Microsoft Recall sounded like a very cool idea, but was very quickly revealed to be a security disaster. Instead of helping you recall everything you’ve done on your Windows PC, it was found that it could easily help a hacker do the same.
However, as much as the company messed-up the implementation, I do think there’s mileage in the concept, and if there’s one company I’d trust to do it with proper privacy protections, it’s Apple …
The problem Microsoft Recall set out to solve
We’ve probably all had the frustrating experience of knowing that we read or saw something which didn’t seem significant at the time, but would be really relevant to something we’re doing now. The frustration comes in trying to track down that information.
We dig into our browser history, or try to repeat the Google search which generated the information in the first place, but it proves a difficult and time-consuming task.
That’s the problem Microsoft Recall set out to solve. It takes screenshots every five seconds, and then uses optical character recognition to create a text database of everything that’s appeared on our screen. We can then search that database to easily recall any content.
For example, maybe your boss has just asked you to put together a brief summary of a new tech development, and you vaguely recall having seen some stat a few days or weeks ago saying 45% of businesses are interested in it – but you can’t recall exactly where or when. With Recall, you could just search for the name of the tech and “45%” and be instantly presented with the relevant document.
The security nightmare
As useful as this could be, the security risks of a complete database of everything that has been on your laptop screen should have been very obvious to Microsoft, and the security measures adopted been ultra-robust.
Instead, it turned out that Microsoft seemingly put almost no thought into how to protect the information from a hacker who successfully compromised a PC to gain access. Kevin Beaumont was one of a number of cybersecurity experts to demonstrate just how vulnerable the data is.
Microsoft told media outlets a hacker cannot exfiltrate Copilot+ Recall activity remotely. Reality: how do you think hackers will exfiltrate this plain text database of everything the user has ever viewed on their PC? Very easily, I have it automated.
It’s just an SQLite database, feature ships in a few weeks – I’ve already modded it into an Infostealer hosted on Microsoft’s Github (a few lines of code) […]
I’ve tested this with messaging apps like WhatsApp, Signal and Teams. Somebody message you with disappearing messages? They’re recorded anyway. Write a disappearing message? It’s recorded. Delete a message? It’s recorded.
Microsoft also managed to create an AI tool without the intelligence part. Recall did absolutely no checking of the nature of the information it was screen-shotting. Visible passwords? Added. Private browsing sessions? Captured. Write in a personal Journal app? Saved. A letter headed ‘Private and confidential’? Scanned.
The company belatedly said it was making changes in response to some of these criticisms. Recall will now be opt-in. Windows Hello (the company’s equivalent of Face ID) will be required to use it. Encryption has been beefed-up. But there still seems to be no intelligent filter on what is captured, and it will be hard to trust a company which messed-up so badly in the first place.
But I would trust Apple to do this
However, if there’s one company on the planet I would trust to implement this kind of feature in a privacy-protecting manner, it’s Apple.
For me, there are a number of pretty obvious ways in which an Apple version of Recall could be made more secure.
First, actual intelligence, as per the examples I listed above. Another simple example would be to exclude locked notes in the Notes app.
Second, user options. An obvious example here is app-based exclusions, with Apple again using intelligence to proactively suggest these – like password managers and journalling apps. Perhaps we flip this, and make it opt-in on an app basis, so we specifically specify the apps we want to be included. Or maybe the first time we open an app, we get a prompt asking whether to include or exclude it.
Third, a schedule function, allowing it to be automatically enabled during working hours, and automatically disabled outside them.
Fourth, a simple start/stop button in the menubar. If we know we’re about to do something sensitive, we just toggle the button and it stops saving. Again, some might choose to keep it switched off by default, and switch it on when desired.
Top comment by cubbuc
The problem this is trying to solve is, arguably, a non problem for the vast majority of people.
“If I can only remember where I read x piece of information”, if that’s important, spending few minutes to find in recent docs, history, google search, etc isn’t an issue to me and I run a tight schedule.
Even for those who have this “problem”, it surely has to be infrequent?! If it’s frequent, I’d question the way they do things….
I don’t see how keeping valuable CPU/NPU resources busy every 5 seconds is worth the trade offs this “feature” offers.
It seems to me a lot companies are just throwing “AI” features at the wall and sees what sticks and it’s a shame Apple going all in on this when they have been admirably selective about what to bake in and what not to mindlessly copy. For example, the text recognition feature that allows me to copy text from images and videos is infinitely more useful than Recall is trying to offer and many other AI gimmicks that are flooding the scene.
All these are just top-of-mind things, and it’s pretty astonishing to me that Microsoft didn’t think of any of them during the brainstorming phase of this project.
Would you want Apple to offer this?
What are your thoughts? Would you like this kind of functionality on Apple devices? Would you trust Apple to implement it in a privacy-protecting manner? And what additional safeguards would you want?
Please take our poll, and share your thoughts in the comments.
Image: Microsoft
FTC: We use income earning auto affiliate links. More.
Comments