Microsoft is on the verge of launching a controversial new feature called Recall. This AI-powered tool for Copilot Plus PCs, set for release on June 18th, has cybersecurity experts worried. They warn Recall could be a major security risk.

Related /

• Recall: the AI-powered time machine for your PC
• Microsoft announces Copilot Plus PCs with AI chips and GPT-4 support

How Ai-powered Recall feature works

Recall utilizes local AI to capture screenshots of everything you do on your PC. These screenshots are then searchable, allowing you to find anything you’ve seen on your computer in seconds. It even offers a visual timeline for easy exploration. Microsoft emphasizes that everything with Recall stays on your device, and no data is used to train their AI models on external servers.

Security concerns raised

Despite Microsoft’s assurances of a secure and encrypted experience, cybersecurity expert Kevin Beaumont identified potential security flaws. Beaumont, who previously worked for Microsoft, discovered that Recall stores data in an unencrypted, plain text database. This raises concerns that malware could easily exploit this vulnerability to steal the database and its contents.

“Every few seconds, screenshots are taken,” Beaumont explained in a detailed blog post. “These are turned into text using optical character recognition (OCR) by Azure AI running locally on your device. The resulting text is then stored in a plain text SQLite database within the user’s folder. This database essentially contains a record of everything you’ve ever done on your PC.”

Beaumont provided evidence on X (formerly Twitter), criticizing Microsoft for misleading media outlets about the possibility of hackers remotely stealing Recall data. While the database is stored locally, it’s accessible from the AppData folder for anyone with administrator privileges. Beaumont argues that the database can even be accessed by non-admins, a claim corroborated by two Microsoft engineers at a recent conference.

The primary concern is that Recall makes it much easier for malware and attackers to steal information. Malware already exists that targets PCs to steal login credentials and other sensitive data. “With Recall, attackers can automate the process of stealing everything you’ve ever looked at on your computer, all within seconds,” warns Beaumont.

Beaumont even went a step further, extracting his own Recall database and creating a website where users can upload their databases for instant search. However, he’s withholding technical details to give Microsoft time to address the security issues before the feature launches.

Privacy concerns and backlash

The announcement of Recall has been met with swift criticism. Privacy advocates have labeled it a potential “privacy nightmare,” and the UK’s Information Commissioner’s Office has begun investigating Microsoft’s use of this AI-powered feature.

Microsoft maintains that Recall is an optional feature with built-in privacy controls. Users can choose to exclude specific URLs and applications, and Recall won’t store any information protected by digital rights management (DRM) tools. Additionally, Microsoft clarifies that Recall doesn’t take screenshots during private browsing sessions in various web browsers.

However, a major concern remains: Recall doesn’t filter content, meaning it won’t hide sensitive information like passwords or financial account numbers captured in screenshots. “This data may be stored in the screenshots on your device, especially when websites don’t use proper security protocols like masking password entry fields,” warns Microsoft.

Noticeably absent from Microsoft’s explanation is how they plan to address the potential for malware to steal the Recall database. They emphasize that Recall data is stored on the local hard drive of Copilot Plus PCs and is protected using disk encryption and BitLocker (on Windows 11 Pro and enterprise versions).

Beaumont argues that disk encryption has limitations. “Encryption only works in specific situations,” he explains. “When you’re logged in and using your PC, the data needs to be decrypted for you to access it. Encryption at rest only protects your data if someone physically steals your laptop. That’s not how cybercriminals operate.”

The road ahead for Recall

Microsoft may be forced to rework, or even recall (pun intended), the Recall feature. The way data is stored has clear vulnerabilities that require immediate attention. Additionally, making Recall an opt-out feature raises concerns among privacy advocates. This launch comes just weeks after Microsoft CEO Satya Nadella stressed security as the company’s “top priority,” even if it means sacrificing new features.

“If you’re faced with the tradeoff between security and another priority, your answer is clear: Do security,” said Nadella. “In some cases, this will mean prioritizing security above other things we do, such as releasing new features or providing ongoing support for legacy systems.”

Whether Microsoft can address these concerns and ensure Recall lives up to its promises of security and privacy remains to be seen.