June 10, 2024 at 06:13PM
Microsoft introduced the “Recall” AI feature for Copilot+ PCs, prompting concerns about potential data theft. In response, Microsoft added new security measures: Recall will now be turned off by default, users need Windows Hello enrollment, and Recall data will be encrypted. However, experts doubt these changes will fully safeguard sensitive information from hackers.
It seems that Microsoft is taking steps to address concerns over the security of its new “Recall” AI feature. The company has announced three new security updates for Recall, including shipping it turned off by default, requiring Windows Hello enrollment, and encrypting Recall data. However, experts remain skeptical about whether these measures will fully protect sensitive information from potential data theft.
One security expert, Marc-AndrĂ© Moreau, has expressed concerns that Recall could capture and store sensitive data, making it vulnerable to hackers. Despite Microsoft’s efforts to address these concerns, Moreau remains skeptical about the integration of Windows Hello and Recall and questions whether the changes will adequately protect users’ privacy.
The quick timeline for the preview release of Recall has also raised doubts about whether Microsoft can fully integrate Windows Hello in time. Critics are concerned that the rush to market parallels other AI products that prioritize speed over security.
It’s worth noting that some experts believe that AI could potentially help mitigate the security flaws of products like Recall. Moreau suggests that AI could be used to identify sensitive data in Recall screenshots, but feels that Microsoft has missed an opportunity to leverage AI in solving potential data leakage issues.
In summary, while Microsoft’s new security updates for Recall are a step in the right direction, skepticism remains about whether these changes will be enough to protect users’ sensitive information from potential data theft. The timeline for implementation and the rush to market have also raised concerns about the thoroughness of the security measures.