Researcher says Microsoft's Windows Recall has security gaps "you can fly a plane through"

Cal Jeffrey

Cal Jeffrey

Posts: 4,217   +1,435
Staff member
Windows Recall: Microsoft says it's secure; security researchers say it's not, but does it matter? Windows Recall is a feature that takes screenshots of every moment you are on your computer to make that information available for Copilot searches. Is it a really useful feature, or is it just more AI rubbish being crammed down consumers' throats? Let us know in the comments.

Windows Recall stirred up controversy the moment Microsoft announced it, and with good reason. The feature is rolling out with the upcoming Copilot+ PCs and will constantly take screenshots of whatever you are doing. It stores these "snapshots," along with corresponding OCR (optical character recognition) files, to allow users to query Copilot to semantically search for things they were viewing or working on in the past.

Security-minded people and researchers immediately brought up privacy issues. However, Microsoft seemed to put that concern to bed, saying that all processing and data storage is local.

That's fine and good, but security researcher Kevin Beaumont says it's not enough. The feature is full of security holes. He believes Microsoft "should recall Recall and rework it to be the feature it deserves to be." Beaumont applauds Redmond for designing Recall to run on the edge, thus eliminating the possibility of cloud-based data leaks. However, its shortcomings make it a security "disaster."

For starters, Windows Recall stores its data in a wide-open SQLite plaintext database. While it is true that this is encrypted while logged out of Windows, this only protects it from someone physically stealing your computer, which Beaumont points out is not how hackers generally conduct their business. On the contrary, Recall is highly vulnerable to "InfoStealer trojans." Additionally, Recall does not censor or otherwise hide sreenshots containing sensitive information or credentials that may appear on screen.

"Encryption at rest only helps if somebody comes to your house and physically steals your laptop – that isn't what criminal hackers do," said Beaumont. "For example, InfoStealer trojans, which automatically steal usernames and passwords, [have been] a major problem for well over a decade – now these can just be easily modified to support Recall."

Furthermore, the unencrypted database files are simply stored in "AppData" in a new "CoreAIPlatform" folder. While this folder and the files it contains does require admin rights to access, Microsoft admits that most Windows users run as admins, so it's not really adequate security. Beaumont claims he accessed the files with only two lines of code that bypassed those protections.

"I'm not being hyperbolic when I say this is the dumbest cybersecurity move in a decade," he said on Mastodon.

"At a surface level, it is great if you are a manager at a company with too much to do and too little time as you can instantly search what you were doing about a subject a month ago. In practice, that audience's needs are a very small (tiny, in fact) portion of Windows userbase – and frankly talking about screenshotting the things people in the real world, not executive world, is basically like punching customers in the face [sic]."

Although most people won't have trouble finding the data on their own, Beaumont is responsibly withholding details on how he accessed Recall's data until Microsoft addresses the security gaps "you can drive a plane through."

Windows Recall is "optional" despite Microsoft enabling the feature by default. However, you can turn it off by navigating to the "Privacy & security" tab in Settings and toggling off "Save snapshots." Currently, the functionality is only helpful for a very small demographic, so the risks are not worth the rewards.

Permalink to story:

Researcher says Microsoft's Windows Recall has security gaps "you can fly a plane through"

 
So, there will be no Windows 11 for me, on my private machines.
I was wondering how Linux is going to increase its desktop penetration, now I know.
 
  • Like
Reactions: bwbeam
Hackers, micromanagers, authoritarian regimes, thin-skinned politicians, law enforcement agencies that think the Constitution does not apply to them - they will all love Windows Recall. Actual users/victims will not.
 
Jme Kerul said:
So, there will be no Windows 11 for me, on my private machines.
I was wondering how Linux is going to increase its desktop penetration, now I know.
Click to expand...
Or instead of hyperventilating, you could simply disable the feature.

As for Linux, I've been hearing for 30 years now about how it's "going to increase desktop penetration". At the present rate of growth, it'll overtake Windows sometime around the year 2112.
 
  • Like
Reactions: hk2000
Endymio said:
Or instead of hyperventilating, you could simply disable the feature.

As for Linux, I've been hearing for 30 years now about how it's "going to increase desktop penetration". At the present rate of growth, it'll overtake Windows sometime around the year 2112.
Click to expand...
Try to disable Edge as a feature;) - thankfully, after EU intervention, it became possible in this region.
as for linux penetration, it actually went up 20% in last 6 months, even more if we will count steam data, so while obviously below the competition, I switch to it 2 years ago and there is nothing I'm missing from either windows or macos.
 
dangh said:
as for linux penetration, it actually went up 20% in last 6 months, even more if we will count steam data.
Click to expand...
The facts paint a rather different picture:

"....Linux hit a marketshare of 2.32% in the May 2024 Steam Hardware Survey... The last time it went over 2% was in February 2013 ... when it hit 2.02%."

Translation: in 11 years, Linux on Steam has gained a whopping 0.3% market share. In the desktop browser segment, Linux has done substantially better -- but the fact remains that over the last decade, OS X has gained much more market share than Linux has.

Personally after Windows 11, I'd love to see Linux supplant Windows. But it's not happening soon.
 
www.techradar.com

Forget Windows and macOS — Linux market share reaches a new high as users search for an alternative

Linux’ popularity continues to surge
www.techradar.com www.techradar.com
"As ever, it’s StatCounter bringing the data to the table via its February 2024 figures, marking a leap of the leap from 3% in just eight months when, previously, that 3% milestone took thirty years to reach."

yes, steam data is really weird. Depending on current state of the chinese internet coffees. And in 2013 steam was very different tool than today, I was rather thinking about steam in context of last 2 years or so.
 
dangh said:
I was rather thinking about steam in context of last 2 years or so.
Click to expand...
The growth of Linux on Steam in the last 2 years or so was entirely caused by the Steam Deck. Steam users aren't switching their desktops and laptops to Linux, they're just buying Steam Decks. Without the Deck, Linux would still be in the same 1%~1.5% range it was 2 years ago.
Also keep in mind that, compared to 2 years ago, the Windows user share did not decrease, it's still in the same ~96% ballpark. The growth of Linux on Steam has been at the expense of macOS, not Windows. That doesn't mean Apple users are switching to Linux, but it means Windows is also growing fast enough to maintain its share % while macOS was the only one whose growth stagnated.
Even your own StatCounter link shows the same thing. It shows Windows is also growing in that period, and it was macOS that shrank.
 
poshflamingos said:
The growth of Linux on Steam in the last 2 years or so was entirely caused by the Steam Deck. Steam users aren't switching their desktops and laptops to Linux, they're just buying Steam Decks. Without the Deck, Linux would still be in the same 1%~1.5% range it was 2 years ago.
Click to expand...
I beg to differ. These gamers on reddit, there's plenty of threads where someone decided to finally switch, then were surprised at how smoothly everything went. Some even were running more exotic setups, like dual cards to run a triple or quad head, or using one card to game and one to offload their streaming or whatever, and were surprised they didn't have to futz with anything to get that to work. (I think the only points any more people sometimes have to futz is HDR and if someone has one of those like 480hz monitors they were sometimes having to futz to get them to run at that high a refresh rate.) Obviously these can't be too massive of numbers or the steam survey would show this big percentage change. But it's not like some rare event either.

I think the rate of this will increase -- a surprising number of people have zero interest in Win11, when Win10 goes out of support they are highly likely to at least try a live USB of a distro, throw steam on it, point it at their steam library and see how it runs a couple games.
 
hwertz said:
I beg to differ. These gamers on reddit, there's plenty of threads where someone decided to finally switch, then were surprised at how smoothly everything went.
Click to expand...
"I saw some threads on reddit" isn't data, it's just a few worthless anecdotes. Even if we're incredibly generous and say you saw 100 such threads on reddit, that's still only a whopping 0.0000625% of Steam's monthly active users.
All the actual data we need to see is right there on the Steam survey and StatCounter. Windows' userbase not shrinking, it is growing. Linux's is also growing, but that growth was at the expense of macOS, not Windows.
 
You must log in or register to reply here.

Similar threads

D
Unofficial app enables Windows Recall on unsupported PCs
Replies
6
Views
50
ZedRM
ZedRM
zohaibahd
Microsoft Recall AI will log everything you do on Windows
2
Replies
27
Views
433
LimyG
LimyG
D
Windows 11's Recall feature can be enabled on PCs without an NPU
Replies
5
Views
97
brucek
brucek

Latest posts

Back