Revoke, the new photographic memory in Windows 11, is turning out to be a security nightmare for people. The report reveals that the new feature is based on artificial intelligence. has a serious flaw that exposes user data. Although the model runs locally on the computer, does not add any protection to the recorded information.
This was confirmed by Kevin Beaumont, a cybersecurity expert who found that The revocation history is stored in a text document.. Beaumont, who worked at Microsoft a few years ago, was able to run the feature on an ARM computer without an NPU to see how it worked. After running some security tests, a vulnerability was discovered that will allow a third party to access everything you did on your computer.
In his blog post, Beaumont details that Recall takes a screenshot of the screen every few seconds, running optical character recognition (OCR) using Azure AI. Information stored in a SQLite database in the user’s folder, which involves recording everything you saw on your computer. According to the expert, this database includes every piece of text you view, websites you visit, every interaction with software, including messages you send through WhatsApp, Signal or Teams.
From a security perspective, the database is only encrypted at rest, which protects it when someone physically steals your computer. File saved inside the Windows App Data folder and does not require administrator rights. to access it. Because data is decrypted when using Recall, an attacker could introduce a Trojan to collect your information without your knowledge.
To recap, it breaks Windows’ security promises.
Cybersecurity expert created a script that automates the process of extracting data and uploading it to the site to perform a search. The database weighs about 90 KB and can include several months’ worth of documents and software interactions, Beaumont said. The hacker could have modified the Trojan to adapt it to Recall and extract all your information before Microsoft Defender can prevent it.
The base may include bank details, passwords and other confidential information, since Recall does not block the capture of this content. Once extracted, they will be sold on the dark web to the highest bidder. “There are now credential marketplaces where you can buy stolen passwords; “You’ll soon be able to buy stolen customer data from insurance companies, etc., because Microsoft has pre-installed and included full code to do so in Windows.”
Kevin Beaumont added that is withholding technical details so that Microsoft can take action on the issue.. Following the discovery, the author attacked the company and accused it of lying to users about the dangers of Recall. This feature will be enabled by default during Copilot+ PC setup, leaving millions of people vulnerable.
“Many Windows users just want computers so they can play games, watch porn and live like people who make mistakes they don’t always want to remember,” he said. “The idea of other people with access to the device being able to see photographic memories is very scary for many Windows users. This is personal experience. It destroys that belief.”
Given concerns about your data privacy, Microsoft announced a few days ago that user can disable this feature. “We built privacy and security into Recall’s design from the very beginning. Your photos are stored securely only on your local device,” the company said.
Source: Hiper Textual
I am Garth Carter and I work at Gadget Onus. I have specialized in writing for the Hot News section, focusing on topics that are trending and highly relevant to readers. My passion is to present news stories accurately, in an engaging manner that captures the attention of my audience.
