The developers at Brave Software announced that their browser will now block the Windows Recall functionality by default. This ensures that Windows cannot take screenshots of Brave windows, maintaining the privacy of users.
The AI function Recall was first introduced in May 2024. It is designed to help “remember” any information that the user has viewed in the past, making it accessible through a simple search. Recall takes a snapshot of any active window on the screen every few seconds, recording everything happening in Windows, whether it’s browsing websites in a browser, chatting in a messenger, or working with other applications.
After the announcement, Recall faced harsh criticism from cybersecurity experts and privacy advocates. Specialists compared the feature to a keylogger and demonstrated that it could be used for data theft.
In response to criticism, Microsoft has postponed the launch of Recall and announced that it will provide additional security by making the feature optional and encrypting the database so that it is inaccessible until the user authenticates via Windows Hello.
In December 2024, Recall became available again to participants in the Windows Insiders program, but users once again discovered issues and criticized the company: it turned out that Recall saves credit card numbers, social security numbers, and other confidential information, even if it is prohibited.
In the spring of 2025, Microsoft began rolling out Windows Recall to all users who installed the Windows 11 update KB5055627 on Copilot+ PCs. Shortly thereafter, the feature became available to anyone who installed the May updates.
The developers of Brave have now announced that they have decided to proactively add a feature to their browser that will prevent Recall from capturing the content of windows.
“Given that Brave places a strong emphasis on default settings that ensure maximum privacy, and what is at stake (your entire browsing history), we have preemptively disabled Recall for all Brave tabs,” the company states. “We believe it is important that your activity in the Brave browser does not accidentally end up in a permanent database, which can be particularly susceptible to misuse in sensitive situations (for example, in cases of partner abuse).”
On GitHub, the developers of Brave explain that they used Microsoft’s SetInputScope API and set the value to IS_PRIVATE for all browser windows. This informs Windows that the content of the windows should not be captured or indexed by Recall.
“Microsoft claims that a web browser can use SetInputScope to set the scope to the IS_PRIVATE value, so that Recall does not save the user’s browsing history. We can forcibly set this value for all windows in the renderer_widget_host_view,” the company says.
The innovation has already been implemented in Brave Nightly builds and is expected to roll out to stable releases in the coming weeks.
Recall that in May of this year, the developers of the Signal messenger made a similar decision and also blocked the Recall functionality by default, stating that Microsoft simply left them no other choice.
2025.04.30 — Coinbase fixes 2FA bug that made customers panic
Cryptocurrency exchange Coinbase has fixed a bug in its Account Activity logs that caused customers to think their credentials were compromised. Earlier this month, BleepingComputer…
Full article →
2025.04.10 — April updates released by Microsoft cause issues with Windows Hello
Microsoft warns that some Windows users who have installed the April updates might be unable to login to their Windows services using Windows Hello facial recognition…
Full article →
2025.04.16 — Android devices will restart every three days to protect user data
Google introduces a new security feature for Android devices: locked and unused devices will be automatically restarted after three days of inactivity to return their memory to an…
Full article →
2025.04.22 — Scammers pose as FBI IC3 specialists, offer 'assistance' to fraud victims
According to the FBI, scammers impersonating employees of the FBI Internet Fraud Complaint Center (IC3) contact fraud victims offering them 'assistance' in getting their money…
Full article →
2025.02.21 — Microsoft fixes vulnerability in Power Pages exploited by cybercriminals
Microsoft patched a severe privilege escalation vulnerability in Power Pages used by hackers as a 0-day. The vulnerability tracked as CVE-2025-24989 (CVSS score 8.2) pertains…
Full article →
2025.01.26 — Cisco patched a critical vulnerability in Meeting Management
Cisco released updates to fix a critical (CVSS score: 9.9) vulnerability in Meeting Management. The bug enables an unprivileged remote authenticated attacker to gain administrative privileges. The vulnerability…
Full article →
2025.01.23 — Fake Telegram CAPTCHA forces users to run malicious PowerShell scripts
Hackers used the news of Ross Ulbricht pardoning to lure users to a rogue Telegram channel where they are tricked into running malicious PowerShell code. This…
Full article →
2025.03.20 — 8,000 vulnerabilities identified in WordPress ecosystem in 2024
According to Patchstack, world's #1 WordPress vulnerability intelligence provider, 7,966 new vulnerabilities were identified in the WordPress ecosystem in 2024; most of these bugs affected plugins…
Full article →
2025.01.27 — Zyxel firewalls reboot due to flawed update
Zyxel warned its customers that a recent signature update may cause critical errors in USG FLEX and ATP series firewalls. As a result, devices go into…
Full article →
2025.03.24 — Alexa to stop processing data locally. All voice requests will be sent to Amazon Cloud
Amazon announced that the privacy option allowing users of Echo speakers to avoid sending their voice recordings to the company's cloud will no longer be supported. Effective March…
Full article →