Friday, June 14th 2024

Microsoft Delays Controversial "Recall" Feature for Windows 11 24H2

by
AleksandarK
 Discuss (81 Comments)
Microsoft has made a last-minute decision to pull its much-debated "Recall" feature from the Windows 11 24H2 update set to launch on June 18th. Instead, the company will roll out Recall as a preview through the Windows Insider Program while it works to build user trust and address security concerns. Recall, one of the flagship features of 24H2, creates a searchable 30-day timeline of a user's activities including files, webpages, and screenshots. However, since its announcement on May 20th, Recall has faced heavy criticism over potential privacy risks from storing user data in unencrypted plain text files. Security researcher Kevin Beaumont labeled Recall a "security nightmare" after finding it logged activities to a SQLite database accessible by non-admin accounts. This raised alarms about the depths of user behavior tracked and stored locally on PCs.

Initially, Microsoft had planned for Recall to be enabled by default in 24H2. However, following the backlash, the company backtracked on June 7th, making it an opt-in feature requiring Windows Hello authentication and adding encryption. Those adjustments were still not enough to satisfy Microsoft. In a new blog post, the firm stated Recall did not yet meet its "own standards of quality and security" and that it "must be trustworthy, secure and robust" before a wider rollout. By moving Recall to the Insider Program for further testing and refinement, Microsoft is giving itself more time to get the technology right and rebuild user confidence. A future blog will provide instructions for Insiders to preview Recall on compatible Copilot+ PCs with added security protections.
Source: Microsoft

Related News

Add your own comment

81 Comments on Microsoft Delays Controversial "Recall" Feature for Windows 11 24H2

#76
Jermelescu
bugYou probably weren't around back when Microsoft proposed VB Script and all sorts of developers told them not go ahead with it. And then they did.
That's the whole point of these advance notices: to gather early feedback. Sure, most of the time the feedback is "omg, I can't wait to try this!". But sometimes it isn't.
I've been following tech since the '90s and you cannot compare those days to today.
They made the announcement, everybody went berserk, it gained notoriety, they heard what they wanted to hear and now they will improve things in one way or another. A tale as old as time.
Posted on Reply
#77
bug
JermelescuI've been following tech since the '90s and you cannot compare those days to today.
They made the announcement, everybody went berserk, it gained notoriety, they heard what they wanted to hear and now they will improve things in one way or another. A tale as old as time.
I can compare, I believe I already have.
1996 - Microsoft previews VB Script, everybody yells at them it adds a huge attack surface. Microsoft releases anyway, a new family of computer viruses is born.
2024 - Microsoft announces an unencrypted data honeypot, everybody yells at them it adds a huge attack surface. Microsoft promises to go back to the drawing board, we're waiting to see how this plays out.

It's not the exact same story, but I also see no problem with the public telling Microsoft to shove it.

Here's an article that explains it pretty well: arstechnica.com/ai/2024/06/windows-recall-demands-an-extraordinary-level-of-trust-that-microsoft-hasnt-earned/
And don't miss the promoted comment either.
Posted on Reply
#78
Darmok N Jalad
JermelescuI love it when people freak out about things that are not yet released, and then they get surprised of last minute changes.
It was as clear as day that this will not be released in the announced form. Never ever ever ever, yet most people got so paranoid it was hillarios.
Anyway, it doesn't matter because only 0,1% tops of people using Windows have heard about this, since the vast majority of Windows users don't read tech news and don't actually care about things like this until they have it in front of their eyes.
Life moves on.

But as far as I go, can't wait for this feature to drop in. I spend way too much time searching for stuff I've seen or done in the past, so this will be a godsent to focus more on the present and future.
Here in my large metro area, the local radio station was talking negatively about Recall in their afternoon drive-home show, and for quite a while. Yeah, maybe a lot of folks don't listen to local radio anymore, but I think you might be surprised at how much attention it got for anything related to Windows. Bad press goes around the world a lot faster than good press, and MS took a beating on this one. Thanks to social media and effluentcers desperate for attention, any little old thing can turn into a dust-up. The problem this creates for corporations is that this bad new hits with a fury and then people move on to some other thing to be upset about, but by then the damage is done and the trust is lost. MS's beta program came back to bite them, and maybe that's because some features that involve your personal data or every single thing you've ever done on your PC shouldn't be "release previews" where the end user gets to be bug tester. It's a feature MS should have gotten right from the start.
Posted on Reply
#79
Jermelescu
Darmok N JaladHere in my large metro area, the local radio station was talking negatively about Recall in their afternoon drive-home show, and for quite a while. Yeah, maybe a lot of folks don't listen to local radio anymore, but I think you might be surprised at how much attention it got for anything related to Windows. Bad press goes around the world a lot faster than good press, and MS took a beating on this one. Thanks to social media and effluentcers desperate for attention, any little old thing can turn into a dust-up. The problem this creates for corporations is that this bad new hits with a fury and then people move on to some other thing to be upset about, but by then the damage is done and the trust is lost. MS's beta program came back to bite them, and maybe that's because some features that involve your personal data or every single thing you've ever done on your PC shouldn't be "release previews" where the end user gets to be bug tester. It's a feature MS should have gotten right from the start.
Well, it hasn't been officially released, so the "start" didn't actually happen.
I mean, I get it. It was stupid from a lot of points of view, some of them even terrifying, but forcing yourself into beta testing sometimes bites you in the ass.

Like I said, wait for the official release and then we can go rampage on them if it is shady, insecure, bad or whatever.
Posted on Reply
#80
bug
JermelescuI mean, I get it. It was stupid from a lot of points of view, some of them even terrifying, but forcing yourself into beta testing sometimes bites you in the ass.
Not sure if you see the irony: Microsoft is asking users to hand over data safety, while not doing the bare minimum to safeguard that data during the beta phase.
It paints the exact opposite picture Microsoft needs.

Otherwise yes, quite a blunder, but no harm, no foul. Yet.
Posted on Reply
#81
Darmok N Jalad
JermelescuWell, it hasn't been officially released, so the "start" didn't actually happen.
I mean, I get it. It was stupid from a lot of points of view, some of them even terrifying, but forcing yourself into beta testing sometimes bites you in the ass.

Like I said, wait for the official release and then we can go rampage on them if it is shady, insecure, bad or whatever.
I suppose, but look what the release preview (which was going to be opt-out) was going to be before folks got their hands on it. MS made the critical error of announcing it without a proper security standard (encrypted till needed, not just at login), and then prepped to preview release it in that less-than-secure form. The backlash actually made MS rethink their strategy. This feature is very deserving of way more scrutiny from the day it can first be used, because a feature like this really needs to be gotten right (in terms of security) from the outset. Recall is not just a risk to people that use it, but it is also a risk to people who have critical communications with those people that use it. There really is no beta for security on a feature like this. Would we want an opt-out beta for a password manager app?

Granted, we're always subject to some exposure through digital communications, but Recall has the potential to be an express lane for bad actors. If MS can't anticipate this and understand the level of concern we might have with this feature, then there is no trust. After the backlash, MS didn't offer assurances that they actually did anticipate these concerns and demonstrate how they got it right. Instead, they backtracked significantly.
Posted on Reply
Add your own comment
Nov 21st, 2024 08:25 EST change timezone

Latest GPU Drivers

New Forum Posts

Popular Reviews

Controversial News Posts