Last month, Microsoft debuted Recall, an artificial intelligence-powered feature that would give select Windows PCs “photographic memory” by snapping screenshots every few seconds. The internet promptly responded with horror, accusing Recall of being a “privacy nightmare” and even preloaded spyware. The United Kingdom’s data watchdog, the Information Commissioner’s Office, even started investigating Recall for potential confidentiality violations. Now, after getting up close and personal with the feature, a cybersecurity expert is sounding the alarm about Recall’s susceptibility to exploitation. He claims the feature’s extensive plain text data troves are surprisingly easy to hack.
Kevin Beaumont, a UK-based cybersecurity professional with over two decades of experience, shared in a blog post Friday that Recall data is far easier to compromise than Microsoft has alleged. Microsoft initially told the BBC that “a would-be hacker would need to gain physical access to your device, unlock it, and sign in before they could access saved screenshots.” But Beaumont’s recent experimentation reveals it doesn’t work that way.
According to Beaumont, Recall takes screenshots of your screen every few seconds and then uses optical character recognition (OCR) to convert those images into searchable plain text. The resulting text data is written into an SQLite database in the Windows user’s CoreAIPlatform folder. Because most Windows users run as full administrators on their own devices (per Microsoft), virtually any device user can access the CoreAIPlatform folder(s) on their PC, whether it belongs to their own user profile or that of a partner, family member, friend, or roommate. It also means that a hacker can locate all users’ Recall data stored on that computer by gaining access to a single Windows user profile (physically or remotely).
Beaumont says he’s automated the exfiltration of his own Recall file to show just how easy it is to exploit the controversial feature. He’s also made a website that allows users to upload and search Recall databases. Still, he’s “deliberately holding back technical details until Microsoft ships the feature,” hoping that Microsoft will patch these glaring holes.
When we originally covered Recall in May, it was common knowledge that the feature would be exclusive to Microsoft’s Copilot+ PCs, which are allegedly optimized for AI. On Sunday, however, the news broke that laptops equipped with AMD CPUs and Nvidia GPUs would be eligible to receive “a free update to Copilot+ PC experiences when available.” This means Recall and other Windows AI features are unlikely to come loaded on the laptops, but might be added later through a software “upgrade.”
“The overwhelmingly negative reaction [to Recall] has probably taken Microsoft leadership by surprise,” Beaumont wrote. “This was like watching Microsoft become an Apple Mac marketing department.”
This post was originally published on 3rd party site mentioned in the title of this site
