In depth with Windows 11 Recall—and what Microsoft has (and hasn’t) fixed
Microsoft is preparing to reintroduce Recall to Windows 11. A feature limited to Copilot+ PCs—a label that just a fraction of a fraction of Windows 11 systems even qualify for—Recall has been controversial in part because it builds an extensive database of text and screenshots that records almost everything you do on your PC.
But the main problem with the initial version of Recall—the one that was delayed at the last minute after a large-scale outcry from security researchers, reporters, and users—was not just that it recorded everything you did on your PC but that it was a rushed, enabled-by-default feature with gaping security holes that made it trivial for anyone with any kind of access to your PC to see your entire Recall database.
It made no efforts to automatically exclude sensitive data like bank information or credit card numbers, offering just a few mechanisms to users to manually exclude specific apps or websites. It had been built quickly, outside of the normal extensive Windows Insider preview and testing process. And all of this was happening at the same time that the company was pledging to prioritize security over all other considerations, following several serious and highly public breaches.
