The controversy surrounding the newly announced Windows 11 recall continues. Britain’s data protection watchdog already does confirmed that it is “inquiring” with Microsoftwhile billionaire SpaceX CEO Elon Musk warned millions of followers on X to leave the feature— all despite the fact that Recall isn’t available on any Windows 11 PC yet.
Recall is one of several artificial intelligence (AI) features coming exclusively to Copilot+ computers. These devices that include the brand new Surface Laptop 7 from Microsoft, require a dedicated neural processing unit (NPU) to handle AI tasks. Samsung, Dell and Asus, among others, have committed to bringing Copilot+ PCs to market.
However, ahead of the launch of the first batch of Copilot+ computers on June 18, cybersecurity expert Kevin Beaumont identified a number of potential flaws in the Recall feature. Having previously worked for Microsoft, Beaumont is well-placed to comment on this upcoming AI feature.
Recall is the main feature of this Copilot+ PC table, which allows you to go through everything that happened on your Windows 11 PC and jump back in time with a single click. Everything is searchable because the AI went through the images and text on the device
MICROSOFT PRESS OFFICE
After a week of testing, Kevin Beaumont discovered that Recall stores data in the database in plain text. Without encryption, it could be trivial for a hacker to extract the data all you did on your PC.
“Screenshots are taken every few seconds. These are automatically recognized by Azure AI, run on your device and written to an SQLite database in the user’s folder,” explained Kevin Beaumont. in a long blog post criticize the function.
“This database file contains a record of everything you’ve ever seen on your PC in plain text.”
OCR — Optical Character Recognition — is the process of digitizing images of written, handwritten, or printed text. Microsoft will use artificial intelligence to transcribe text from web pages, Word documents, PDFs, handwritten notes, and anything else displayed on your PC screen. all is instantly searchable.
For example, if you know you’ve been looking at flights to Spain in the last month – you can search for the destination and find the exact website. Windows 11 brings up a document, image, video or web page with a single click to pick up where you left off. You can also scroll back in time through screenshots that are taken hundreds of times every hour and can be stored for months.
Yusuf Mehdi, Microsoft’s chief marketing officer, described how Recall works corporate blog: “We set out to solve one of the most frustrating problems we face every day – finding something we know we’ve seen before on our PC. Today we have to remember in which file folder it was stored, on which website it was through hundreds of emails trying to find it Now with Recall you can virtually access what you’ve seen or done on your computer in a way that resembles a photographic memory.”
However, cyber security expert Kevin Beaumont called the feature a “disaster” and warned that “it’s now possible to steal everything you’ve ever typed or viewed on your own Windows PC with just two lines of code”.
As a proof of concept, Beaumont claims to have “automated exfiltration and created a website where you can upload a database and search it instantly”, so anyone can go through the complete history of everything on the screen using the Recall feature.
Microsoft told the media that a hacker could not remotely exfiltrate Copilot+ Recall activity.
Reality: how do you think hackers break into this plain text database of everything a user has ever viewed on their PC? Very simple, I have it automated.
HT Detective pic.twitter.com/Njv2C9myxQ
— Kevin Beaumont (@GossiTheDog) May 30, 2024
“I’m purposely holding back the technical details until Microsoft ships this feature because I want to give them time to do something. I actually have a lot to show and I think the wider cyber community will have so much fun with it when it’s generally available.” .. but I also think it’s really sad because there will be real damage,” the former Microsoft employee wrote in a detailed blog post about the flaws.
Calling is enabled by default on all Copilot+ computers, although it can be turned off later in the settings. By default, it won’t take screenshots whenever you’re using a private browsing mode like Google Chrome’s incognito mode, Microsoft assured PC owners. You can also disable the feature for individual applications.
Kevin Beaumont has advised Microsoft not to issue a recall with the first batch of Copilot+ PCs this month because it risks damaging customer confidence in the desktop operating system and features. He writes: “In my opinion — they should remember the recall and rework it to be the feature it deserves to be delivered later. They also need to review the internal decision-making that led to this situation, because this kind of thing shouldn’t happen .
“Earlier this month, Microsoft’s CEO sent an email to all of their employees“If you’re faced with a trade-off between security and another priority, your answer is clear: Do security.” We’ll find out if he was serious about that email.
“They need to eat a little bit of humble pie and just take it now, or risk customer trust in their Copilot and safety brands. Frankly, few if any customers will cry that Recall isn’t immediately available – but they arewill be absolutely seriously concerned if Microsoft’s response is to do nothing, ship product, do some digging, or try to clarify the issue in the media.”
Recall is one of many features that will only appear on Windows 11 devices labeled as Copilot+ PCs, which include a chipset with an NPU to handle all the AI tasks.
MICROSOFT PRESS OFFICE
Several other privacy activists also reacted strongly to the Recall announcement.
“This could be a privacy nightmare,” Dr Kris Shrishak, an AI and privacy consultant, told the BBC. “The mere fact that screenshots will be taken while using the device can have a chilling effect on people.”
Jen Caltrider, who serves as program director for Mozilla’s *Privacy Not Included team, warned that Recall would allow anyone with access to your laptop or desktop PC to treasure personal information because it contains a categorized list of recent activity. .
Caltrider warned: “[This includes] law enforcement orders or even from Microsoft if they change their minds about keeping all content local and not using it for targeted advertising or training their AIs.
Microsoft says that Recall will not censor or delete information from the screenshots it takes, even if passwords or bank account details are visible on the screen.
In a blog post about the new functionality that will arrive with a new Surface Laptop next monththe American company wrote: “Recall uses your personal semantic index, created and stored exclusively on your device. Your images are yours; they remain locally on your computer. You can delete individual images, edit and delete time ranges in Settings, or pause at any point directly from taskbar icons on the taskbar.
“You can also filter apps and websites so they’re never saved. You’re always in control of the privacy you can trust.”
Recall and a host of other AI features will be exclusive to Windows 11 running on so-called Copilot+ PCs, including the newly announced Surface Laptop 7th Edition, pictured above. MICROSOFT PRESS OFFICE
However, Jake Moore, global cybersecurity advisor at software security firm ESET, said creating and storing more private data through the feature could be a tempting prospect for cybercriminals.
“Enabling a feature that has the ability to capture data on the screen not only offers even more data to the company behind the software, but also opens up another avenue for criminals to attack,” he said.
THE LATEST DEVELOPMENT
“Although this feature is not turned on by default, users should note that it will allow any content to be analyzed by AI algorithms for a better experience.
“While this may yield better results, there is a balance to be struck between functionality and privacy, so users must be aware of the potential risks should sensitive data be compromised. Creating and storing more private data seems pointless when cybercriminals are constantly looking for any vulnerability they can exploit.”