Friday, November 22, 2024

Analysts join the call for Microsoft to recall Recall

Must read

If Microsoft intended the 2024 Build event to be overshadowed by controversy then it succeeded as calls intensify for the company to rethink its strategy around Recall.

The Windows Recall feature, still in preview, takes a snapshot of a Copilot+ PC user’s screen every couple of seconds and then sends it to disk, letting the user scroll the archive of snapshots when looking for something or use an AI system to recall screenshots by text.

It’s gone down badly with security researchers and privacy experts, and the latest to cast judgement is Directions on Microsoft analyst Barry Briggs, who asked the question: “Should Microsoft Recall Be Recalled?”

While reiterating the concerns about capturing sensitive information, Briggs also highlighted the investments Microsoft has made in Purview, its family of compliance services.

Purview allows compliance teams to monitor user activities. This can include monitoring emails and Teams chats for policy-busting activities. “An add-on called Forensic Evidence can literally watch, in real time, what an employee is doing, in order to collect evidence for an investigation,” said Briggs. “Sound familiar?”

Briggs posited a future in which compliance administrators might be able to silently switch on Recall via a policy setting or where the authorities might demand access to Recall’s local storage.

Then there is the question of why Windows has long had a search feature crying out for investment, yet Microsoft chose instead to add to Windows’ attack surface with Recall to claim a victory of sorts in the AI tech wars and shift a few more Copilot+ PCs.

“Does any of this add real value for users or enterprises?” asked Briggs.

To add to Microsoft’s woes, cybersecurity researcher Kevin Beaumont last week took apart the technology behind Recall and found it severely wanting. Taking aside the fact that getting into the encrypted data appeared relatively trivial, text OCR’d from screenshots turned up in plain text form in a SQLite database.

Beaumont wrote: “The overwhelmingly negative reaction has probably taken Microsoft leadership by surprise. For almost everybody else, it won’t have. This was like watching Microsoft become an Apple Mac marketing department.”

It is difficult to understand what Microsoft was thinking when it announced Recall and made the preview available. It is almost as if something that developers were playing around with somehow made its way into the world in a half-baked state.

We can imagine the conversation:

There is something to the idea. As Briggs observed: “The UI for Recall would be dandy for a first-class, local Windows Backup a la the Mac’s wonderful Time Machine.”

However, in its current state, Recall is anything but sound. The outcry among researchers and analysts alike indicates that Microsoft needs to make some urgent changes, both to the technology and the decision-making processes that led to Recall being released. ®

Latest article