devxlogo

Microsoft updates Recall amid privacy concerns

Microsoft updates Recall amid privacy concerns

Recall Updates

Microsoft has announced changes to its recently unveiled AI product, Recall, following criticism from security researchers. Recall was designed to create a searchable log of past activity by taking screenshots of users’ screens.

CEO Satya Nadella referred to it as “photographic memory” that could “recreate moments from the past” using the company’s AI models.

However, security experts raised concerns that captured screenshots would contain sensitive information, including usernames and passwords.

Kevin Beaumont, a prominent figure in the cybersecurity community, criticized the initiative, calling it “the dumbest cybersecurity move in a decade.” Alex Hagenah, a researcher with SIX Group AG, developed a tool that could copy the Recall database and parse it for sensitive details. In response, Microsoft announced significant changes to Recall.

These include making it an opt-in feature, requiring biometric enrollment to enable it, and enhancing the encryption of the database. Pavan Davuluri, Microsoft’s corporate vice president of Windows and devices, emphasized the company’s commitment to improving privacy and security safeguards.

Microsoft recall security improvements

The changes come after a series of high-profile breaches attributed to state-aligned hackers. A report from the U.S. Cyber Safety Review Board criticized Microsoft for fostering a corporate culture that devalued security. This led CEO Nadella to order employees to prioritize security in product development.

See also  Tesla shareholders clash over Musk's compensation

Despite these pledges, security experts remain skeptical. Beaumont noted that the details of how these changes are implemented will be crucial. He suggested that security researchers conduct a thorough review of Microsoft’s enhanced security claims.

The controversy highlights the challenges tech companies face in balancing innovation with privacy concerns as they integrate AI into their products. Microsoft’s decision to limit the rollout of Recall underscores the need to prioritize user trust and security.

devxblackblue

About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist