Skip to content
"altar of AI aspirations"

“Microsoft has simply given us no other option,” Signal says as it blocks Windows Recall

Even after its refurbishing, Recall provides few ways to exclude specific apps.

Dan Goodin | 242
The Signal messaging app on a mobile phone. Credit: Getty Images
The Signal messaging app on a mobile phone. Credit: Getty Images

Signal Messenger is warning the users of its Windows Desktop version that the privacy of their messages is under threat by Recall, the AI tool rolling out in Windows 11 that will screenshot, index, and store almost everything a user does every three seconds.

Effective immediately, Signal for Windows will by default block the ability of Windows to screenshot the app. Signal users who want to disable the block—for instance to preserve a conversation for their records or make use of accessibility features for sight-impaired users—will have to change settings inside their desktop version to enable screenshots.

My kingdom for an API

“Although Microsoft made several adjustments over the past twelve months in response to critical feedback, the revamped version of Recall still places any content that’s displayed within privacy-preserving apps like Signal at risk,” Signal officials wrote Wednesday. “As a result, we are enabling an extra layer of protection by default on Windows 11 in order to help maintain the security of Signal Desktop on that platform even though it introduces some usability trade-offs. Microsoft has simply given us no other option.”

When Recall was introduced in May 2024, security and privacy practitioners quickly warned that it created undue risks for both Windows users and those using other platforms who interact with Windows users. Many of the criticisms were based on specific designs. Recall was turned on by default. Screenshots and OCR data were stored in plaintext, where it could be accessed by any app with user system rights. It provided few granular tools to limit the type of content that was sucked into its massive vacuum bag of data.

After facing one of its worst PR disasters in recent memory, Microsoft pulled Recall out of Windows 11 previews a few months after adding it. Then, last month, Microsoft reintroduced a significantly overhauled version of the tool.

As Ars Senior Technology Reporter Andrew Cunningham painstakingly documented a few weeks later, the refurbished Recall went to great lengths to correct some of the poorly thought-through designs in the first iteration. Recall was now opt-in, rather than on by default. The database storing Recall data was now encrypted, with the keys secured in a secure enclave separate from Windows. And the tool now provided some level of user control to limit the type of content it indexed.

But the changes go only so far in limiting the risks Recall poses. As I pointed out, when Recall is turned on, it indexes Zoom meetings, emails, photos, medical conditions, and—yes—Signal conversations, not just with the user, but anyone interacting with that user, without their knowledge or consent.

Researcher Kevin Beaumont performed his own deep-dive analysis that also found that some of the new controls were lacking. For instance, Recall continued to screenshot his payment card details. It also decrypted the database with a simple fingerprint scan or PIN. And it's unclear whether the type of sophisticated malware that routinely infects consumer and enterprise Windows users will be able to decrypt encrypted database contents.

And as Cunningham also noted, Beaumont found that Microsoft still provided no means for developers to prevent content displayed in their apps from being indexed. That left Signal developers at a disadvantage, so they had to get creative.

With no API for blocking Recall in the Windows Desktop version, Signal is instead invoking an API Microsoft provides for protecting copyrighted material. App developers can turn on the DRM setting to prevent Windows from taking screenshots of copyrighted content displayed in the app. Signal is now repurposing the API to add an extra layer of privacy.

“We hope that the AI teams building systems like Recall will think through these implications more carefully in the future,” Signal wrote Wednesday. “Apps like Signal shouldn’t have to implement ‘one weird trick’ in order to maintain the privacy and integrity of their services without proper developer tools. People who care about privacy shouldn’t be forced to sacrifice accessibility upon the altar of AI aspirations either.”

Signal's move will lessen the chances of Recall permanently indexing private messages, but it also has its limits. The measure only provides protection when all parties to a chat—at least those using the Windows Desktop version—haven't changed the default settings.

Microsoft officials didn’t immediately respond to an email asking why Windows provides developers with no granular control over Recall and whether the company has plans to add any.

Photo of Dan Goodin
Dan Goodin Senior Security Editor
Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. In his spare time, he enjoys gardening, cooking, and following the independent music scene. Dan is based in San Francisco. Follow him at here on Mastodon and here on Bluesky. Contact him on Signal at DanArs.82.
242 Comments
Staff Picks
UserIDAlreadyInUse
UserIDAlreadyInUse
Honest question, how does this benefit average users? I can see how an employer would want spy ware, but what value is this to us plebs? Not being sarcastic
Oh, it's going to be a huge benefit to an abusive person wondering if their partner is looking up legal assistance, shelters, and divorce laws. They can then nip that in the bud - hard - as soon as Recall shows that they're even thinking of leaving.
r
rjsams
Am I the only one who finds Ars reporting on Windows Recall to be very overly alarmist? e.g. "one of its worst PR disasters in recent memory". Hard to believe that is true, when Recall still isn't out, and 99% of users wouldn't know what you were talking about if you asked them about Windows Recall.

Recall is only in preview, it isn't easy to get, and most PCs don't even qualify to run it. Microsoft has taken lots of feedback, to the point of taking it down for a while, that they've incorporated into future previews. It looks like a healthy public engagement to me.

This feedback from Signal to Microsoft is fair though. Microsoft can incorporate this kind of feedback before they really release Recall widely. It does unfairly target Recall like it is the only app that can screen record Signal. Even your browser can screen record now.

Without using the API they are now using, Signal can't make privacy guarantees on a desktop app at all. Perhaps they should have been using this API all along? Because this risk exists today, even though Recall still isn't out.

You mean when, for example, an MS online account was "optional". Too many things start as optional to later be turned back on or required in future updates. That trust is gone.
a
anon_lawyer
I would be interested to hear who is asking for this. There has been an extraordinary backlash in public, so who is pushing for it? Do enterprise clients want this or something? I would have guessed no. Or if so they have consulted legal, because this will create an ediscovery nightmare.
graylshaped
graylshaped
Not only is there no API to tell Recall not to index your content, there's also no API to tell you whether Recall is enabled.

It's like having malware pre-installed on your PC.

But hey, they just added more quantum-resistant algorithms to defend against attacks that might happen 20 years from now, so security is job 1 at Microsoft?
New Opsec guideline: Never communicate confidential information with anyone who may be using Windows 11.
Prev story
Next story