Cybersecurity expert Kevin Beaumont says Windows 11’s new Recall tool is a real “security disaster.” The former Microsoft employee tried out the new feature last week and Serious breaches have been detected that could compromise the integrity of user data.

Beaumont overturned Recall’s behavior and discovered that all user activity is recorded in clear text, in a SQLite database, without any encryption. “This database file records everything you see on your computer in clear text,” he told X, his former Twitter name.

“Within a few seconds, screenshots of your screen are taken. These files are automatically analyzed by Azure AI optical character recognition (OCR), all on your computer, and saved to a SQLite database within the user’s folder,” explained Beaumont.

In the post, Beaumont showed that the files were saved locally to internal storage. They are traditionally located in the AppData folder, which is accessible only by the administrator. But, The expert claims that it is not necessary to have an account with administrative privileges to access the document.

This puts the integrity of user data at risk, making it easier for attackers and malware (e.g. Trojans) to try to steal information. It is worth remembering that screenshots do not include any content moderation, so they record credentials (usernames and passwords) and sensitive data without any discretion or protection.

“The recall allows malicious actors to automate data collection on everything you saw in the last few seconds,” Beaumont said.

high risks

HE A recall is basically an extremely deep history of your computer activity. The innovation was touted as a special benefit of Copilot Plus PCs, machines that can run artificial intelligence (AI) natively.

Right now, Windows already optionally records user activity via the “Activity History” function. The function records schedules, searches and other details to optimize subsequent queries; thus speeding up duplicate searches, ongoing unfinished projects, and more.

However, Recall takes a step further in this regard: the tool takes screenshots of the screen every few seconds and uses artificial intelligence to interpret recorded content. If the user wishes, he can revisit any moment of his activity on the computer.

However, the innovation was met with criticism. A recall has no protection against sensitive data being intercepted. The risk attached to the source has even attracted the attention of data protection authorities in the UK.

Right now, Recall available to testers only. The tool continues to be developed and, following criticism, may undergo a review before final release.

Source: Tec Mundo

Previous articleIf there’s a bird flu pandemic, we’ll have to turn a blind eye
Next article10 pieces on Yandex Market that attract attention. For example, a very important thing for posture
I am a passionate and hardworking journalist with an eye for detail. I specialize in the field of news reporting, and have been writing for Gadget Onus, a renowned online news site, since 2019. As the author of their Hot News section, I’m proud to be at the forefront of today’s headlines and current affairs.


Please enter your comment!
Please enter your name here