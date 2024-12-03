Consumers have had their hands on Copilot+ computers for almost six months at this point, and during that time, Microsoft has found itself in a firestorm of criticism regarding the announcement of its controversial Recall feature. Originally announced in May of this year, Recall is an AI tool available for Copilot+ capable PCs that saves snapshots of all your activity and allows you to trace back to that snapshot just as you left it.

At a glance, this sounds useful. Being able to use AI to index and parse through my last few days or even months of work to find a specific thing I was looking for could save a lot of time. However, even with the additional precautions taken by Microsoft to further secure Recall, I’m still not interested in using it, even in the slightest. They fumbled the security initially, and it just feels like a roundabout way to improve Windows Search, which has been subpar for far too long.

Can Microsoft convince users to use Recall?

Or will it always feel too creepy?

Usually, new features like this excite me. Anything that pushes the envelope further and makes budding tech indistinguishable from magic is at the core of what makes me a huge tech nerd, but Recall just feels dystopian to me. Telemetry is one thing, but having all my actions stored somewhere, able to be parsed through at will, is a bit creepy, even if it’s encrypted and stored on-device.

The core functionality of Recall is the ability to search for text and visual matches of snapshots on your screen. The example usually given is finding where you were in your workflow with emails, documents, and webpages you had opened. This isn’t an outright issue for me, because I don’t deal with very much sensitive information in my daily workflow.

Most people today use their computers in a very personal way, so Recall will always feel slimy for anything other than pure work tasks.

But what if I open a sensitive email that’s not outright sensitive in the eyes of Recall? Recall is supposed to detect sensitive information and omit it from snapshots. Yes, you can tune Recall not to take snapshots featuring specific applications, but trusting an AI to detect when information should not be stored sounds like a disaster waiting to happen. The benefits simply do not outweigh the potential downsides, and I feel like most users will feel the same way. Most people today use their computers in a very personal way, so Recall will always feel slimy for anything other than pure work tasks.

I can’t say I'll use it often

Maybe just make Windows Search better?

I understand that visual recall abilities are somewhat useful, especially for those who find themselves buried in work. But if a user has proper “naming hygiene,” Windows Search should be able to pick up what you mean immediately, without using AI. If you name your files properly, you’ll have no trouble finding them and picking up where you left off. That is, if Windows Search functioned the way it ought to.

If I search for “GHUB” on Windows with the intention of finding the “Logitech G HUB” software used to control Logitech gaming devices, nothing comes up. But if I search for “G HUB,” it immediately comes up. The same thing happens with documents, and it’s exceedingly frustrating. For example, “Invoice 16” generates no results, but “Invoice_16” is immediately recognized. I might be preaching to the choir here regarding Search, but if it worked as it should, Recall wouldn’t sound nearly as helpful, even if you find yourself buried in work.

Fumbled security from day one

Doesn’t bode well for the future

Microsoft didn’t get off on the right foot with the announcement of Recall. Users were rightfully concerned that Recall had potential security risks. However, Microsoft swiftly allayed concerns about privacy and security by reporting that the snapshots were only stored on-device and were encrypted. Part of the backlash was that it was opt-out rather than opt-in.

The initial version of Recall was incredibly insecure, to say the least. Security experts found ways to access the database easily, which houses plaintext of what’s contained in the snapshots. They accomplished this with different users on the same device, meaning it didn’t matter who you were logged in as; you could see a user's actions if they had Recall enabled. Security researcher Kevin Beaumont did a fantastic job of detailing exactly how this was done in a blog post put up around that time.

Microsoft responded by deciding to delay Recall’s release and made it an opt-in feature of Copilot+ capable PCs, arguably the way it should’ve been in the first place. They also implemented further security measures like just-in-time decryption and biometric authentication. Still, in my opinion, these extra measures just aren’t enough for me to trust Microsoft with snapshots of my every move.

Too much potential for nefarious activity

Microsoft was deliberate in almost everything they did when they introduced Recall in May. Their language was chosen carefully, making their mistake of not prioritizing security even more egregious. Things like the shoehorning of MSN into the OS, ads in the Start menu, and requiring an account to set up the OS have made me leary of Microsoft and its handling of Windows. Recall is simply a bridge too far. For the first time, I’m seriously questioning whether I can continue using Windows as my daily driver or if it’s finally time to make the full swap to Linux or macOS.