SecureMac, Inc.

Checklist 376: Too Much Recall

May 24, 2024

Microsoft’s new Copilot+ PCs shine with high performance but raise privacy concerns with the Recall feature. Meanwhile, Apple’s iOS 17.5.1 update fixes a bug that brought back deleted photos.

Checklist 376 title image: Too Much Recall

Checklist 376: Too Much Recall

Microsoft Unveils Copilot+ PCs Amid Privacy Concerns

Microsoft has announced its latest line of computers, dubbed Copilot+ PCs, which promise significant advancements in hardware and performance. According to Microsoft, these devices outperform the 15-inch MacBook Air by up to 58% in sustained multithreaded performance and offer superior battery life, lasting up to 15 hours of web browsing or 22 hours of local video playback. However, the introduction of these PCs has sparked significant privacy concerns due to a new feature called Recall.

Copilot+ PCs: High Performance, Extended Battery Life

The new Copilot+ PCs are designed to deliver exceptional performance, with Microsoft claiming they outperform Apple’s MacBook Air significantly in multithreaded tasks. In addition to their processing power, these PCs offer extended battery life, positioning them as a strong competitor in the market for high-performance laptops. Despite the hardware accolades, the reaction to Microsoft’s new features, particularly Recall, has been mixed.

The Controversial Recall Feature

The Recall feature is designed to take encrypted snapshots of a user’s activity, including files, photos, emails, and browsing history. These snapshots are stored locally on the computer and can be configured by the user. Microsoft emphasizes that Recall is an optional feature and that users can limit what it captures. The company also assures that the data is stored locally and is not accessed by Microsoft or any third parties.

Privacy and Security Concerns

Privacy advocates and experts have raised alarms about the implications of Recall. The UK’s Information Commissioner’s Office (ICO) has contacted Microsoft for more information, following concerns that the feature could be a “privacy nightmare.” Dr. Kris Shrishak, an advisor on AI and privacy, and Daniel Tozer, a data and privacy expert at Keystone Law, have expressed worries about the potential misuse of the screenshots, particularly in business environments.

Jen Caltrider, a privacy lead at Mozilla, warned that someone with access to the device could exploit the detailed history captured by Recall. Additionally, Eva Galperin, Director of Cybersecurity at the Electronic Frontier Foundation, highlighted the risks of domestic abuse, noting that making it easier to spy on users could have serious consequences.

Microsoft’s Response

Microsoft maintains that Recall is secure, noting that the snapshots are encrypted and stored locally. The company stated that it is committed to privacy and security, and users can control the extent of data captured by Recall. Microsoft has also assured that Recall does not moderate or remove sensitive information from screenshots, which remains a point of contention among privacy experts.

As the ICO investigates the safeguards Microsoft has implemented to protect user privacy, the tech community is keenly watching for further developments. The controversy surrounding Recall highlights the broader debate about the balance between innovative features and privacy protections in new technology.

Apple’s iOS 17.5.1 Update Fixes Photo Resurfacing Bug

Apple has released iOS and iPadOS 17.5.1 to address a significant bug causing deleted photos to reappear in users’ iPhoto libraries. The issue, reported by users on Reddit and covered by AppleInsider, surfaced after last week’s updates to iOS 17.5 and iPadOS 17.5.

The Problem

Following the updates, some users noticed that previously deleted photos, including potentially embarrassing ones, reappeared in their photo libraries. This prompted Apple to release a minor security update. According to Apple’s release note, the update addresses “a rare issue where photos that experienced database corruption could reappear in the Photos library even if they were deleted.”

Technical Explanation

Zach Hall from 9to5Mac explained that when a file is deleted from NAND storage, the data isn’t immediately erased. Instead, the space is marked as available, leaving the actual data intact until it is overwritten by new data. This technical detail means that specialized software can often recover “deleted” files, and glitches can cause them to reappear.

Apple’s Response

Apple clarified to 9to5Mac that the issue was due to corrupted local files surviving between device upgrades through backups and transfers. They emphasized that Apple never had access to these deleted photos and that the corrupted data was not part of iCloud Photos sync.

Many users, including a listener named Dan who emailed the Mac OS Ken podcast, believe that “deleted” should mean fully erased. Dan pointed out that overwriting data would use more write cycles, which could reduce the overall storage capacity of the device over time. He compared this potential issue to “batterygate,” where Apple faced backlash for slowing down iPhones with aging batteries to prevent unexpected shutdowns.

Dan suggested that Apple could look for a method that balances complete deletion with hardware longevity, possibly making the process optional for users.

The resurfacing photos bug has raised concerns about Apple’s privacy standards. While the company has built a reputation for prioritizing privacy, this incident highlights the need for a more reliable deletion process. Apple’s swift release of iOS 17.5.1 aims to prevent the issue from happening again, though users who experienced the bug will need to delete the resurfaced photos manually.

Get the latest security news and deals