Thursday, 21 November 2024
26.9 C
Singapore

Microsoft reveals new Recall security features, ensuring user control

Microsoft outlines security updates for Recall AI, emphasising user control, encryption, and third-party testing to address privacy concerns.

Microsoft has shared an update on the security and privacy protections in its latest AI tool, Recall. In a detailed blog post, the company outlined the measures to safeguard users’ data and prevent potential privacy issues. Key topics in the post include Recall’s security architecture and technical controls designed to ensure users remain in control of their data. Despite these assurances, it is important to note that while Recall is optional, it cannot be fully uninstalled from your device, as recently confirmed by Microsoft.

The blog post dives deep into the security challenges Recall faces. One of the main design principles outlined is that “the user is always in control.” This means that users can decide whether or not to enable Recall during the setup of their new Copilot+ PC. Microsoft emphasises that Recall will only run on devices that meet strict security requirements, which include features such as Trusted Platform Module (TPM) 2.0, System Guard Secure Launch, and Kernel DMA . These hardware demands aim to boost the overall security of the system.

Recall’s user control features

The company highlighted the importance of keeping users responsible for Recall’s data access. During your device’s initial setup, you can choose to opt out of using Recall. If you choose not to activate it, Recall will remain off by default. Microsoft has also clarified that users can disable Recall via Windows settings, although it remains to be seen if this action will completely remove the tool from your system.

Should you decide to use Recall, you can filter certain apps or websites, preventing Recall from saving any data linked to them. Additionally, any information gathered while browsing in incognito mode will not be saved. You will also have full control over how long Recall retains your data and how much disc space it uses for storing snapshots. If you ever want to delete specific data, you can erase snapshots from a particular time range or remove all data related to a particular app or website.

Microsoft adds a system tray icon to indicate when Recall is collecting snapshots. You can pause the data collection at any time. For added security, accessing Recall will require biometric verification, such as Windows Hello. Microsoft has confirmed that all sensitive information stored by Recall is encrypted and linked to your Windows Hello identity. This ensures that no other users on the same device can access your Recall data. It remains secure within a Virtualisation-based Security Enclave (VBS Enclave), with only certain portions of the data allowed to leave the VBS when authorised.

Encryption and sensitive data

Microsoft has also provided more details on Recall’s architecture. They confirmed that “processes outside the VBS Enclaves never directly receive access to snapshots or encryption keys.” Instead, external processes only get the data that has been authorised and released from the enclave. To further safeguard sensitive content, filters are in place to block Recall from saving certain types of information, such as passwords, credit card numbers, and ID details.

In another step towards bolstering security, Microsoft works with a third-party vendor to conduct a penetration test, ensuring that Recall meets high-security standards. This third-party verification aims to assure users that Recall is a secure tool, as Microsoft acknowledges the existing concerns surrounding its use.

Will the new measures be enough?

The introduction of these new security features reflects Microsoft’s awareness of the scepticism surrounding Recall. Since its launch, some users have voiced concerns about potential privacy issues, and a small group has even boycotted the AI tool entirely. Whether these new measures will alleviate these concerns remains to be seen. However, Microsoft is making strides to prove that its AI assistant can be trusted to handle sensitive data safely.

Hot this week

T-Mobile network infiltrated by hackers linked to China

China-linked hackers breached T-Mobile, accessing officials' data. T-Mobile says customers' data remains largely unaffected.

Honda’s solid-state battery plans could revolutionise EVs

Honda's new facility in Japan accelerates solid-state battery production, promising affordable EVs with longer ranges by the late 2020s.

Samsung tipped to launch Gemini-powered XR glasses in late 2025

Samsung’s XR glasses, powered by AI and Snapdragon AR1 Gen 1, are expected to launch in late 2025. They blend smart features with lightweight design.

Cybersecurity unicorn Semperis strengthens identity-driven resilience in Singapore after major funding success

Semperis enhances cybersecurity in Singapore with US$125M funding, partnerships, and training to combat growing cyber threats and ransomware attacks.

Casio unveils its first digital ring: A miniature watch for your finger

Casio celebrates 50 years of digital watches with the CRW-001-1JR, a sleek digital ring watch with time-only features, which will launch in December 2024.

Elon Musk and Vivek Ramaswamy outline plans for government overhaul

Elon Musk and Vivek Ramaswamy outlined plans to cut federal costs and reduce regulations under Trump’s government efficiency task force.

Honda’s solid-state battery plans could revolutionise EVs

Honda's new facility in Japan accelerates solid-state battery production, promising affordable EVs with longer ranges by the late 2020s.

NVIDIA expands DLSS 3 support to over 600 games, including Stalker 2

NVIDIA expands DLSS 3 support to over 600 games, including Stalker 2 and Flight Simulator 2024, with improved visuals and performance.

ASUS-built supercomputer with NVIDIA HGX H100 ranked among the world’s top supercomputers

ASUS and Ubilink build a supercomputing facility ranked 31st on TOP500 and 44th on Green500, delivering 45.82 PFLOPS and unmatched efficiency.

Related Articles

Popular Categories