Microsoft's Recall Reboot
AI created, human edited.
In a recent episode of Security Now, hosts Steve Gibson and Leo Laporte dove deep into Microsoft's significant revamp of its Recall feature for Windows. Initially introduced as part of Windows Copilot Plus, Recall faced severe criticism from security experts, including Gibson himself. However, the latest update has transformed Recall from a potential security nightmare into what Gibson describes as an "extremely impressive" security architecture.
Recall is designed to create a "photographic memory" of a user's PC activity, saving snapshots of the screen every few seconds. This feature aims to help users easily find past activities, pick up where they left off, and maintain control over their data. However, the initial implementation raised serious security concerns.
Gibson likened the situation to Microsoft's early days of internet integration with Windows, where security was an afterthought. He noted, "Windows has never needed to have the kind of local desktop security that's required to allow it to safely accumulate and protect all of its users past activity over time."
Microsoft's response to the security community's outcry was swift and comprehensive. David Weston, Microsoft's Vice President for Enterprise and OS Security, released a detailed update on Recall's new security and privacy architecture. The key improvements include:
1. Opt-in Experience: Users can now choose to enable or disable Recall entirely.
2. Encryption and Key Protection: All sensitive data is encrypted, with keys protected by the Trusted Platform Module (TPM) and tied to Windows Hello enhanced sign-in security.
3. Virtualization-Based Security (VBS) Enclaves: Recall services operate within secure VBS enclaves, isolating sensitive operations from potential threats.
4. Windows Hello Authentication: Biometric credentials are required to access Recall data, with automatic timeout features to prevent unauthorized access.
5. Secure Settings and Default Security: Any tampering with settings results in reverting to secure defaults.
6. Individual Snapshot Encryption: Each snapshot is encrypted with its own key for added protection.
7. Protected Processes: The snapshot service runs as a protected process, limiting malicious access to memory containing sensitive data.
Steve Gibson expressed his admiration for the new security measures, stating, "What we have today is no longer a set of SQL database files containing the user's history snapshots that were found lying around in a user's private directory in that initial public preview release. This is an entirely new ballgame."
He particularly highlighted the use of VBS enclaves and the detailed security architecture, noting that "somebody really thought this through and they did this right."
An interesting aspect of the new Recall implementation is the introduction of a User Activity API. This allows app developers to integrate their applications with Recall, enabling users to truly "pick up where they left off" within supported apps. Gibson speculates this could become a competitive feature for Windows applications.
Microsoft has taken extra steps to ensure Recall's security, including:
1. Months of design reviews and penetration testing by Microsoft's Offensive Research and Security Engineering Team (MORSE).
2. Independent security design review and penetration testing by a third-party vendor.
3. Completion of a responsible AI impact assessment.
While Steve Gibson praised Microsoft's efforts, stating, "Bravo to Microsoft," he maintains his personal stance of not using Recall, partly due to his preference for Windows 10 and Windows Server 2022. Leo Laporte acknowledged the significance of the improvements, calling it "great" and "good news."
Microsoft's revamp of Recall demonstrates the company's ability to respond to security concerns and implement robust protection measures. While only time will tell if these measures are sufficient, the security community's initial response is positive. As Windows continues to evolve, features like Recall may shape the future of personal computing, balancing convenience with the critical need for data protection. Subscribe to Security Now and support independent tech journalism!