What Makes Windows Recall Insecure?

For those unfamiliar, Windows Recall is an AI-driven feature introduced by Microsoft for Copilot+ devices. Recall functions by continuously capturing screenshots of your desktop throughout the day, creating a digital log of your activities. This feature allows users to search through their past actions, messages, applications, and more, essentially filling in the gaps in their personal Windows timeline. While it seems convenient to search for specific items without scrolling endlessly through files or chats, the associated privacy and security concerns are substantial.

The launch of this feature was initially slated for the previous year, but Microsoft postponed it repeatedly due to security issues. In its initial iteration, Microsoft decrypted the entire screenshot database upon unlocking the PC, leaving anyone with physical access or knowledge of the password able to view the user’s activity history. Although this vulnerability was addressed, numerous concerns remained, including the possibility of sensitive information (like Social Security numbers, plaintext passwords, intimate chats, etc.) being present in these screenshots and even stored in plaintext—ideal conditions for a cybercriminal.

Microsoft has been refining the functionality since then, and recently reintroduced it permanently. Now, the Recall feature requires Windows Hello authentication during setup and when accessing the screenshot database. It is also designed to automatically redact sensitive information, and users can specify which applications to exclude from screenshots, allowing for private conversations or critical tasks to remain undisclosed. However, despite these advancements, security vulnerabilities persist (as sensitive information isn’t always sufficiently censored), particularly when a system software (the OS) is permitted to capture detailed activity throughout the day.

This inherent risk is too significant for Signal, a company known for its commitment to security. Consequently, the Windows version of Signal now automatically blocks Recall on Copilot+ machines. This action is not simply a preference for apps; it stems from Signal designating its application window as displaying DRM (Digital Rights Management) content. This strategy tricks Windows into thinking that the Signal window hosts copyrighted material, consequently preventing Recall from capturing screenshots of it.

While this solution is ingenious, it poses two notable challenges. Firstly, it disables Recall for users who might want to utilize the feature. Though some may not see the value, others could find it frustrating for an app to override a functionality they wish to access, particularly since opting into Recall is voluntary. Additionally, even if Recall isn’t in use, it can prevent users from taking their own screenshots: Anyone who has attempted to capture a screenshot of DRM content—such as when streaming on Netflix—can understand the inconvenience.

Disabling Signal’s Screenshot Blocking on Windows 11

Fortunately, a simple bypass exists. Signal acknowledges this limitation, understanding that some users will want to take screenshots of their conversations for various reasons.

To disable Signal’s DRM feature, navigate to Signal Settings > Privacy > Screen security. After turning off “Screen security,” a message will appear, informing you that this change may allow Windows to capture images of your Signal window, potentially compromising privacy. Simply select “Disable,” and the issue is resolved.

Credit: Signal