Sign in Subscribe

Signal Resorts to Blocking Windows Recall to Protect User Privacy

Signal Resorts to Blocking Windows Recall to Protect User Privacy

Signal Messenger is taking a firm stance to protect user privacy on its Windows Desktop version against Microsoft's Recall feature. This AI tool, integrated into Windows 11, has raised concerns due to its capability to screenshot, index, and store nearly everything a user does every three seconds. To address this, Signal has enabled a default feature that blocks Windows from taking screenshots within the app. Users can disable this feature if necessary, for accessibility or record-keeping purposes.

"My Kingdom for an API"

Signal reports that despite Microsoft's efforts to refine Recall following critical feedback, the tool still poses a risk to privacy-centric applications. Consequently, Signal has decided to add an extra layer of security by default on the Windows 11 platform. This decision reflects Signal's intent to safeguard user data, despite some compromises on usability.

When Recall was first introduced, the tool was met with significant backlash due to its default settings and potential to store sensitive data, including Signal conversations. Although Microsoft temporarily withdrew Recall and later reintroduced it with improvements, concerns remain. The revised Recall now requires user opt-in, encrypts its database, and offers some user control over data indexing. However, many believe these changes do not sufficiently mitigate the risks.

Security expert Kevin Beaumont conducted a detailed examination of the renewed Recall and found shortcomings, such as its continued ability to screenshot sensitive information. The tool also decrypts its database with minimal security measures, raising questions about its vulnerability to malware.

Signal developers faced limitations due to the absence of an API to prevent Recall from indexing app content. By using a digital rights management (DRM) API designed to protect copyrighted material, Signal has found a creative way to enhance privacy by blocking screenshots in its Windows Desktop app.

Signal expressed hope that AI developers will consider the privacy implications of their tools more thoroughly in the future. The need to use such unconventional methods underscores the lack of adequate developer resources to protect privacy without hindering accessibility.

While Signal's measures add a layer of protection against Recall, the impact is limited unless all parties in a conversation, using the Windows Desktop version, maintain default settings. Microsoft has not yet commented on whether it will offer developers more control over Recall in the future.