Sunday, April 20, 2025

Thoughts on Windows 11's "Recall" Feature

Seeing one of the latest threads this morning about Win11's Recall feature, I'm not surprised that it does what it does TBH

Some of these points overlap with comments I made earlier when news of this feature first broke. I can't easily find those now, but if/when I do, I may amend this post with those notes as well, as they better cover a bunch of other insights I don't think I've captured here as well.

 

EDIT:  Cool, according to this Ars article, they do seem to have put in place most of the reasonable safeguards I'd expect / recommend them to have.

 

Reactions to Claims About Current Implementation + Topics for Further Investigations
First up, the only real surprise to me seeing how they're currently rolling it out is that it doesn't seem to have any API for marking a window as "Private" (i.e. bad news for Private Browsing windows / financial transactions / sensitive data handling... heck, unless IT disable it globally for a business, does this present/expose businesses to PII violations even?!)... or does only Edge have access to the secret API that only MS have access to 🤔


Second, it's interesting that apparently it might bug out if there's DRM content / video playing on screen.

Experiments from willing volunteers will thus need to be done regarding:
* 1) Does having such content anywhere on screen temporarily disable recording?

* 2) If 1 doesn't apply, does using Picture-In-Picture style popup windows for said video players (i.e. stay on top, freely movable, video only windows) allow positioning such content to partially overlap a window causing the window behind to be hidden

* 3) Does this apply to all video DRM players used (as long as they go via that hardware path)?  (I'm assuming normal video is completely unaffected)

   For instance, with standard screenshotting, I've only seen problems capturing Disney+ on Firefox but not Netflix or anything else...

* 4) Does the DRM blocking only apply to fully opaque video windows, or does getting this sort of video playback to function in a semi-transparent window (if possibly to do) result in everything in that area getting blocked?

 

Implication:
"As a strictly academic thought exercise", would it therefore be possible to setup "defender" services / apps to defeat this thing cheaply (i.e. without needing to pay for and stream from something like Disney+, running constantly as you're using your machine)? 🤔

 

How We Got Here

This is the part that I've previously covered in greater depth. But I largely believe that the introduction of Windows Recall is largely the result of convergent influences + forces. As with most technology, there is usually no absolute "good technology and bad technology" - it's really how that technology is put to use. Hence, from what I've seen / am aware of, on balance, the emergence of such technology is probably coming from a good / well-intentioned place... HOWEVER, the mass deployment at scale however has been rather clumsy, and does raise legitimate concerns about whether shadier forces are in fact pushing this through with nefarious intentions.

 

So, the good sides:
1) People use similar 3rd party tools today on their machines for tracking where they've been spending time - making it easier for them when writing up their timesheets 

    Source: I've come to learn that two people I work with use such tech on their computers

2) Personal Information Management (PIM) Researchers - a subfield of the wider Human-Computer Interaction research area - genuinely thought that having such functionality would be useful for a lot of people

     * There have been countless papers written over the years about people having trouble finding stuff they did on their devices, and trying to come up with tools for doing so.

        Of course also, the motivation for trying to do this does come more naturally to those with a research-type role for which problems like this are actual legit pain point problems we run into all the time...

     * One of the really popular subthemes / approaches is presenting a timeline view of interactions (for scrubbing through events in the order that they occurred), coupled with advanced search tools to help you really get in there and find what you're looking for

     * Also, the recent developments in using AI-based tools for content extraction + query processing have come at an opportune time to really finally try to realise the promise of concepts that many have been studying for most of their careers...

3) Full DisclosureI've also researched + build various similar systems over the years, just not something exactly like the one that Microsoft is deploying

    * Most pertinently, a few years ago, I've built a similar tool for indexing text from the large collection of screenshots I've explicitly taken over many years to try to retrieve something I'd once seen (but couldn't remember / pick out going through the screenshots by hand). The code is publicly available on Github. For that project, I used Windows' built-in OCR (as it was the best + easiest option I had available).

     When news of Recall first broke during the initial launch event, I remember thinking at the time:  "Gee... I wonder if by some chance, some MS Staffer stumbled across this project of mine, got inspired, and pitched or demoed a derived prototype that lead to this monster being unleashed"

     While the likelihood is low, we unfortunately can never really know, short of the involved engineers and/or execs admitting to such... And if that does come to pass:  Yeah, I'm sorry for unleashing or inspiring this monster

    * Another system I once built included having a timeline / recency slider for filtering the files in your file browser based on time of last access.

The bad sides:

4) Nation-state-level spy-actors applying various pressures + demands on Microsoft "from the top"  (or maybe infiltrated at some other level) 

TBH, knowing what we do about what the NSA have done previously, and what the Isarali's and Russians routinely do, and the draconian "Anti-Terror" laws that the UK have been passing in recent years, we cannot rule out the influence of such forces in having a very strong hand in pushing this stuff through. Indeed, it would be remiss to ignore the possibility that MS have not actually received sealed NSL's demanding that they backdoor their OS with this functionality by a certain date - hence necessitating the Windows 10 sunsetting and mandatory switchovers to Windows 11.

Conspiracy-type thinking: Yes.

Unlikely to be true: Very close to zero.

 

Where to Next

Now, if this functionality were truly well intentioned, here are some easy fixes that Microsoft *could* apply to right the ship:

1) Disable whole feature by default, and make it strictly opt-in (AND importantly, as something that requires a verifiable download that provides all the needed stuff, vs only providing the "public facing access key" to turning it on)

2) Provide explicit "opt-out" API's that apps can mask specific windows with (with complete blanking, and/or maybe customizable privacy protecting placeholder texts)

3) A stop/pause button to prevent recordings that the user can easily access

 

---


Unfortunately, now that the thing has bolted though, and with that Nation-State Actor Spying influence never completely out of the frame, we can unfortunately never truly trust that even if the measures above are implemented that they are not just a show-sham theatre for placating the masses (while they are still secretly just harvesting all this info anyway).

Which is a shame, as we do have an opportunity to really test + explore what tech like this can offer in the cases where it can really shine.

No comments:

Post a Comment