- Microsoft is finally making it possible to uninstall Windows Recall.
- It will be an opt-in experience, which users can enable or disable during the onboarding process.
- Microsoft has also significantly improved the security model of Recall. All data is now stored in the VBS Enclave.
Microsoft has been under fire ever since its rocky announcement of the much-anticipated and equally feared Windows Recall AI feature back in May. Security researchers called Windows Recall a privacy nightmare due to unencrypted data stored in the AppData folder. Later in June, Microsoft addressed Windows Recall concerns and said that major security changes will be implemented before a wider rollout.
Later in September, some reports suggested that you could actually uninstall the feature on the Windows 11 24H2 build. However, Microsoft killed all hope by calling it a bug at that time. Now, the US tech giant has officially announced that users will actually be able to uninstall Windows Recall completely if they don’t want to use it. And it will be turned off by default.
Now that there’s official confirmation, Microsoft themselves have stated that:
Recall is an opt-in experience. During the set-up experience for Copilot+ PCs, users are given a clear option whether to opt-in to saving snapshots using Recall. If a user doesn’t proactively choose to turn it on, it will be off, and snapshots will not be taken or saved. Users can also remove Recall entirely by using the optional features settings in Windows.
But, that’s not the end of it, as Microsoft has also implemented a bunch of security and privacy measures to mitigate the risks. In an interview with The Verge, David Weston, VP of enterprise and OS security at Microsoft, said,
I’m actually really excited about how nerdy we got on the security architecture. I’m excited because I think the security community is going to get how much we’ve pushed [into Recall].
In addition to letting users uninstall Windows Recall, Microsoft is taking the security of the feature a step further by taking advantage of the TPM (Trusted Platform Module) chip. For the curious, TPM is a security chip, that creates, stores, and attests cryptographic keys. Services like Windows Hello and BitLocker drive use this for encryption.
Anyway, Microsoft states that to access Recall, Windows users will need to use Hello sign-in, only after that, the tool will start working. This is definitely a better approach than the earlier version that allowed users to access the Recall timeline without any authentication.
Most importantly, Recall will operate in a secure environment called VBS Enclave, aka Virtualization-based Security Enclave. All associated data and operations will be processed in the VBS Enclave, a special protected environment.
So, when a user gets into Recall and drops a query, the VBS returns that data to the memory. Then, once the information is extracted and the user exits Recall, all processed data is wiped off as well. And, as Microsoft states, “The only information that leaves the VBS Enclave is what is requested by the user when actively using Recall.”
In addition to all that, Recall also has anti-hammering protocols in place, further securing it against malware attacks. Finally, Windows has made it very clear that Recall will only work on Copilot+ PCs. So, all those reports about being able to sideload the Recall app are nullified now.
As for Recall’s availability, the first Windows 11 Preview builds with Recall will start rolling out to Insiders sometime in October. Regular users will get it gradually, following Insider testing.
While I’m quite happy that we will be able to uninstall Windows Recall, I’m honestly surprised that it took them this long in the first place. In my opinion, this should have been security model in the first place. Data privacy is everything, and even the smallest leak of sensitive data can be incredibly detrimental to users. Well, better late than never, I guess.
What do you think about Microsoft’s new update to its Recall feature? Drop your thoughts in the comments below!
