Technology You're wrong about Windows Recall — How Microsoft keeps your data safe on Copilot+ PCs

Gandalf_The_Grey

Gandalf_The_Grey

Level 78
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,774
Content source
https://www.windowscentral.com/software-apps/windows-11/youre-wrong-about-windows-recall-how-microsoft-keeps-your-data-safe-on-copilot-pcs
Since Microsoft announced Windows 11's big next-gen AI feature push, the internet has been up in arms over Windows Recall, the company's magnum opus AI experience that's exclusive to Copilot+ PCs launching this summer. While some responses have been sane, a large percentage of people have wasted no time spreading FUD (fear, uncertainty, and doubt) over this new feature without really understanding it.

In case you've been living under a rock: Windows Recall is a new feature that will take snapshots of your screen every few seconds and use on-device AI to analyze and triage that content. This allows you to semantically search for anything and everything you've ever done on your computer using natural language, and is arguably the next generation of search of Windows.

Unsurprisingly, this has led to many people calling Recall a spyware tool for Microsoft to watch everything we do on our computers, which is a particularly unfair description of the feature. Microsoft is actually taking privacy and security very seriously, and this article attempts to explain how, and why your worries about Windows Recall are unfounded.
Click to expand...
www.windowscentral.com

You're wrong about Windows Recall — How Microsoft keeps your data safe on Copilot+ PCs

Squashing the FUD around Windows Recall.
www.windowscentral.com www.windowscentral.com
 
  • Like
  • HaHa
  • Hundred Points
Reactions: kylprq, Andy Ful, TairikuOkami and 6 others
Victor M

Victor M

Level 10
Verified
Well-known
Oct 3, 2022
452
The 2 main points the article reveals to me: 1) There is an Recall API. 2) That attackers/hackers can access Recall and the article admits that BitLocker is the only protection which is of no use when you are logged in. In the article's own words: 'you are kinda screwed', The API can be mis-used by malware and hackers. Until someone fully examines the capabilities of the API, this is a concern. Hackers abuse API as a routine.

The article says that there is no talking to network by Recall and it is not sending anything. That is probably from the MS announcement event. If you choose to doubt that, then you would have to hook up WireShark the network traffic monitoring and capturing program and observe for yourself. And do tell the world what you discover please.
 
  • Like
  • Love
Reactions: ZeroStrawberries, nicolaasjan, Nevi and 1 other person
silversurfer

silversurfer

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,428
"Researchers Show How Malware Could Steal Windows Recall Data"
Researcher Marc-André Moreau showed how a remote desktop manager password collected by Recall can easily be recovered from a local unencrypted SQLite database, making it easy for information-stealing malware to obtain.

Another cybersecurity expert, Alexander Hagenah, has made available an open source tool, named TotalRecall, that can easily extract and display data from the Recall database.
“It’s a bit disappointing to see such a powerful feature not taking security more seriously. I hope Microsoft will address this before the official release,” Hagenah said.

Researcher Kevin Beaumont has taken a close look at Recall’s security and warned that threat actors could modify infostealers to grab data from the new Windows feature.
Click to expand...
www.securityweek.com

Researchers Show How Malware Could Steal Windows Recall Data

Cybersecurity researchers are demonstrating how malware could steal data collected by the new Windows Recall feature.
www.securityweek.com www.securityweek.com
 
  • Like
Reactions: kylprq, TairikuOkami, vtqhtr413 and 4 others

Similar threads

vtqhtr413
    • Like
    • Hundred Points
    • Applause
Technology Microsoft backtracks on Windows Recall feature amid industry outcry
Replies
3
Views
336
Technology News
silvers
S
vtqhtr413
    • Like
Technology Microsoft Build 2024: news and announcements from the developer conference
Replies
3
Views
419
Technology News
RoboMan
RoboMan
silversurfer
    • Like
A.I. News Intel, Microsoft discuss plans to run Copilot locally on PCs instead of in the cloud
Replies
0
Views
365
Technology News
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top