It’s been a while since I bothered to post anything here. Though I couldn’t stop myself, both to remind me and others that with Windows 11 24H2 brings a new feature that is called “Recall” which takes frequent screenshots of what you are doing, converts it to text via OCR and stores the information on an encrypted kernel space. Microsoft states that the feature will only be enabled with the system that has AI enabled, but they don’t guarantee that it won’t be enabled in the future with upcoming updates. Note that there is no filtering of the text that is read from your screenshots, so the information stored can be anything that’s right on your screen, from passwords, to your private messages (which they already track if you are using Skype or Microsoft Teams), credit card numbers, etc. What can be in your screen can be on that encrypted space. Some speculations state that this data is also flushed to cloud (or Microsoft servers) if you have AI enabled which does actually make sense given that the feature is intended to remind you what you are doing via Copilot and that doesn’t really work on your computer.
Needless to say, this is a major security problem from whichever point you look at it. Here is a few security issues without giving a second thought:
- Giving AI your personal and private information.
- Making hackers to look for a certain space on your computer if your computer ever compromised, even if you get rid of sensitive data on your computer after use like having an encrypted storage that they can’t open but hey while you were looking at it, they took a screenshot and saved it somewhere. I don’t believe at all this so called encrypted space is safe from access as it’s not protected by an external entity (like you inputting a password)
- Performance issues. You can’t adjust how many screenshots can be taken and although taking a screenshot is relatively a cheap operation, OCR is not.
- It’s a black-box, we don’t know if information actually stays in your computer or not. If they ever transfer that encrypted data to somewhere else, you have no idea at all.
- The stored data can be used to train AI on human behavior if 4th point is a reality making you a test subject and possibly the theft of your humanly skills (if you have any 😀 )
So, having said these, if you have problem with any one of these issues, you possibly want to disable this feature. If you haven’t already disabled co-pilot, I would also suggest doing that for similar reasons. If you really need an AI, just use your browser, OR if you are a super-user and want to use something locally, just use Ollama (it’s not a mis-spelled Obama)
First of all, like any commands of this type, this requires an elevated user access (aka `Run as Administrator) on your terminal or powershell:
Then, to check if the feature is enabled:
Dism /Online /Get-Featureinfo /Featurename:Recall
You should see something like this if it is NOT enabled:
If you see an Enabled here, then to disable the feature:
Dism /Online /Disable-Feature /Featurename:Recall
It might ask you to restart your computer. If you don’t want that, press N, but restart later and check if you have it enabled later with the other command.
I am not giving you how to re-enable it as that’s really unnecessary if you are reading up to this point. I would also strongly suggest making a batch (.bat) file, put inside the disabling command and make it a scheduled task each time you boot-up your PC.
This should be pretty illegal in EU as well, so if you are living in EU, I would strongly suggest filing a complaint to EU commission from the link below and make it un-installable or be able to disable this for normal users, etc.: https://european-union.europa.eu/contact-eu_en