Signal Gives Microsoft a Clear Signal: Do NOT Recall This
Privacy-first messenger blocks Microsoft Recall with black screen.
Recall, Microsoft’s “magical” AI tool that watches everything you do, is back. But the team behind private messaging app Signal aren’t happy about it—they’ve added a feature to stop Recall taking screenshots of your chats.
As you might recall, Recall was initially dubbed a “privacy disaster,” before being “delayed indefinitely.” But Microsoft tweaked and relaunched it—and in today’s SB Blogwatch, people aren’t entirely happy about that.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: ’Droids you’re looking for.
Black Screen of DRM
What’s the craic? Brian Fagioli reports: Signal declares war on Microsoft Recall with screenshot blocking on Windows 11
“Defeats the entire point”
Signal … the privacy-first messaging app, is going on the offensive, declaring war on Microsoft’s invasive Recall feature. … Recall was first unveiled a year ago as part of Microsoft’s Copilot+ PC push. The feature quietly took screenshots of everything happening on your computer, every few seconds, storing them in a searchable timeline. [But] security experts called it dangerous.
…
Microsoft simply hasn’t given developers any real way to exclude their apps from Recall’s data vacuum, so the company had to use the same DRM mechanism Microsoft applies to movies and TV shows. And frankly, it’s hard to blame them. Signal exists to keep conversations private, and letting an AI tool silently capture chats defeats the entire point. … People don’t want an operating system that spies on their conversations in the background. And developers shouldn’t have to play defense just to do the right thing.
DRM? Think of the unintended consequences. Ivan Mehta can see one: Signal’s new Windows update prevents the system from capturing screenshots of chats
“Might not work as intended”
The company said that this new “screen security” setting is enabled by default on Windows 11. … When you are trying to take a screenshot with the new screen security setting enabled, you will just get a blank screen.
…
[But] when the setting is enabled, some functions, such as screen readers, might not work as intended. You can turn off the setting through Signal Settings > Privacy > Screen security.
Horse’s mouth? Signal’s Joshua Lund: By Default, Signal Doesn’t Recall
“Privacy is an existential matter”
After an intense security backlash and significant public outcry, Microsoft quickly pulled the feature. It’s a one-year anniversary that nobody wants to celebrate, but Recall is back and Signal is ready. Although Microsoft made several adjustments over the past twelve months in response to critical feedback, the revamped version of Recall still places any content that’s displayed within privacy-preserving apps like Signal at risk.
…
Microsoft has launched Recall without granular settings for app developers that would enable Signal to easily protect privacy, which is a glaring omission that limits our choices. Signal is using the tools that are available to us even though we recognize that there are many legitimate use cases where someone might need to take a screenshot. For example, some accessibility software (such as screen readers or magnification tools for people who are visually impaired) may not function correctly otherwise.
…
People everywhere rely on Signal to protect their communication, including human rights workers, governments, board rooms, militaries, and millions of individuals around the world for whom privacy is an existential matter. … It’s imperative that privacy-preserving apps retain the ability to uphold these promises on every platform, including Microsoft Windows. … Apps like Signal deserve to be treated with at least the same level of caution that’s afforded to a web browser’s private or incognito browsing window — which Microsoft has already excluded from Recall by default.
Time for a thought experiment? Control Group isn’t blind to the risks:
I can see why I’d want it. “That website I went to yesterday about the thing” is a very common type of experience for me. Or, “I know I talked to someone about configuring SQL Sentry last week; who was it?” Or, “I know I found that video somewhere; but it wasn’t directly from search, it was recommended off a search result—where was that?” Or the first time you realize, “Oh, hey, Office now only turns on autosave after you’ve manually saved your thing.” … There’s a reason I have a hundred tabs open in my browser.
…
That said, … I will never, ever have Recall enabled on any device I have any degree of administrative control over. … While I’m sure there are some employers out there stupid enough to think recording everything their employees do on company equipment is a good idea, any place featuring a legal team with more than the one orange brain cell will put the kibosh on Recall tout-****ing-suitely.
What’s the alternative? godelski kidnaps a hostage to fortune:
I wonder if 2025 will be the year of Linux? Windows has turned itself into spyware. Apple is too expensive and going the same way. Meanwhile the user experience of Linux has dramatically increased. … Most people wouldn’t notice the difference. [They] just use their computer for the browser.
…
Perceptions are slow to change and a lot has changed in that time. … Our job often involves breaking down big problems into many little problems. … Making little steps makes progress towards solving the big problems. It can be easy to feel like that progress isn’t happening and it can be frustrating that it isn’t happening fast enough. But our experience should also tell us that it all seems to quickly come together towards the end. There was never a magic leap, it was all the small steps put together.
O RLY? u/tuxooo thinks that idea is “very on point”:
This is what I did when Recall was announced over a year ago, put to alpha, hacked in less than a hour after put to public alpha, “recalled” ironically by Microsoft, and re-announced later on. Never used full time Linux before, just dabbled a bit, but after that I fully moved to Linux and never looked back.
It’s ironic that Signal had to resort to using DRM, amirite? yes, thinks ksynwa:
It’s a bit telling that this … can only be done by abusing a feature meant to protect intellectual property rights of corporations.
This is true. And baby_souffle experiences partial cranial overpressure: [You’re fired—Ed.]
Reading this makes my head explode a little. 15 years ago, DRM was all about the DVD restricting where and when it could be played. Now it seems like we’re using DRM to reassert our own rights? This timeline is cursed.
But are we surprised? A slightly sarcastic DaveSimmons isn’t:
Not only is there no API to tell Recall not to index your content, there’s also no API to tell you whether Recall is enabled. It’s like having malware pre-installed on your PC.
But hey, they just added more quantum-resistant algorithms to defend against attacks that might happen 20 years from now, so security is job#1 at Microsoft?
Meanwhile, kornel gets to the root of the problem:
People don’t trust tech companies that think consent is a choice between “Yes” and “Yes, Later.”
And Finally:
Ben throws Luke under the bus.
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites—so you don’t have to. Hate mail may be directed to @RiCHi, @richij, @[email protected], @richi.bsky.social or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.
