Microsoft explains how it’s making controversial Windows Recall feature secure amidst privacy debacle


What you need to know

  • Microsoft has detailed how it’s improved Recall’s security with encryption and Windows Hello authentication.
  • Recall’s data is now isolated in a VBS Enclave, meaning it’s no longer readable by third-party apps and users.
  • Snapshots will now automatically filter out sensitive information like passwords and credit card details.
  • Recall never uploads data to the cloud, and can be uninstalled from the system if you don’t want it.

Microsoft is finally ready to detail how it’s updating Windows Recall to ensure it’s a secure experience that can’t be easily hacked or tampered with. After the monumental failure that was Recall’s original debut, the company is now confident that Recall is a safe experience that users should feel comfortable using.

Originally, Windows Recall was discovered to be storing data in an unencrypted state, making it ripe for third-party attackers to scrape sensitive information collected by the Recall process. Microsoft has now addressed this concern, moving to encrypting the data and ensuring the user is actively present to access it. 



Source link