of Daring Fireball fame) asked a question about whether Microsoft’s mistakes with the initial incarnation of Recall are frustrating to Apple, as it tries to build trust in its own AI product (Apple Intelligence).
Apple’s SVP of worldwide marketing, Greg ‘Joz’ Joswiak, is in like a flash to clarify if Gruber means: “Are we pressured by the failings of our competitors?”
That gets a big laugh, and Joswiak follows up with: “The answer’s no.”
Analysis: Making the most of Microsoft’s mistakes
It’s not a surprise for Apple to land such a marketing blow, as Microsoft has very much left its guard down and is an open target right now in terms of its AI ambitions.
Microsoft making such a misstep with its key AI feature for Copilot+ PCs – Recall is the ace in its Windows 11 artificial intelligence pack – is pretty embarrassing. However, we are glad Microsoft has taken ownership of these mistakes and is attempting to rectify them – although it doesn't really have a choice not to. There wasn’t realistically any other way forward.
Gruber does make a serious point about how this could be damaging for the public trust in all manifestations of AI, though, even if Joswiak completely deflects that concern.
Fortunately for Apple, the company laid out its stall regarding tight security and privacy emphatically with Apple Intelligence. That includes keeping as much processing as possible on-device for AI workloads, and for tasks that need more muscle and are sent online, they go to custom-built Apple servers featuring a hardened OS, and contents not even the company itself can see (with your data being ‘cryptographically destroyed’ after the AI query is dealt with).
So, in some ways this is great timing for Apple, in terms of the revelation of Apple Intelligence, and explanation of how it’s watertight for security, while Microsoft appears to be blundering around with Recall.
And while we get Gruber’s point about wider trust issues, the hard reality is that AI is coming, and we don’t see this particular juggernaut losing momentum – and if Apple is positioned as the company to trust, the one that won’t play fast and loose with your data, that’s going to be a very comfortable position to occupy among the tech giants out there.
Windows 11’s Recall feature has been causing controversy recently, so much so that Microsoft has actually halted the feature in its tracks (for now) – but a new discovery won’t fan any of those particular flames. In fact, it could well prove useful for those who eventually take the plunge with the now-delayed AI-powered functionality.
As discovered in the new preview build 26236 for Windows 11 (in the Canary channel) by regular leaker @PhantomofEarth on X, the new addition to Recall – which is still hidden in testing – is a ‘Search the web’ option.
Windows Recall is getting a new “search the web” action for text detected by screenray in snapshots. (disabled by default, build 26236.) pic.twitter.com/NsGM2CGHCvJune 12, 2024
See more
To recap, Recall is an AI feature specifically designed for Copilot+ PCs which regularly takes screenshots of the activity on your PC, files them in a library, and makes this searchable via Microsoft’s Copilot AI in Windows.
The new ‘Search the web’ facility allows the user to right-click on any text detected in a screenshot taken by Recall, and it’ll fire up a search on that selected text (in the user’s default search engine, presumably – though we don’t get to see the feature in action).
The ‘Search the web’ option is present in Recall’s right-click menu (in a snapshot) alongside the ‘Copy’ and ‘Open with’ options.
New AI settings in Windows 11
X user @alex290292 commented on @PhantomofEarth’s post with another interesting observation that there are also new AI-related settings in this Windows 11 preview build.
New under “Privacy & Security” pic.twitter.com/pB6FA22DxoJune 12, 2024
See more
These are in the Settings app, under ‘Privacy & Security’ where there’s a ‘Generative AI’ panel that allows for the fine-tuning of which apps are allowed to use generative AI capabilities. Apparently, you’ll also be able to review the last seven days of activity to see which apps requested to use generative AI.
To be able to see all of this for yourself, you’ll have to install the preview build and use a Windows configuration tool (ViVeTool) to enable ‘hidden’ Windows 11 features – not something we’d recommend for anyone but a keen enthusiast who’s comfortable with tinkering around in test builds.
In a very surprising move – albeit the right one, in our books – Microsoft has pulled the rug on its big Recall feature, so it now won’t launch as planned with Copliot+ PCs.
Microsoft just issued an update on Recall (hat tip to Tom’s Hardware) as follows: “Recall will now shift from a preview experience broadly available for Copilot+ PCs on June 18, 2024, to a preview available first in the Windows Insider Program (WIP) in the coming weeks.
“Following receiving feedback on Recall from our Windows Insider Community, as we typically do, we plan to make Recall (preview) available for all Copilot+ PCs coming soon.”
To recap briefly, Recall is the feature which constantly takes screenshots of the activity on the host PC, allowing the user to search these leveraging AI (Copilot), offering an undoubtedly powerfully ramped up search experience.
But there have been issues aplenty raised around Recall before its (now canceled) launch, and much controversy stirred by those who have fudged their Windows 11 installation to enable and test the feature.
So, as noted in Microsoft’s statement, the expectation was very much that Recall would be live next week, when Copilot+ PCs finally emerge blinking in the sunlight, but that will no longer be the case.
Instead, Microsoft is going to have the Recall preview made available to testers in early builds of Windows 11 in the “coming weeks,” and there’s the second major admission here. That makes it sound like testers won’t be getting the feature to play with next week, let alone buyers of Copilot+ PCs, and it may be some weeks before it arrives in whatever preview channel Microsoft deploys Recall.
In short, Microsoft isn’t sure whether Recall will even be ready for testing any time soon.
Analysis: A major setback, but still the right decision
Now, even after that, it’s been canned for the time being, at least for Copilot+ PCs. It’s not a good look, is it? It feels like Microsoft has been taken aback by all the salvoes fired at Recall by security researchers, rushed to implement some hefty changes, realized that there isn’t time to do all this properly – Copilot+ PCs are almost upon us – so put the full launch on ice to go back to testing.
There’s no doubting that this will be damaging to Copilot+ PCs to some extent. These are AI PCs, after all, and Windows 11’s key feature for them was Recall – there is other AI functionality for these devices, but nothing on the same scale. Just look at Dell’s Copilot+ PC web page, and how it’s built around Recall – it’s the key piece of the AI puzzle, and now it’s missing.
However, we’re glad Microsoft has taken the PR hit here, as it were, and pulled Recall, rather than putting its head down and trying to forge through with the feature. That would have proved even more damaging, most likely, so we understand, and approve of this move in the end.
Honestly, though, we don’t think Recall – given that it’s a sensitive and tricky piece of AI functionality with all those privacy and security aspects – should be pushed out to finished versions of Windows as a ‘preview’ at all. This should be done, dusted, tight and secure, before leaving testing – shouldn’t it?
Speaking of tight and secure, this is especially bad timing for Microsoft, given that Apple Intelligence was just unveiled, with the rival AI offering looking super-sharp on the privacy front, while Copilot appears to be stumbling about from blunder to blunder for the moment. Again, it’s not a good look, made much worse by Apple’s confident and professional revelation of its AI rival for Macs and iDevices (though we should note, we need to see Apple’s promises in action, not just words, before we get carried away with any comparisons).
Still, awkward days for Microsoft, but we’re hoping the company can now take the time to get things right with Recall. In fact, we’d argue it must take the time to do so, or risk blemishes on the Copilot brand that’ll quite probably cause lasting damage in terms of public perception.
Windows Recall has proven to be a highly controversial AI feature ever since it was first announced in May. What it does is it constantly takes screenshots of everything you do on your PC and then places the images into a searchable on-device database. And yes, that includes pictures displaying sensitive information.
People were quick to call it a “security nightmare” after Microsoft openly admitted the software would not hide “passwords or financial account numbers.” The company attempted to defend its decision but has recently decided to make multiple safety improvements to Recall before its quickly approaching June 18 launch.
Arguably, the most important of these changes is that Recall will no longer be turned on by default upon activating your PC. According to a recent post on the Windows Experience Blog, the feature will instead be off by default, meaning you’ll have to enable it yourself during a computer’s setup process.
Next, enrolling into Windows Hello is now a requirement to activate Recall and to view your screenshot timeline. This means you’ll have to authenticate yourself as the primary user through a biometric input or PIN before accessing the feature.
As for the final update, Microsoft is beefing up security by adding extra “layers of data protection [including] ‘just in time’ decryption” from Windows Hello ESS (Enhanced Sign-in Security). As a result, snapshots can only be viewed whenever a user proves their identity. Additionally, Recall’s search index database is now encrypted.
What's strange is this suggests the database that would’ve stored images containing bank account numbers was initially unprotected and vulnerable to outside forces. It may surprise you to hear how unsafe it was, but at least they’re fixing it before launch and not after.
Analysis: Remaining skeptical
The rest of the blog post reiterates the security functions of Windows Recall that were previously known. For example, snapshots will be stored locally on your computer and not uploaded to Microsoft servers. An icon representing the feature will sit in the system tray, “letting you know when Windows is saving” images. Plus, users can “pause, filter, [or] delete” snapshots whenever they want.
Microsoft also stresses that Recall will only be available on the upcoming Copilot Plus PCs since they have robust security to ensure privacy.
Does this mean we can totally trust Windows Recall to maintain data security? No, not really.
Jake Williams, VP of R&D at the cybersecurity consultancy Hunter Strategy, told Wired he “still sees serious risks [as well as] unresolved privacy problems.” People could be hit with a subpoena forcing them to cough up PINs to gian access to Recall databases.
Although Microsoft claims it can’t see snapshots, who’s to say the tech giant can’t change its mind a year or two down the line and decide to harvest all that sensitive information. They may find some legal loophole giving them carte blanche to do whatever they want with Recall data. It’s scary, though.
If you're looking for ways to improve your online security, check out TechRadar's massive list of the best privacy tools for 2024.
Windows 11’s Recall feature – set to be a cornerstone ability for Copilot+ PCs, allowing for a supercharged AI-powered search of the activity history of the system – continues to stir controversy, and Microsoft’s recent defense of the functionality won’t likely soothe the nerves of anyone.
Or at least that’s our feeling following The Register picking up on comments that came from Jaime Teevan, chief scientist and technical fellow at Microsoft Research, in an interview at an AI conference with Erik Brynjolfsson, director of the Stanford Digital Economy Lab.
Brynjolfsson observed that after Recall was revealed by Microsoft, there was a “backlash against all the privacy challenges around that.”
To recap briefly, in case you missed the concerns flying around about this feature, it sits in Windows 11 and takes regular screenshots of everything you’re doing. Those grabs can be searched by AI at a later date, so you can find out all manner of useful info – and there’s no doubting it’s useful.
The worry is that Recall represents a double-edged sword, with the convenience of a super-powerful search of all your PC usage history on one side, and the specter of all that data falling into the hands of a hacker on the other. To say there are lots of security and privacy concerns with how the AI feature is implemented would be a massive understatement.
Brynjolfsson then encouraged Teevan to address these issues, saying: “So, talk about both the pluses and minuses of using all that data and some of the risks that creates and also some of the opportunities.”
A balanced question, but Teevan elected to ignore the ‘minuses’ part of the equation entirely, and talk only in vague and evasive terms. She said: “Yeah, and so it’s a great question, Erik. This has come up throughout the morning as well – the importance of data. And this AI revolution that we’re in right now is really changing the way we understand data.”
She moved on to talk about businesses using data, before addressing the consumer angle as follows: “And as individuals too, we have important data, the data that we interact with all the time, and there’s an opportunity to start thinking about how to do that and to start thinking about what it means to be able to capture and use that. But of course we are rethinking what data means and how we use it, how we value it, how it gets used.”
A waffly and not very helpful response, frankly.
Undeterred, Brynjolfsson tried a specific angle to try and draw Microsoft Research’s chief scientist to actually comment meaningfully on all the concerns raised around Recall.
He asked: “Is it stored locally? [meaning the Recall data] So suppose I activate Recall, and I don’t know if I can, but when you have something like that available, I would be worried about all my personal files going up into the cloud, Microsoft, or whatever. Do you have it kept locally?”
It’s an easy reply in this case, though, as Microsoft has already made it clear that the data is only stored locally.
Teevan indicated that’s the case again: “Yeah, yeah, so this is a foundational thing that we as a company care a lot about is actually the protection of data. So Recall is a feature which captures information. It’s a local Windows functionality, nothing goes into the cloud, everything’s stored locally.”
Analysis: Never mind thinking, we need some action
Obviously, that’s good to hear, but as noted, we’ve heard it before. And sadly, that was your lot. Tougher questions weren’t raised, and Teevan certainly didn’t take any opportunity to proactively tackle some of the flak fired at Recall in recent times.
The message, vague as it was, consisted of ‘thinking’ about how we capture and use data, but with Recall about to launch in Copilot+ PCs later this month, it’s a bit late to still be thinking. Isn’t it? These devices are on the cusp of release, and Recall will be used in a very real way across some (or many) of these new machines, with some of the mentioned worries around how it could go wrong also being very real.
As The Register points out, some folks are fretting about legal implications – that lawyers could leverage Recall data on a PC against someone (possibly accessing all kinds of past messaging, even those that are of the auto-delete-after-reading variety). A privacy watchdog is already investigating the feature before its release. And security experts are throwing red flags left, right and center frankly, with some major worrying underway about how Recall could make it a breeze for hackers to steal a ton of sensitive data, apparently very easily and quickly, if your PC is unfortunately compromised.
Aside from all this, our main beef is with the setup of a Copilot+ PC and how it falls short with Recall. The method of running the feature past a Windows 11 user during setup feels clunky, and like it’s crafted to allow for people to leave it on by default, more than likely (if they don’t understand what’s being asked of them, which may be the case with less tech-savvy users).
There are lots of questions here, and Microsoft is failing to address them as far as we’ve seen. ‘It’s all kept local and everything will be fine’ is glossing over myriad issues here.
While at this point, it seems unlikely that the Recall data tanker can change course meaningfully – we’re that close to launch – we can hope that at the very least, Microsoft deals with the issues around setup. This needs to be far more transparent, and Recall needs to be off in our opinion, by default, unless a Copilot+ PC user makes a fully informed decision to turn it on.
The way the feature’s setup is dealt with right now just isn’t good enough, and that’s a failing underpinning all the other concerns here – a root problem that needs to be tackled, and hopefully will be. Fingers firmly crossed. We've contacted Microsoft for a comment.
Microsoft has already been dragged over the coals regarding its Recall functionality inbound for Windows 11 by security researchers and privacy watchdogs alike – and it’ll need a flame-retardant suit for the latest fiery outpouring against the AI-powered feature.
This comes from security expert Kevin Beaumont, as highlighted by The Verge. The site notes that Beaumont worked for Microsoft briefly a few years ago.
To recap – in case you missed it somehow – Recall is an AI feature for Copilot+ PCs, which launches later this month and acts as a photographic timeline – essentially a history of everything you’ve done on your PC, recorded via screenshots that are taken regularly in the background of Windows 11.
He’s come to the conclusion that Microsoft has made a giant mistake here, at least going by the feature as currently implemented – and it’s about to ship, of course. Indeed, Beaumont asserts that Microsoft is “probably going to set fire to the entire Copilot brand due to how poorly this has been implemented and rolled out,” no less.
So, what’s the big problem? Well, principally, it’s the lack of thought around security and how there’s a major discrepancy between Microsoft’s description of the way Recall is apparently kept watertight and what Beaumont has found.
Microsoft told media outlets a hacker cannot exfiltrate Copilot+ Recall activity remotely.Reality: how do you think hackers will exfiltrate this plain text database of everything the user has ever viewed on their PC? Very easily, I have it automated.HT detective pic.twitter.com/Njv2C9myxQMay 30, 2024
See more
As you can see in the above post on X (formerly Twitter), one of the security expert’s main beef with Microsoft is that it informed media outlets that a hacker can’t possibly nab Copilot+ Recall data remotely. In other words, an attacker would need to access the device physically, in-person – and this isn’t true.
In a long blog post on this topic, Beaumont explains: “This is wrong. Data can be accessed remotely.” Note that Recall does work entirely locally, as Microsoft said – it’s just that it isn’t impossible to tap into the data remotely, as suggested (if you can access the PC, of course).
As Beaumont elaborates, the other big problem here is the Recall database itself, which contains all the data from those screenshots and the history of your PC usage – as all of this is stored in plain text (in an SQLite database).
This makes it very easy to snaffle all the Recall-related info of exactly how you’ve been using your Windows 11 PC – assuming an attacker can get access to the device (either remotely, or in-person).
Analysis: Recall the Recall feature, or regret it
There are lots of further concerns here, too. As Microsoft pointed out when it revealed Recall, there are no limits to what can be captured in the AI-powered history of the activity on your PC (save for some slight exceptions, like Microsoft Edge’s private browsing mode – but not Chrome Incognito, tellingly).
Sensitive financial info, for example, won’t be excluded, and Beaumont further points out that auto-deleting messages in messaging apps will be screenshotted, too, so they could be accessed via a stolen Recall database. Indeed, any message you delete from the likes of WhatsApp, Signal, or whatever could be read via a Recall compromise.
But wait a minute, you might be thinking – if your PC is remotely accessed by a hacker, aren’t you in deep trouble anyway? Well, yes, that’s true – it’s not like these Recall details can be accessed unless your PC is actively exploited (though part of Beaumont’s problem is Microsoft’s apparently errant statement that any kind of remote access to Recall data wasn’t possible at all, as mentioned above).
The real kicker here is that if someone does access your PC, Recall seemingly makes it very easy for that attacker to grab all these potentially hugely sensitive details about your usage history.
While info stealer Trojans already exist and scrape victims at a large scale on an ongoing basis, Recall could enable this kind of personal data hoovering to be done ridiculously quickly and easily.
This is the crux of the criticism, as Beaumont explains it: “Recall enables threat actors to automate scraping everything you’ve ever looked at within seconds. During testing this with an off the shelf infostealer, I used Microsoft Defender for Endpoint – which detected the off the shelve infostealer – but by the time the automated remediation kicked in (which took over ten minutes) my Recall data was already long gone.”
This is a major part of the reason why Beaumont calls Recall “one of the most ridiculous security failings I’ve ever seen.”
If Microsoft doesn’t take action before it ships, mind – as there’s still time, in theory anyway, although the release of Copilot+ PCs is very close now. (However, Recall could still be kicked temporarily to touch while it’s further worked on – perhaps).
If Recall does ship as it’s currently implemented, Beaumont advises turning it off: “Also to be super clear you can disable this in Settings when it ships, and I highly recommend you do unless they rework the feature and experience.”
Herein lies another thorny issue: the AI-powered functionality is on by default. Recall is highlighted during the Copilot+ PC setup experience, and you can switch it off, but the way this is implemented means you have to tick a box to enter settings post-setup, and then turn off Recall there – otherwise, it will simply be left on. And some Windows 11 users will likely fall into the trap of not understanding what the tick box option means during setup and just end up with Recall on by default.
This is not the way a feature like this should operate – particularly given the privacy concerns highlighted here – and we’ve made our feelings on this quite clear before. Anything with wide-ranging abilities like Recall should be off by default, surely – or users should have a very clear choice presented to them during setup. Not some kind of weird ‘tick this box, jump through this hoop later’ kind of shenanigans.
Windows 11 enthusiasts are already playing with the new – and controversial – Recall feature the OS now has in preview (for 24H2), and have got it running on current Arm-based CPUs by fudging things.
While Recall is present in the recently released preview of the Windows 11 24H2 update, Microsoft makes it clear that the feature won’t work on current PCs, as it requires a Copilot+ PC (the new name for the ‘AI PC’).
In other words, Recall needs a device with a powerful enough NPU to run it (and other new AI features in 24H2), which is currently only the new Snapdragon X chips (and AMD plus Intel CPUs further down the line).
Even those Snapdragon laptops aren’t available just yet (they will be next month), but leaker Albacore has still managed to tinker under the hood of Windows 11 24H2 and get Recall working on a current Arm processor.
Making great progress enabling Recall on current Arm64 hardware, no fancy X Elite in sight! ✨Should theoretically work on Intel/AMD too, OEMs only received Arm64 specific ML model bundles so there’s not much I can do yet.Here’s a small demo video showing off screenray 🪄 pic.twitter.com/w57fF1LxiNMay 23, 2024
See more
You can see a video of Recall being summoned on a standard (non-Copilot+) Windows 11 PC in the above post on X (formerly Twitter). As Albacore says, it shows ‘screenray’ in action which refers to the context-sensitive mode entered when you find something using Recall and select it.
As you can see, if the search result you want is a text file, screenray presents options pertaining to what you’ll need to do – copy and paste text. Or if it’s an image, you’ll get choices to copy the picture or open it for editing in an app.
Analysis: Working as not intended
It’s pretty cool to see this feature working on a processor without the necessary strength in terms of a powerful NPU (like the new Snapdragon X silicon sports), but at the same time, it illustrates why that NPU is needed. As you probably noticed, the interaction with Recall and screenray therein looks a bit laggy here – what the NPU does is provide specific AI acceleration to ensure this process runs more smoothly.
Furthermore, the feature is still in testing within a preview build here, and that won’t help either.
Albacore even sounds hopeful about getting Recall working not just on current ARM chips, but also on existing AMD and Intel (x86) CPUs, which also can’t officially run the feature. (Again, even current-gen processors from Teams Red and Blue lack an NPU with enough raw grunt).
If that happens, we can expect a similar experience to what we see here – but it’s not possible yet anyway, as Microsoft has only provided the machine learning model bundles for Arm to laptop makers. These don’t exist for AMD or Intel CPUs yet (as there’s no need for them – Lunar Lake and Strix Point, which will drive Copilot+ PCs, are still some way off launching, but they are fully expected to debut before 2024 is out).
Ultimately, this is an interesting fudge for now, but it’s likely a bad idea to be trying to get Recall up and running on a PC it’s not intended for. Simply because there may well be scenarios where it truly bogs down – such as when you have a larger, sprawling library of snapshots piled up – and there are doubtless good reasons why Microsoft has the mentioned NPU requirement in place.
Mind you, not everyone wants Recall, anyhow: certainly not those more privacy-conscious Windows 11 users out there who have already made their feelings clear. Indeed, a privacy watchdog in the UK is already investigating Recall before Microsoft even has the functionality officially live. The result of that enquiry will certainly be interesting, and Microsoft may be worried about another scenario where a big Windows 11 feature is blocked in Europe due to more stringent data regulations.
Recall has been stirring up strong opinions left, right and center since its revelation, and now it appears to be under the microscope of the ICO, a UK-based privacy watchdog.
The worries expressed widely online are focused on how this feature may affect privacy for those who have it, which won’t be all Windows 11 users, we should note – just Copilot+ PC owners who have the necessary hardware goods in terms of a powerful NPU.
For those who missed it, what Recall does is record your PC usage, very literally in terms of taking screenshots of your active windows every couple of seconds. This then allow you to exercise powerful natural language-based search capabilities to rifle through your past PC usage, not just in terms of text but also visual search – with AI locating what you need by going through that huge library of screen grabs.
You can doubtless see the kind of privacy concerns that might be sparked by this constant stream of screenshots going on in the background, but the pushback and reaction has got serious very quickly.
Sky News spotted that in the UK, the Information Commissioner’s Office (ICO), which oversees data privacy and related regulations, is already cautious about the Recall capability.
Indeed, following all the uproar around Recall, the ICO is investigating the feature, and told Sky: “We are making enquiries with Microsoft to understand the safeguards in place to protect user privacy.”
Safety first
It’s a good question, of course – so what safeguards are in place here to protect Windows 11 users?
For starters, Recall happens locally, so everything is stored on the PC, and nothing is sent online to the cloud or Microsoft’s servers – so there’s no risk of having data intercepted (or a third-party data breach leaking the private details of how you use your Windows 11 machine).
Microsoft has underlined that it doesn’t have access to any of this data, and it won’t be used to train its AI.
Furthermore, the company pointed out that you can manually delete snapshots, or adjust the timeframe they’re kept for – or pause, or turn off Recall entirely if you don’t want it. It’s also possible to block certain apps or websites from being used by Recall, so effectively there’s a lot of fine-grained control here.
However, will Windows 11 users be bothered to exercise that control and properly set up Recall? Well, that’s one worry, and another is that while it’s all well and good to say everything stays on the device, we have to firstly trust that’s the case – and it’s all watertight – and secondly, what if your PC is compromised by malware, or stolen. Then what?
Hackers or thieves could potentially have access to your Recall library of screenshots, which may contain confidential information, openly available to see, such as your bank or card details, or visible passwords, or, well, anything that has happened on your PC (that you haven’t marked out of bounds using Windows 11’s settings for Recall).
As Muhammad Yahya Patel, who is lead security engineer at Check Point, put it: “It is a one-shot attack for criminals, like a grab and go, but with Recall they will essentially have everything in a single location [your screenshot database] … Imagine the goldmine of information that will be stored on a machine, and what threat actors can do with it.”
More questions than answers?
So, there are definitely still some major concerns and question marks here, and it’s going to be pretty interesting to see what the ICO makes of Microsoft’s big AI play for Windows 11 to supercharge search.
We’ve already discussed other thorny areas around Recall – such as Windows 11 Home users apparently not benefiting from encryption for the data used by the feature, and what type of encryption is in place for Windows 11 Pro (or business) users anyway?
In that article, we also go over the precautions you can take to make Recall as secure as possible, but really, the best bet for the paranoid might be – simply turn it off and don’t use it. And maybe Microsoft wonders what all the fuss is about from naysayers, and why they don’t just take that approach.
But for the less tech-savvy, who might not even realize what Recall is, or that it’s turned on by default, it could be a risky feature – particularly considering these are the people who are most prone to getting hit by malware or hacked.
With that in mind, shouldn’t the first sensible security step be to have Recall off by default? So that it’s only turned on by those who know what it’s for, and want it? Let’s see what the ICO makes of Microsoft’s ‘default on’ approach, too.