Is Microsoft Recall Safe?
Microsoft Recall captures a screenshot of your screen every few seconds, then uses OCR and a local AI model to make that archive searchable. The idea sounds genuinely useful. The execution raises serious questions.
I've been using TraceMind daily for six months, and Recall kept coming up in conversations about browser history tools. So I spent time actually understanding what Recall does at a technical level, how its risks compare to browser-native approaches, and whether the privacy tradeoffs make any sense for most people.
My honest conclusion: Recall is not inherently malicious, but it creates an enormous attack surface for a modest productivity benefit.
What Microsoft Recall Actually Does
Recall runs only on Windows 11 Copilot+ PCs. It takes screenshots at frequent intervals (roughly every few seconds when your screen content changes), compresses them, and stores them in an encrypted SQLite database on your local drive. A small on-device AI model (using NPU acceleration on Copilot+ hardware) processes these screenshots with OCR so you can search across them later.
The privacy problem isn't just the cloud question. It's what gets captured in the first place.
Recall screenshots everything visible on your screen. Banking portals. Medical records. Private messages. Your password manager UI. Code in your editor with API keys visible. A video call with your face and your colleague's face. None of that is filtered out by default. Microsoft added some sensitive content filtering after initial backlash, but the basic architecture is: screenshot first, filter later.
Security researchers demonstrated within weeks of the first preview that the Recall database could be extracted by malware running with standard user-level permissions. The database is encrypted at rest, but the encryption uses keys tied to your Windows Hello credentials. Once an attacker has your session, the database is readable.
There is also the question of scope creep. Even if you trust that Microsoft's implementation is secure today, you are building years of granular behavioral data into a proprietary format on a platform you don't fully control. What happens when a future Windows update changes how that data can be accessed? What happens if Recall is eventually connected to Microsoft's cloud services? You have limited ability to audit or verify those future decisions.
The Browser-Sandboxed Alternative
TraceMind takes the opposite approach. Instead of recording your screen, it captures only the text content of web pages you visit, using Mozilla's Readability library to extract the meaningful content from each page's DOM.
The scope difference is significant:
- Recall captures everything on screen (browser, apps, desktop, notifications, video calls)
- TraceMind captures only the text of web pages you explicitly browse
That narrower scope isn't a limitation. It's a design choice. If 90% of your knowledge work happens in the browser, you don't need OS-level screen recording to search your research. You need good browser history search. The two tools are solving slightly different problems, but most of the value people want from Recall is about finding things they read online, and TraceMind does that more precisely.
TraceMind also uses SHA-256 deduplication to avoid storing duplicate versions of the same page and lz-string compression that reduces stored data by 50-70% compared to raw page text. The extension handles single-page applications correctly by intercepting pushState and replaceState calls, so your SPA navigation gets indexed too, not just traditional page loads.
How the Search Actually Compares
Recall's search is built on OCR of screenshots. It can find text that appeared anywhere on your screen, in any application. The coverage is broad.
TraceMind's search combines two approaches: semantic vector search using the all-MiniLM-L6-v2 model (384 dimensions, running via WebGPU or WASM in your browser) and FlexSearch full-text indexing. The two results are merged using Reciprocal Rank Fusion, which consistently surfaces more relevant results than either method alone.
The practical difference is meaningful. If you remember roughly what something said but not the exact words, semantic search will find it. You can type "the article about caching strategies I read last week" and TraceMind will surface the right page even if the words "caching" and "strategies" don't appear in the URL or title. Recall's OCR-based approach needs the actual text to have been on screen and legible, and it doesn't understand meaning, just character patterns.
TraceMind returns results in under 100ms. The model runs locally, the index lives in IndexedDB, and there are no server round-trips involved. There's no waiting for a cloud query to return, no dependency on your internet connection for search to work.
I've found this speed matters more than I expected. When you're in the middle of work and need to find something, a half-second wait feels long. Sub-100ms feels instant, which means you actually use the tool rather than deciding it's faster to just Google again.
What Stays Local, and What Doesn't
Both Recall and TraceMind claim local-first processing. But the specifics matter.
Recall's data stays on your device by default. However, it requires Windows 11 with a Microsoft account, and it sits inside an ecosystem where telemetry, sync, and account features create potential vectors for data leaving your machine in ways you might not anticipate. The data is local, but you're operating inside a platform you don't control.
TraceMind stores everything in your browser's IndexedDB. The semantic search model runs in-browser via WebGPU or WASM. The full-text index is local. The only external network call TraceMind makes is for Pro license validation. That's it. No analytics calls, no telemetry, no content sync. You can verify this by watching the network tab in Chrome DevTools — nothing goes out except that single license check for Pro users.
For Pro users, TraceMind also offers optional AES-256-GCM encryption (PBKDF2, 200,000 iterations) for the stored history data. This is opt-in, not the default, and the keys never leave your device. You can also export and import your encrypted history, which is useful if you switch machines or browsers.
If you're curious how the data storage decisions were made, the building local-first AI post covers the IndexedDB and WASM choices in detail.
Platform Availability
This is a meaningful practical difference. Recall requires:
- Windows 11
- A Copilot+ PC (specific hardware with NPU)
- A Microsoft account
TraceMind requires a Chromium browser. Chrome, Brave, or Edge. Any OS. macOS, Linux, Windows. If you're on a Mac, Recall simply isn't an option. If you're on Linux, same story. If you're using Windows but on older hardware that doesn't qualify for Copilot+, Recall is unavailable to you regardless.
This hardware gating matters because it means most of the world's Windows users can't use Recall today even if they wanted to. TraceMind works on essentially any modern computer with Chrome installed, free plan, no hardware requirements.
The Free vs. Pro Breakdown
TraceMind's free tier is genuinely full-featured. You get unlimited page indexing, 365-day retention, and semantic search. That covers the core use case completely. The free tier includes up to three excluded domains if there are sites you don't want indexed.
The Pro tier adds things that matter once you're using the extension heavily: full 1920x1080 screenshots stored as part of page records, the Offline Page Viewer (full HTML snapshots you can browse even after a site goes down, sandboxed so no external requests are made), notes attached to pages, AI-assisted tag suggestions, pinning for important pages, encrypted export and import, advanced analytics, and unlimited excluded domains.
You can see the full breakdown at tracemind.app/pricing. The point is that you don't need to pay to get value from the extension. Most users start on free and upgrade if they want the archival features.
What Recall Does Better
To be fair: Recall covers non-browser content. If you need to search your desktop apps, Figma files, Excel spreadsheets, or video calls, Recall captures those and TraceMind doesn't. That's a real capability difference for certain workflows.
Recall also captures visual content more naturally. If you were looking at a chart or an image with text, Recall's OCR approach will find it. TraceMind extracts DOM text, so images without alt text won't be searchable.
For pure browser research workflows, I don't think those advantages outweigh the privacy tradeoffs. But they're real, and I'd rather be honest about them than pretend TraceMind does everything.
Who Should Use Which
Use Recall if you need to search non-browser apps, you're on a Copilot+ PC running Windows 11, and you're comfortable with the screen-capture architecture. Some people genuinely do most of their work outside the browser and need that broader coverage.
Use TraceMind if your knowledge work is primarily browser-based, you're on any OS (Mac, Linux, or Windows), you care about verifiable local-only storage, or you want semantic search that understands meaning rather than matching OCR output. The compare page goes through the feature comparison in more detail if you want specifics.
The Core Question
The question isn't whether Microsoft is trustworthy as a company. It's whether capturing your entire screen every few seconds is a proportionate approach to the problem of finding things you've seen before.
I don't think it is, and I didn't build TraceMind that way. The browser is already the right unit of capture for most knowledge work. A tool that works inside that boundary, with explicit scope and verifiable local storage, handles the 90% case without the attack surface of continuous screen recording.
That tradeoff is worth making. And honestly, for Mac and Linux users, it's the only option anyway.