sign up log in
Want to go ad-free? Find out how, here.

Microsoft has brought back the controversial Windows Recall feature with security and other tweaks. What does it do?

Technology / analysis
Microsoft has brought back the controversial Windows Recall feature with security and other tweaks. What does it do?
Windows Recall
Windows Recall

Introducing new features to an operating system is Russian Roulette for the big tech companies that develop the code that runs on our computers. Lots of people learnt to drive computers in a certain way. Quite often they absolutely hate change.

That’s just for the small stuff, like Microsoft making changes to the Start menu in Windows, or Apple modifying the layout for the Photos app in macOS and iOS. 

Then there are new features that users haven’t seen before. Earlier this year, Microsoft, which really is betting everything on artificial intelligence, introduced one new feature called Windows Recall. This takes regular snapshots of your screen and stores the pictures on your PC so that you can go back and look at the information at a later time. 

The idea isn’t that original, but the implementation with on-device large language models (LLMs) was, and Microsoft got roasted alive by users and security experts alike for the first version of Recall. With some justification. Windows Recall is now back with serious security tweaks, and it seems good enough to be a keeper.

Before going any further, please note that Recall is only available on PCs that support Microsoft’s Copilot+ AI hardware, and which run Windows 11 with updates. I got it eventually by signing up for the Insider preview programme, on the Microsoft Surface Laptop 7th Edition which ticks the hardware boxes for Recall.

Also, using Recall is entirely optional, with the data stored locally (up to 75 gigabytes of snapshots, but it can be reduced); it can be turned off any time and removed. Note that Recall only works on a single device, for obvious security reasons. Maybe it’ll be possible in the future to sync snapshots across multiple devices, but there are some real risks to doing that of course.

The long story short is that Recall is an attempt at bringing order to data chaos through AI image and character recognition. “What was I doing earlier?” or “where is that thing I was working on?” Fire up Recall, and search the Windows desktop snapshots it saves every five seconds, to look for the information you need.

You can share and copy snapshots, edit them with the Windows Snipping Tool, and the Click to Do content menu lets you do visual searches with Bing, blur backgrounds with Photos, edit objects and remove backgrounds with Paint.

On the face of it, using AI for that purpose seems like overkill. On the other hand, people have a lot of data to wade through these days, on a single machine, and who has time to always organise it sensibly? 

If anything, in its first careful implementation, Windows Recall doesn’t do as much as you imagine is possible with AI. For instance, Recall didn’t offer to open a Word document in an Explorer file manager snapshot with the eponymous application, but instead suggested Notepad (which didn’t work) or searching the web for another program. The file name wasn't picked up in Notepad either.

With tightened security, Recall could become quite a handy add-on for Windows 11. It’s quick, fine-tunable and easy to use. Recall runs unobtrusively in the background, and there was no discernible effect on the performance of the Microsoft Surface Laptop.

You don’t need to be a “power user” to employ Recall, but it’s definitely worth understanding what the feature does, and its risks and limitations before turning it on. That goes for just about everything IT in a world where we connect to a hostile global network with billions of users, some of whom have criminal intent, and receive and process data from unknown sources. 

Windows Recall isn’t without its nuisances either. After the initial security kerfuffle, Microsoft really, really made sure that the Recall data can only be accessed by the authorised PC user. It means Windows Hello pops up constantly, to recognise your face and then you have to press an OK button to proceed.

Which is good from a security point of view, but there are a lot of Hello or PIN prompts to click OK on when you use Recall.

You can exclude apps from Recall which is good. It’s not a bad idea to filter out for example bank websites, and that is indeed possible with Recall. You have to be quite specific with the uniform resource locator (URL) link though, typing in the protocol like so: https://www.bnz.co.nz for example.

However, Recall suggests you can drop entire domains from the snapshotting which is what you want for some parts of the ‘Net. Many organisations use subdomains, like secure.bnz.co.nz that you can get redirected to and instead of figuring them all out for the filter, the way to not snapshotting them is by using an asterisk as a “wild card” that covers multiple terms.

For BNZ, that would look like this: https://*.bnz.co.nz because you can’t just enter the bnz.co.nz domain in Recall’s filtering. Having tried with wild card URLs, you can filter out entire domains from Recall snapshotting. It looks like IT admins can enable and disable Recall options like domain filtering for users as well, but I didn't try that.

Audio and video aren’t supported by Recall. Not yet at least. My guess is that if Recall becomes a popular feature, and AI hardware improves, audio and video will somehow be supported.

I’ve been in the geek biz for too long to categorically pronounce anything as “secure”; humanity is incredibly creative when it comes to breaking stuff and there’s now AI assistance for that as well. It may be that Windows Recall can be abused in some fashion or the other, but Microsoft seems to have thought this one through and it should be a tough enough nut to crack.

The main issue for Microsoft will be if people will find Windows Recall useful enough, or just stick to what they know already instead. Many tech ideas have withered on the vine that way, and Windows Recall could face an uphill struggle for acceptance from users who don't want to deal with additional complexity for little gain.

We welcome your comments below. If you are not already registered, please register to comment.

Remember we welcome robust, respectful and insightful debate. We don't welcome abusive or defamatory comments and will de-register those repeatedly making such comments. Our current comment policy is here.

3 Comments

This is, as I see it, a training phase for the Artificial Intelligence software that Microsoft has installed onto your computer, and that you cannot uninstall and that talks home to Microsoft. I'm pretty sure that nobody wants Microsoft taking screenshots of what you're doing every 5 seconds or so and remembering every application you use and everything you type in - including your user names and passwords for every website and service that you have a logon for, and any configuration changes you might make to any software that you install onto your computer. From what I have been lead to believe you have no control over the retention of that data gathered by Microsoft.

Up
5

What could be in this for me as a user?

What could be in it for them?

Does not feel like a balanced transaction.

Up
1

Windows forcing you to constantly verify your ID feels like a feature not a bug - making sure that they can legally attribute what they are recording from your computer to you personally and not to any other user.

Up
0