Microsoft will switch off Recall by default after security backlash

Original Article ↗ Hacker News Discussion ↗

Trust and Defaults

  • Many see irony that Recall was built under Microsoft’s “Secure Future Initiative” yet shipped in an insecure, privacy-invasive form.
  • Strong expectation that “off by default” is temporary: people predict dark patterns in setup, nag screens, or a later update quietly re-enabling it.
  • Long history is cited: Windows updates re-enabling telemetry, OneDrive silently taking over user folders, keylogging for “speech/inking/typing,” and difficulty creating local accounts in Windows 11.
  • Several describe this as “slowly boiling the frog” rather than a genuine retreat.

Security and Abuse Risks

  • Core concern: Recall centralizes everything seen and typed on the screen into an easily searchable store, creating a powerful target.
  • Earlier proofs of concept showed malware could enable Recall and exfiltrate its database; posters doubt encryption-at-rest helps much when malware runs as the logged-in user.
  • Threat models raised: classic malware, low-skilled attackers, abusive partners, stalkers, nosy bosses, schools, parents, and state surveillance.
  • Debate vs. browser history: some say “attacker with root already sees everything”; others argue Recall is far worse because it includes full content (passwords, medical info, NDA data, video calls), not just URLs/metadata and not just in one app.

Enterprise, Compliance, and Legal Concerns

  • Some argue large enterprises will delay or disable Recall via group policy and use cleaner Enterprise images.
  • Others note that many SMBs have no real IT and just use OEM Windows, so they’d get Recall and other defaults unfiltered.
  • Examples given of OneDrive auto‑enabling backups and moving regulated data (e.g., health info) to the cloud without consent, potentially violating HIPAA.
  • People expect regulators, especially in the EU, to scrutinize Recall; some link it conceptually to “chat control”–style scanning mandates.

Perceived Usefulness of Recall-like Features

  • Minority see clear utility: reconstructing complex workflows, finding forgotten pages/commands, QA reproduction, time tracking, AI assistance with context.
  • Some already use similar tools on macOS (e.g., Rewind-like apps) and love them, but stress they’re opt‑in third‑party tools, not OS-level defaults.
  • Others say simple habits (notes, search, browser history) cover their needs with far fewer risks; for them the trade‑off is unacceptable.

Views on Microsoft’s Strategy and AI Push

  • Many see Recall as a symptom of an “AI everywhere” mandate inside Microsoft, with teams pressured to bolt AI onto everything regardless of suitability.
  • Some think the feature is primarily about generating rich training data and behavioral telemetry, not helping users.
  • There’s frustration that only public backlash, not internal security culture, forced changes, undermining Microsoft’s “security first” messaging.

User Responses and Alternatives

  • A noticeable segment say Recall was the final straw after Windows 11 ads/bloat/OneDrive behavior; they’re moving to Linux or macOS, keeping Windows only for games.
  • Others plan to disable Recall, hope debloat tools remove it, or refuse to buy Copilot+ PCs.
  • Several believe the brand “Recall” and first rollout are so toxic that the feature is reputationally damaged, even if technically improved.