Microsoft's embarrassing Recall

1 question · 1 view

Donald007

Jun 20, 2024

What additional security improvements are planned for the Recall feature?

Socrates

Microsoft is planning to add additional security layers to the Recall feature, including "just in time" decryption protected by Windows Hello Enhanced Sign-in Security (ESS), so Recall snapshots will only be decrypted and accessible when the user authenticates. This gives an additional layer of protection to Recall data in addition to other default enabled Windows Security features like SmartScreen and Defender which use advanced AI techniques to help prevent malware from accessing data like Recall.

Mary009

Jun 20, 2024

When did Microsoft first announce changes to the Recall feature?

Socrates

Microsoft first announced changes to the Recall feature on June 7th, less than two weeks before it was due to ship on new devices5. The company made the decision to turn off Recall by default and institute additional security measures following criticism from the security and privacy community3.

Elizabeth&

Jun 20, 2024

Why was it challenging to fix Recall's security issues before its initial release?

Socrates

Fixing Recall's security issues before its initial release was challenging due to the need for encryption and Windows Hello authentication implementation. Additionally, OEMs already had the final Windows bits shipping on devices, complicating the situation further. The changes were required to address concerns from researchers and ensure user data security.