WTF?! Recall is shaping up to be a security and privacy nightmare – and one of the most popular messaging platforms is already trying to patch the hole. Signal's developers are now resorting to a "weird trick" involving Windows DRM to shield users from unwanted Microsoft surveillance.
The desktop version of Signal now includes a new "Screen security" feature designed to block external programs – and even Windows 11 – from capturing screenshots of the app window. Enabled by default, the setting is Signal's direct response to Microsoft's push to turn Windows into a powerful surveillance tool through Copilot's Recall feature.
Signal's official blog states that the Screen Security option protects message privacy from Microsoft Recall. Redmond recently relaunched its AI-fed, perpetual screenshot feature for Copilot+ PCs – claiming to have added new controls to address concerns about privacy violations and unwanted data collection.
None of this matters to Signal. Microsoft built Recall to capture desktop and app window screenshots every few seconds, store them in a local database, and shamelessly feed that data to an onboard large language model.
"It's a one-year anniversary that nobody wants to celebrate, but Recall is back and Signal is ready," the company said.
Microsoft's adjustments to Recall fall short, as the feature still risks exposing content from "privacy-preserving" apps like Signal. The desktop app now has an extra layer of protection to maintain its security, even if it means accepting some usability trade-offs.
Windows 11 currently offers no official APIs to prevent Recall from capturing screenshots of an app. As a result, Signal's developers had to get creative, leveraging Windows' native DRM technology to make the app's window impossible to capture.
"Apps like Signal shouldn't have to use 'one weird trick' just to protect their users' privacy and maintain service integrity without proper developer tools," the frustrated developers said.
Millions worldwide rely on Signal to keep their communication safe and encrypted – though government abuse remains a risk when no responsible oversight exists. In recent years, Signal Foundation President Meredith Whittaker called AI technology a pure surveillance tool, describing it as a platform driven by relentless data harvesting with little regard for privacy or security.
Signal's developers are urging Microsoft to provide tools that block OS-level AI access to sensitive data. The "move fast and break things" mantra won't work here – Signal might have to drop Windows support if the platform turns hostile to privacy-focused apps.