Signal Messenger is warning the users of its Windows Desktop version that the privacy of their messages is under threat by Recall, the AI tool rolling out in Windows 11 that will screenshot, index, and store almost everything a user does every three seconds.
Effective immediately, Signal for Windows will by default block the ability of Windows to screenshot the app. Signal users who want to disable the block—for instance to preserve a conversation for their records or make use of accessibility features for sight-impaired users—will have to change settings inside their desktop version to enable screenshots.
My kingdom for an API
“Although Microsoft made several adjustments over the past twelve months in response to critical feedback, the revamped version of Recall still places any content that’s displayed within privacy-preserving apps like Signal at risk,” Signal officials wrote Wednesday. “As a result, we are enabling an extra layer of protection by default on Windows 11 in order to help maintain the security of Signal Desktop on that platform even though it introduces some usability trade-offs. Microsoft has simply given us no other option.”
When Recall was introduced in May 2024, security and privacy practitioners quickly warned that it created undue risks for both Windows users and those using other platforms who interact with Windows users. Many of the criticisms were based on specific designs. Recall was turned on by default. Screenshots and OCR data were stored in plaintext, where it could be accessed by any app with user system rights. It provided few granular tools to limit the type of content that was sucked into its massive vacuum bag of data.
After facing one of its worst PR disasters in recent memory, Microsoft pulled Recall out of Windows 11 previews a few months after adding it. Then, last month, Microsoft reintroduced a significantly overhauled version of the tool.
As Ars Senior Technology Reporter Andrew Cunningham painstakingly documented a few weeks later, the refurbished Recall went to great lengths to correct some of the poorly thought-through designs in the first iteration. Recall was now opt-in, rather than on by default. The database storing Recall data was now encrypted, with the keys secured in a secure enclave separate from Windows. And the tool now provided some level of user control to limit the type of content it indexed.
You mean when, for example, an MS online account was "optional". Too many things start as optional to later be turned back on or required in future updates. That trust is gone.