It's going to be at least another month or more before Microsoft's much-debated Recall feature for new Copilot+ PCs is rolled out.
Microsoft, which introduced the AI-based tool in May, was readying it for release in June but pulled it back days before amid a rush of criticism from industry observers and users over security and privacy concerns.
Officials with the vendor said at the time they planned to rearchitect it and run it through normal testing procedures before releasing it in October. In late September, David Weston, vice president of enterprise and operating system security at Microsoft, detailed the upgraded security capabilities in Recall.
However, on the last day of October this week, the IT giant wrote in an update on its Recall blog that it needs more time to get the feature ready.
"To ensure we deliver on these important updates, we're taking additional time to refine the experience before previewing it with Windows Insiders," the company wrote. "Originally planned for October, Recall will now be available for preview with Windows Insiders on Copilot+ PCs by December."
Screenshots Saved
The Windows 11 feature is designed to track and store users' activities on their PCs by taking screenshots ever five seconds and storing them on the system and putting them in a database that is searchable via AI. The goal is to enable Copilot+ PCs to instantly find what they had seen on their PC, according to Microsoft.
The backlash to the feature was fast and loud. Cybersecurity researcher Kevin Beaumont wrote at the time that the "overwhelmingly negative reaction has probably taken Microsoft leadership by surprise. For almost everybody else, it won't have. This was like watching Microsoft become an Apple Mac marketing department."
Ideally, for someone like a manager at a company that has too much to do and not enough time, being able to instantly search what you were doing a month earlier is probably a good thing. However, "in practice, that audience's needs are a very small (tiny, in fact) portion of Windows userbase -- and frankly talking about screenshotting the things people in the real world, not executive world, is basically like punching customers in the face."
Outcry Over Unencrypted Data
Initially, Recall was going to store the screenshots unencrypted on a disk. Microsoft executives said the data would be stored and processed locally, which would reduce privacy risks That said, security experts argued that anyone using the PC would have access to the data, including bad actors who remotely compromise the systems, and that they could use malware to access the collected screenshots, which could hold a range of sensitive private information that had been displayed on the user's screen at one time or another.
It was a strong pushback against a company that was making security a core focus on its entire portfolio in the wake of a few high-profile incidents over the previous couple of years.
Users Can Now Opt In
After shelving the June launch, Microsoft made security adjustments, including making Recall an opt-in feature rather than running it by default and allowing users who don't like the feature to remove it entirely through optional feature settings in Windows.
Other improvements include having snapshots and associated information that are stored in the vector database be encrypted and the encryption keys protected with the Trusted Platform Module. The TPM, a hardware-based security feature, is linked to the user's Windows Hello Enhanced Sign-In Security identity and can only be used within a Virtualization-Based Enclave, which creates an isolated environment in an application for sensitive data.
"This means that other users cannot access these keys and thus cannot decrypt this information," Weston wrote in a blog post in September. "This area acts like a locked box that can only be accessed after permission is granted by the user through Windows Hello."
Other security features include biometric authentication, filtering out specific apps or websites viewed in supported browsers, controlling how long Recall content is kept, deleting content in time ranges, and pausing the saving of snapshots.