Microsoft’s upcoming Recall feature in Windows 11 has been the subject of controversy due to significant security issues revealed during early testing. The initial version of Recall, which saves screenshots and a large plaintext database tracking user activity, was found to be easily exploitable, allowing unauthorized access to user data.
In response to these concerns, Microsoft has announced changes to Recall before its release on the first wave of Copilot+ PCs. The company has decided to make Recall an opt-in feature by default, meaning users will need to actively choose to enable it. This change is significant as many users often stick with default settings, and having Recall collect data by default could put them at risk of data theft.
Furthermore, Microsoft is introducing additional security measures to Recall to make user data harder to access. Users will need to enable Windows Hello to use Recall and authenticate via Windows Hello each time they want to view their Recall data. The screenshots and the SQLite database used for Recall searches will now be encrypted and will require Windows Hello authentication for decryption. These changes are expected to address the major security issues associated with Recall.
Read more: www.wired.com