As a part of Copilot+ PC features, Microsoft recently introduced “Recall”.
Recall is designed to take screenshots of everything you do on your computer and store them on your device for easy search.
Despite Microsoft’s promises of a secure and encrypted Recall experience, a cybersecurity expert has raised concerns.
During the Copilot+ debut, Microsoft and global OEMs recently announced PCs powered by Qualcomm’s Snapdragon X Elite and Snapdragon X Plus, the only devices capable of delivering the Copilot+ experiences. As a part of Copilot+ PC features, Microsoft introduced “Recall”.
Despite Microsoft’s promises of a secure and encrypted Recall experience, a cybersecurity expert has raised concerns, reports The Verge.
Also read: Game changer: Qualcomm powered enhanced Microsoft CoPilot+ AI PCs are here!
For those who are unaware, Recall is designed to take screenshots of everything you do on your computer and store them on your device for easy search. However, these screenshots might not be as secure as advertised.
Also read: Microsoft’s new Recall feature lets you easily find & remember what you’ve seen on your PC
Researcher Kevin Beaumont discovered the data is stored in a format that could be accessed by malicious programs, potentially exposing your entire digital life to hackers.
“Every few seconds, screenshots are taken. These are automatically OCR’d by Azure AI, running on your device, and written into an SQLite database in the user’s folder,” Beaumont explained. “This database file has a record of everything you’ve ever viewed on your PC in plain text.”
On X, Beaumont criticised Microsoft for asserting that the Recall feature’s activity data could not be remotely extracted by hackers. He highlighted that the database, which is stored on a local PC and typically requires admin access, can be accessible from the AppData folder even without admin privileges.
Microsoft told media outlets a hacker cannot exfiltrate Copilot+ Recall activity remotely.
— Kevin Beaumont (@GossiTheDog) May 30, 2024
Reality: how do you think hackers will exfiltrate this plain text database of everything the user has ever viewed on their PC? Very easily, I have it automated.
HT detective pic.twitter.com/Njv2C9myxQ
The concern raised is that Recall could potentially simplify the process for malicious software and cyber attackers to steal information. Given that InfoStealer trojans are designed to filch credentials and sensitive data from computers, and such malware is actively being disseminated by cybercriminals, Beaumont warned that Recall could allow these threat actors to swiftly automate the extraction of all the data a user has interacted with.
Follow Us
Ayushi Jain
Tech news writer by day, BGMI player by night. Combining my passion for tech and gaming to bring you the latest in both worlds. View Full Profile
