Part 1 - BEST PRACTICES ON AI: Microsoft Recall Defense

BEST PRACTICE SERIES #1 - Microsoft Windows Recall

DISCLAIMER: The following is my opinion, based on my research and the research of others. I am not an authority on such matters. But I am concerned. Take what you see with a grain of salt and seek the guidance from others more qualified that myself.

Notes from Scott

PAY ATTENTION. THIS IS A WARNING!

So, I’ve been passing on strong opinions about how the Microsoft Windows 11 operating system updates are setting up a new feature called “Recall”. In a nutshell, Recall (if it is enabled) has the ability to take note of everything you do on your PC. Think of it as peering over your shoulder 24x7. It never stops. Over a period of time, this feature allows users to search through the history of activity (screenshots turned into summary documentation) using a natural language interface. Imagine typing in “find me that spreadsheet document I did 4-months ago...I need to update my budget.” The word “recall” is an excellent branding term. It looks helpful and innocent.

But, the privacy implications are frightening. Many people, upon learning of this feature, are understandably motivated to turn this feature off. I am among them. Because no one really trusts these technology companies, they will have to verify it stays in the disabled or off setting each and every time your computer does updates and/or reboots. Yes, I kid you not. I believe the consensus view is that Recall is a sophisticated spyware system used to glean data from your pc, formulate a profile of your activity, and let the Copilot AI manage that information.

Microsoft says that it does not move your data to its data centers—and that is very likely true. But listen closely…it’s what they don’t say that’s the concern. If Copilot AI and the Recall feature is extracting data from the screenshots it is taking, that can be extremely damaging. By taking screenshots and then having a locally running AI called Copilot, it can summarize many things directly and indirectly about you…building a profile that is not “your data” but is data derived by Microsoft. Does Microsoft own that data? We don’t know. It’s indirect data for sure, but based on actual data it harvests from those screenshots. It’s almost like it turns your PC into a high level data extraction agent that passes off data to an even bigger and more sophisticated AI that does more inference on your profile. It is very intrusive. I agree with those that say there is a mad rush for “AI dominance” and the first to succeed owns the word!

So, let me begin my new “Best Practices Series” with this post on the Microsoft Recall feature. The video below is dated May of last year, when it was first being noticed in Microsoft updates. Also, if you look through my blog history, you will see where I have been educated about what is happening with this feature. This article has a great overview of Recall:

Microsoft Reveals Recall, AI-Powered Search for Your PC

Here’s an official source from Microsoft extolling all the positive benefits that this feature will bring to users:

Accelerating innovation: A new era of AI at work begins

Sounds pretty cool and appealing, right? Except I and others that have decades of experience with IT systems see it for what it is. Microsoft’s AI Copilot is being baked into the Windows operating system. Here is one example:

Microsoft Recall Update

Do you have an Recall enabled Windows PC?

Let’s begin this Best Practices Series on determining if you have Recall enabled on your PC. If you are not running Microsoft Windows, what I want you to focus on is the principles that are being discussed. Mac users and one day maybe even Linux distributions may exhibit this type of embedded AI system. In my opinion, we can expect that “Apple Intelligence” on Macs will most likely have it’s own version of this.

Getting back to Microsoft Windows. This short video will give you the information to know where you stand.

The Command Prompt Commands you will need:

Check Status: Dism /Online /Get-Featureinfo /Featurename:Recall
Disable: Dism /Online /Disable-Feature /Featurename:Recall
Enable: Dism /Online /Enable-Feature /Featurename:Recall

Step by Step Instructions:

1. My development laptop is a ASUS G16 with Windows 11 Pro installed.

2. As the gentleman indicates in the video, you can find out if your Windows PC has the right configuration to run Recall. In fact, you can check the state of the feature with some terminal commands.

3. To be able to interrogate the operating system, you will need to run CMD (aka the “Command Prompt”) as an administrator. Locate the CMD command, right click on the Command Prompt item, click on Run as administrator. Note: if you do not have administrator role, you will be denied. Most people that have their own laptops are already admins, but if your computer is part of a business network, like at work for instance, you will almost never have admin rights. If this is you, then ask your IT department to run the commands above.

4. You will see the rest of your window darken as you are prompted with a new modal screen to authorize running in administrator mode for this next operation. I can’t do a screenshot of that. But you are prompted “Yes” or “No”. To continue, click on “Yes”

   

5. This is what the command prompt looks like:

   

6. Paste in the first of the commands above. This command will give you the current status of the Recall feature on your PC’s operating system:

   
   Dism /Online /Get-Featureinfo /Featurename:Recall
   

7. If you get a “Feature name Recall is unknown” (like I did, see below) it means one of two things:

   1. Either this feature hasn’t been installed in your system through Windows Updates, or

   2. Your PC does not qualify for this feature due to hardware compatibility.

8. In my case, when I bought this laptop, knowing that this feature was coming, I made sure to stay just under the PC requirements. Newer PC’s increasingly come with what is known as an NPU (a Neural Processing Unit). Similar to CPU (Central Processing Units) and GPU (Graphic Processing Units). It’s the NPU that handles most AI specific workloads. By the way, GPUs are quite powerful and may also be an entry point into Copilot AI. If you are an authority in IT windows maintenance and deployment in your company, say hello and ping me.

   

9. To see what it looks like when you do have a qualifying computer, I took the screenshot from the video above:

   

   Note you see the Feature Name: Recall and that means it is there…at least the plumbing for this feature is there. If it is there, it is working if enabled. Note the last item in the red box says: “State: Enabled”. You must decide if you want it there or not. I recommend disabling this feature at your first opportunity. Again, if you are a part of a corporate IT controlled environment, it is unlikely that you will have the permissions to turn this off. Contact your IT department about your concerns.

10. If you see that your PC has it installed and it is enabled, run the next command from above to disable it. If your PC has Recall, but it is disabled, then there is nothing further at this point. It is there…and now you must monitor the status in case it gets enabled (see below). To disable Recall, run this command:
    
    Dism /Online /Disable-Feature /Featurename:Recall

    

You are done with this workflow.

Additional Discussion

You have heard me mention that PC’s are rebooting to apply operating system updates more often and that Terms of Service are changing quickly. This is the age of AI land-grab for training data and other privacy compromising concerns. It’s exhausting handling these updates and to some extent I’m sure that’s intentional. Update fatigue? People acquiesce to this all the time now. Me too.

But that doesn’t mean that we can’t think critically, be aware of what is happening, and take what steps we can to resist this nonsense. I’d like to provide you with some top-of-mind thoughts:

1. Be wise, try to do what you can against overwhelming odds. As we see the Revelation 13 technology manifesting before our eyes, at some level we need to take these alarming things and resolve:

   1. To protect ourselves,

   2. To warn others, help them, come alongside them,

   3. To realize we are closer to the end of the Church Age,

   4. Push with all your might to be about the Father’s business. As we each have unique skills, abilities, and resources, what that looks like is highly dependent on our uniqueness in the Body of Christ. Do you best. Remember the Bema Seat is where we have our one-on-one with Jesus! Of course, it is not a sin or salvation issue at the Bema Seat, but one of stewardship and accountability like the Parable of the Talents talks about in Matthew 25. Here it is for your review:
      
      [Mat 25:14-30 NASB95] 14 "For [it is] just like a man [about] to go on a journey, who called his own slaves and entrusted his possessions to them. 15 "To one he gave five talents, to another, two, and to another, one, each according to his own ability; and he went on his journey. 16 "Immediately the one who had received the five talents went and traded with them, and gained five more talents. 17 "In the same manner the one who [had received] the two [talents] gained two more. 18 "But he who received the one [talent] went away, and dug [a hole] in the ground and hid his master's money. 19 "Now after a long time the master of those slaves came and settled accounts with them. 20 "The one who had received the five talents came up and brought five more talents, saying, 'Master, you entrusted five talents to me. See, I have gained five more talents.' 21 "His master said to him, 'Well done, good and faithful slave. You were faithful with a few things, I will put you in charge of many things; enter into the joy of your master.' 22 "Also the one who [had received] the two talents came up and said, 'Master, you entrusted two talents to me. See, I have gained two more talents.' 23 "His master said to him, 'Well done, good and faithful slave. You were faithful with a few things, I will put you in charge of many things; enter into the joy of your master.' 24 "And the one also who had received the one talent came up and said, 'Master, I knew you to be a hard man, reaping where you did not sow and gathering where you scattered no [seed.] 25 'And I was afraid, and went away and hid your talent in the ground. See, you have what is yours.' 26 "But his master answered and said to him, 'You wicked, lazy slave, you knew that I reap where I did not sow and gather where I scattered no [seed.] 27 'Then you ought to have put my money in the bank, and on my arrival I would have received my [money] back with interest. 28 'Therefore take away the talent from him, and give it to the one who has the ten talents.' 29 "For to everyone who has, [more] shall be given, and he will have an abundance; but from the one who does not have, even what he does have shall be taken away. 30 "Throw out the worthless slave into the outer darkness; in that place there will be weeping and gnashing of teeth.

2. If you work at a company that uses Windows computers, it is unlikely that you will have zero control over what operating system you are using, the capabilities of the hardware (i.e. does it have an NPU?), the features that are turned on or off, or even that you can run the Command Prompt as an administrator (you must already be an administrator to even have this option). Here is some guidance for you, to the best of my thinking (as of the date of this post):

   1. You are an employee / contractor — you do not have control. But you can be very careful about any personal things you do on a work computer. I would not under ANY CIRCUMSTANCES do the following:

      1. Log into personal websites, especially banking, to pay bills, to confirm that your paycheck has been deposited.

      2. I would not be surfing your favorite YouTube channels for your favorite sermons, teachings, etc. to listen to while working.

      3. Keep personal things personal. Realize that if Recall is enabled and you are used to using password managers, you must be extremely cautious. Proceed very carefully. Do not run your personal password manager on your work computer. Do not let Recall take screenshots of your login data, including un-masked passwords that it can see, process, log, and then use against (you and us) in the future.

   2. You can raise your concerns to your boss, to the owner, to the head of security, and and IT department. Give them a warning that you suspect that Recall might be running on your device. I guarantee that your company executives do not want Recall studying what is happening in their company. They probably don’t know what’s happening. After all, who actually reads the tsunami of emails, notifications, and documentation to see it. This is rhetorical.

   3. Pray for people using PCs and what we know this is leading to in Revelation 13. Do not just give up and sit there like a lump on a log. Count the cost and stand approved before the throne room. Seek elders, open up this topic in your Church, Bible Study, or circle of influence. Do you think your Pastoral staff want Microsoft Recall “seeing” all the stuff their staff is doing? You can post your warnings on social media. I do.

3. Consider what your screen has on it. T-H-I-N-K. Do you:

   1. Create new passwords? Recall might take a screenshot of them.

   2. Do you unhide a password mask to see it in plain text?

   3. Do you surf the web in a distracted (i.e. non-productive manner)? Don’t give the enemy a foothold.

   4. Do you log in to sensitive areas of your employers business? Like, are you in the accounting or finance department (or sales, or medical systems, or top-security systems, ad nauseum)? Raise Microsoft Recall as an issue to your management team.

   5. Do you watch porn? Microsoft is watching…your boss could find out and on so many levels, you must deal with this sin and take authority over your walk as a Bride preparing for the Wedding! Do not be stained by this or other matters (astrology, tarot, new age practices). This is the season of putting down lesser things, stop drinking milk, stop letting other people interpret the Word for you—you must do it. Period.

Concluding Remarks

I shudder to think that I’m the only person out there trying to advise, encourage, and formulate best practices. There should be a ground swell of people MUCH SMARTER than me taking a stab at helping people with various technical skills.

You’ve noticed this is a Windows operating system oriented post…but the same can be said of Macs, tablets, phones…and if you are among those with technical skill and have a burden to pitch in, by all means reach out to me. Perhaps you can help me compile best practices for “Apple Intelligence” or “Android + Gemini” from Google which I assure you is doing equivalent things.

I warn in love and concern. Please understand the tone and caution I’m bringing to you. Be kind to others and know that we—as Brothers and Sisters—have the unique perspective as a Watchmen and Women to live in this time. Do not shrink back, get discouraged, or depressed. Resolve before the Lord that you are “All In” to serve Him to the best of your ability.

#Maranatha

YBIC,

Scott

Comments

[Stop_technocracy]

Thank you Scott! This is very insightful and helpful!

[Tony De Mattei]

Checked my PC, fortunately Recall was disabled. Thanks for the terrific information Scott!