The controversy surrounding the newly announced Windows 11 Recall continues. The UK data protection watchdog has already done that confirmed that it is “inquiring” with Microsoftwhile billionaire SpaceX CEO Elon Musk has warned millions of followers on X to ditch the feature– all this despite Recall not actually being available on Windows 11 PCs yet.
Recall is one of several artificial intelligence (AI) features coming exclusively to Copilot+ PCs. These devices, including the all-new Surface Laptop 7 from Microsoft, require a special Neural Processing Unit (NPU) to perform AI tasks. Samsung, Dell and Asus, among others, have all promised to launch Copilot+ PCs.
But ahead of the launch of the first batch of Copilot+ PCs on June 18, cybersecurity expert Kevin Beaumont has noted a number of potential flaws in the Recall feature. Considering that Beaumont worked for Microsoft, he is in a good position to comment on this upcoming AI feature.
Recall is the main feature of this range of Copilot+ PCs, allowing you to scroll back through everything that happened on your Windows 11 machine and jump back in time with one click. Everything is searchable because AI has searched the images and text on the device
MICROSOFT PRESS OFFICE
After a week of testing, Kevin Beaumont discovered that Recall stores plain text data in a database. Without encryption, it could become trivial for a hacker to extract data from it everything that you have done on your PC.
“Screenshots are taken every few seconds. These are automatically OCRed by Azure AI, running on your device, and written to a SQLite database in the user directory,” explains Kevin Beaumont. in a long blog post criticism of the position.
“This database file contains a record of everything you’ve ever viewed on your PC, in plain text.”
OCR – Optical Character Recognition – is the practice of digitizing images from typed, handwritten, or printed text. Microsoft will use AI to transcribe the text of web pages, Word documents, PDFs, handwritten notes and anything else that appears on the screen on your PC, so that everything is directly searchable.
For example, if you know you looked at flights to Spain in the last month, you can search for the destination to find the exact web page. With a single click, Windows 11 calls up the document, image, video, or web page and picks up where you left off. You can also scroll back in time through the screenshots, which are taken hundreds of times an hour and can be kept for months at a time.
Yusuf Mehdi, Chief Marketing Officer at Microsoft, described how Recall works a company blog: “We wanted to solve one of the most frustrating problems we encounter every day: finding something we know we’ve seen before on our PC. Today we have to remember which file folder it was saved in, which website it was on, or scroll by trying to find it through hundreds of emails. With Recall you can now access virtually everything you’ve seen or done on your PC in a way that feels like photographic memory.
But cybersecurity expert Kevin Beaumont has labeled the feature a “disaster,” warning that “stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code.”
As a proof of concept, Beaumont claims to have “performed automatic exfiltration and created a website where you can upload a database and search it instantly” so that anyone can search the entire history of everything seen on screen via the Recall -function.
Microsoft told the media that a hacker cannot remotely exfiltrate the Copilot+ Recall activity.
Reality: How do you think hackers will exfiltrate this plain text database with everything the user has ever viewed on their PC? Very easy, I automated it.
HT detective pic.twitter.com/Njv2C9myxQ
— Kevin Beaumont (@GossiTheDog) May 30, 2024
“I’m deliberately withholding technical details until Microsoft releases the feature because I want to give them time to do something. I actually have a lot of stuff to show and think the broader cyber community will have a lot of fun with this if they are generally available .. but I also think that is very sad, because there will be real damage,” the ex-Microsoft employee has written in the detailed blog post about the shortcomings.
Recall is enabled by default on all Copilot+ PCs, but can be disabled at a later time in the settings. By default, no screenshots are taken when you use a private browsing mode, such as incognito mode in Google Chrome, Microsoft has reassured PC owners. You can also disable the feature per app.
Kevin Beaumont has advised Microsoft not to release Recall with the first batch of Copilot+ PCs this month, as it could damage customer confidence in the desktop operating system and its functionality. He writes: “In my opinion they should bring it back and rework it to be the feature it deserves to be and deliver it at a later date. They should also review the internal decision-making that led to this situation, as this kind of thing should not happen.
“Earlier this month, Microsoft’s CEO emailed all their employees saying:“When faced with the trade-off between security and another priority, your answer is clear: do security.” We’ll find out if he was serious about that email.
“They need to eat a humble pie and take the hit now or risk customer trust in their Copilot and security brands. Frankly, few if any customers will cry because Recall isn’t immediately available – but they areI’m definitely going to be very concerned if Microsoft’s response is to do nothing, ship the product, tinker a little, or try to fix the problem in the media.”
Recall is one of a number of features that will only appear on Windows 11 devices designated as Copilot+ PCs that feature a chipset with an NPU to handle all artificial intelligence tasks
MICROSOFT PRESS OFFICE
Several other privacy activists also responded strongly to Recall’s announcement.
“This could be a privacy nightmare,” Dr. Kris Shrishak, an AI and privacy consultant, told the BBC. “The mere fact that screenshots are taken while using the device can have a chilling effect on people.”
Jen Caltrider, program director for the *Privacy Not Included team at Mozilla, has warned that Recall would give anyone with access to your laptop or desktop PC access to a wealth of personal information because it contains a categorized list of recent activities. .
Caltrider warned: “[This includes] court orders from law enforcement agencies, or even from Microsoft if they change their mind about keeping all this content local and not using it for targeted advertising or training their AIs in the future.”
Microsoft says Recall will not censor or erase information from captured screenshots, even if passwords or bank account information is visible on the screen.
In a blog post about the new functionality that will be added the new Surface Laptop next monthwrote the US company: “Recall uses your personal semantic index, which is built and stored entirely on your device. Your snapshots are yours; they remain local to your PC. You can delete individual snapshots, adjust time ranges and delete them in Settings , or Pause at any time from the notification area icon on your taskbar.
“You can also ensure that apps and websites are never saved. You always have control over the privacy you can trust.”
Recall and some other AI features will be exclusive to Windows 11 on so-called Copilot+ PCs, including the newly announced Surface Laptop 7th Edition, pictured above MICROSOFT PRESS OFFICE
But Jake Moore, global cybersecurity consultant at software security company ESET, said creating and storing more private data through this feature could be an attractive prospect for cybercriminals.
“Enabling a feature that has the ability to capture screen data not only provides even more data to the company behind the software, but also opens up a new avenue for criminals to attack,” he said.
LATEST DEVELOPMENTS
“While this feature is not enabled by default, users should note that content may be analyzed by AI algorithms for a better experience.
“While it may deliver better results, a balance must be maintained between functionality and privacy and therefore users should remain aware of the potential risks if sensitive data is ever compromised. Creating and storing more private data seems unnecessary when cybercriminals are constantly looking for a particular vulnerability to exploit.”