Microsoft’s previously announced Recall feature for Copilot Plus PCs was swiftly pulled following claims that it stored data in plain text. It was even pulled from beta testers shortly after the public, er, recall, before announcing that Windows Insiders will regain access in October. Now, the company has shared details of what has changed with the feature, and it looks to be pretty extensive.
Of course, the primary concern being privacy, there’s an extensive list of improvements in this department. The biggest item on the list though is that Recall now stores data in an encrypted state within a Virtualistion-based Security Enclave (VBS). The only way to access this is via Windows Hello authentication, which must be done every time, this is requested.
Next on the list is better sensitive info filtering from Recall snapshots. When it rolls out, Microsoft says that the feature will automatically filter out passwords, credit card info and national ID numbers. Additionally, private browsing on supported browsers, which include Firefox, Opera and anything Chromium based, will also not be snapshot. Specific apps and websites can also be filtered out by the user.
Finally, Microsoft says that Recall will be an opt-in feature when it gets re-released, going as far as to say that you “can also remove Recall entirely by using the optional features settings in Windows”. Which is quite the change in direction, considering earlier reports of the ability to do so being considered a bug.
