For those who aren’t aware, Microsoft have decided to bake essentially an infostealer into base Windows OS and enable by default.
From the Microsoft FAQ: “Note that Recall does not perform content moderation. It will not hide information such as passwords or financial account numbers."
Info is stored locally - but rather than something like Redline stealing your local browser password vault, now they can just steal the last 3 months of everything you’ve typed and viewed in one database.
I've written up my thoughts on the Copilot Recall feature in Microsoft Copilot+ PCs
I think it will enable fraud and endanger users, and is not the sign of a company who are committed to security first.
Copilot+ Recall has been enabled by default globally in Microsoft Intune managed users, for businesses.
You need to enable DisableAIDataAnalysis to switch it off. https://learn.microsoft.com/en-us/windows/client-management/manage-recall
@jaystephens Settings: Accounts: Access work or school: here it’ll say something along the lines of “Connected to Blah Azure AD/Entra.” Beyond that, Recall is currently limited to Copilot+ ARM based devices.
@jaystephens @GossiTheDog It does need sufficiently performant neural network blocks on die, so it’s currently in something like an open beta on Microsoft’s latest ARM based devices.
But that’ll expand as the NN blocks in AMD Ryzen 8000G and any recent discrete GPU can do the same thing, and non-G Ryzen 9000s will likely have sufficient performant NN block in their IO chiplets, while Intel’s range will have them by their 15/16th gen.
Kevin Beaumont
Jay
sen