CyberSecurity news
@arstechnica.com
//
Signal, the privacy-focused messaging application, has taken action to block Microsoft's controversial Recall feature from capturing screenshots of its desktop app content on Windows 11. Citing privacy concerns over Recall's ability to automatically take screenshots of on-screen activity, Signal has implemented a "screen security" setting, enabled by default, that leverages Digital Rights Management (DRM) to prevent the tool from accessing and recording private conversations. This move comes as Signal expresses discontent with Microsoft's approach, arguing that Recall lacks sufficient developer controls to exclude specific apps and protect sensitive information.
Microsoft's Recall feature, designed for Copilot+ PCs, works by continuously taking screenshots and creating a searchable database of user activity. Signal argues that this poses a significant risk to the privacy of its users, as private conversations could be inadvertently captured and stored. By implementing DRM, Signal sets a flag on its application window that instructs Recall, and any other screenshotting application, to ignore its content. While Signal acknowledges this is a blunt tool that may interfere with accessibility software, it believes Microsoft left them with no other choice.
Signal has criticized Microsoft for not providing developers with the necessary tools to manage how Recall interacts with their applications. The messaging app argues that it shouldn't have to resort to using DRM "content protection hacks" to safeguard user privacy. Signal hopes that AI teams building systems like Recall will carefully consider the privacy implications and avoid forcing apps to use workarounds to protect the integrity of their services. They want the AI teams to know that this will potentially affect accessibility options like screen readers.
References :
- security ? Ars Technica: “Microsoft has simply given us no other option,†Signal says as it blocks Windows Recall
- The Register - Software: Signal shuts the blinds on Microsoft Recall with the power of DRM
- www.techradar.com: Signal blasts Microsoft over Recall privacy failings, as secure messaging app is forced to fudge a way of blocking the controversial Windows 11 feature
- Dropsafe: By Default, Signal Doesn’t Recall | Signal Windows app leverages DRM content protection hacks to hide messages from Windows Recall
- Dan Goodin: Signal writes: "We hope that the AI teams building systems like Recall will think through these implications more carefully in the future. Apps like Signal shouldn’t have to implement “one weird trick†in order to maintain the privacy and integrity of their services without proper developer tools. People who care about privacy shouldn’t be forced to sacrifice accessibility upon the altar of AI aspirations either."
- www.bleepingcomputer.com: Signal now blocks Microsoft Recall screenshots on Windows 11
- CyberInsider: Signal Deploys Countermeasure to Shield Messages from Windows Recall
- securityaffairs.com: New Signal update stops Windows from capturing user chats
- Schneier on Security: Signal Blocks Windows Recall
- cyberinsider.com: Signal Deploys Countermeasure to Shield Messages from Windows Recall
Classification:
- HashTags: #Signal #MicrosoftRecall #Privacy
- Company: Microsoft
- Target: Signal users
- Product: Windows Recall, Signal
- Feature: Privacy Blocker
- Type: ProductUpdate
- Severity: Medium