Vole is having another crack at its controversial Recall feature for Copilot+ Windows PCs, after security experts mocked and ridiculed the first version. The former version of Recall recorded screenshots and OCR text of all user activity and stored it unencrypted on disk so that it could easily be accessed by another user on the PC or an attacker with remote access – what could possibly go wrong?
The company had delayed it indefinitely to rearchitect it and said it would be tested through the normal channels before it was released to the public.
Now, Vole has shared more extensive details on exactly how the security of Recall has been re-architected.
Microsoft VP of Enterprise and OS Security David Weston said that Recall would be opt-in and off-by-default instead of opt-out, that users would need to re-authenticate with Windows Hello before accessing any Recall data, and that locally stored Recall data would be protected with additional encryption.
All Recall data stored locally, including "snapshots and any associated information in the vector database," will be encrypted at rest with keys stored in your system's TPM; according to the blog post, Recall will only function when BitLocker or Device Encryption is fully enabled.
Recall will also require Virtualization-Based Security (VBS) and Hypervisor-Protected Code Integrity (HVCI) to be enabled; people sometimes turn these features off to improve game performance, but Recall will reportedly refuse to work unless they're turned on.
"This area acts like a locked box that can only be accessed after permission is granted by the user through Windows Hello," writes Weston. "VBS enclaves offer an isolation boundary from both kernel and administrative users."
Windows doesn't allow any code to run within these enclaves that Microsoft hasn't signed, which should lower the risk of exposing Recall data to malware or other rogue applications. Other malware protections new to this version of Recall include "rate-limiting and anti-hammering measures."
 
				