Microsoft spent the last week or two backpedalling on Recall, the Copilot+ feature that quietly takes a screenshot of everything you do every few seconds and builds a searchable, AI-indexed history of your own computer. After security researchers had a field day with the early build, and the noise got loud enough, Microsoft announced it would make Recall opt-in rather than on by default, tighten the encryption, and hold it back from general release for more testing. My timeline has not stopped arguing about it since, and the argument is more interesting than the feature.
There are roughly two camps and they're talking past each other.
One camp says this was an obvious own goal. A local database of screenshots covering passwords, private messages, banking, medical searches, all of it, shipped on by default, initially sitting in storage that an attacker with a foothold could read. Of course it caused a riot. The fact that it took public outcry to make it opt-in tells you the default was wrong, and "we fixed it after you shouted" is not the reassurance Microsoft thinks it is.
The other camp says the idea is genuinely good and the panic was overblown. It's local. It's your data on your machine. An attacker who can read that database has already pwned you and has bigger prizes available. Perfect photographic memory of everything you've done is a real, useful thing, and we shouldn't kill a good feature because the first implementation had sharp edges.
Here's the thing: both camps are basically right, and that's why it won't resolve neatly. The capability is genuinely useful. The default was genuinely indefensible. Those aren't in tension. A powerful feature that records everything is exactly the kind of thing that should be off until someone deliberately turns it on, knowing what it does, and the fact that anyone thought otherwise is the actual story.
The "it's local, so it's fine" argument is the one I find weakest, and it's the one I hear most from people I otherwise respect. Local doesn't mean safe. Local means it's on a machine that runs a hundred other things, any of which might one day have a flaw, and now there's a single index of your entire digital life sitting there waiting for whichever of them gets popped first. Infostealer malware already grabs browser passwords and session tokens the moment it lands. A neat, searchable database of screenshots is the most generous gift you could hand it. The threat model isn't "Microsoft reads your screenshots". It's "the next bit of nasty software finds them all in one place, pre-indexed, with the hard work done".
What I keep coming back to is that the real question isn't "is Recall good or bad". It's "who decided this should be on, and what did they assume I wanted". The technology is neutral enough. The defaults are a values statement, and Recall's original default said something fairly grim about whose convenience was being optimised for. Walking it back to opt-in is the right call. That it had to be walked back, rather than shipped that way, is the bit worth remembering the next time something arrives switched on that you'd never have switched on yourself.