Windows AI’s Screenshot Feature Labeled a ‘Disaster’ for Security

 

In the last few months, Microsoft has been touting AI PCs. Additionally, Microsoft recently released a new feature for Windows 11 called "Recall" that is capable of taking a screenshot of everything users do and making all their actions searchable. Additionally, the company claimed that Copilot and Recall activity data would not be remotely accessible by threat actors. 

However, a security researcher by the name of Kevin Beaumont claims that the data is stored in a simple SQLite database that is stored in plain text. Windows's recall feature, which is currently in preview, captures a screen snapshot every few seconds and stores it locally. Even though it is intended to provide users with an easy way to search for and revisit past activities, there are serious security and privacy concerns surrounding the feature. 

As a result of this feature, which tracks every activity on a Windows computer to help users find things easily in the future using natural language, Microsoft is being called a hackable security catastrophe. An individual who is a white-hat hacker has already developed a tool that is capable of extracting sensitive data from Recall.

The tool is called TotalRecall, and it is available on GitHub right now. Recall uses local artificial intelligence models to capture everything users do and see on their computer, and then they can search for and retrieve anything they want in seconds, even if it is in a different place on their computer. Users can even navigate through a timeline that they can explore. 

In Recall, everything is kept private and local on the device, so no data is used to train Microsoft's artificial intelligence models. It has been revealed by cybersecurity expert Kevin Beaumont that Microsoft's Recall AI-powered feature has some potential security flaws, even though Microsoft has claimed that it will be a secure and encrypted experience. As Beaumont, who previously worked for Microsoft in 2020, has been testing out the Recall feature for the past week, he has learned that the data is stored as plain text in a database. 

If that were the case, someone could easily exploit malware to extract the database and its contents with the help of an attacker. A plain text database was shared by Beaumont as an example of how Recall activity cannot be exfiltrated remotely by a hacker. Beaumont said he was annoyed that Microsoft informed media outlets that this couldn't happen. 

There is a fear that Recall makes it easier for malware and attackers to steal information from a user's PC, as the database is stored locally on the user's computer, but it is accessible from their AppData folder if a user is an admin. Currently, InfoStealer trojans exist in the market to steal credentials and information from a PC. These types of malware are being distributed by hackers to steal and sell personal details about individuals. 

As a result of the Recall, threat actors are now able to produce automatic scrapes within seconds of every webpage a user has ever visited, says Beaumont. Using the information he has obtained from his Recall database, Beaumont has implemented many new features, such as uploading personal databases and searching them instantly. To give them time to do anything with the feature, I have intentionally withheld technical details until Microsoft ships the feature, he explains. 

It is currently being planned by Microsoft for Recall to be enabled by default on Copilot Plus computers shortly. The setup process of Windows 8 is reportedly being discussed by Microsoft to be changed. By uploading a database he created called Recall onto a website that allows users to upload databases and search through them, the security researcher demonstrated the same experience.  

As Microsoft is preparing for Windows 11 Recall to be enabled when setting up a Copilot Plus PC, it can pose a serious privacy concern for end users who are not aware of how it works in terms of how the service works. Microsoft is reported to be considering adding an option that will let users opt out of the feature during the setup phase, which will make it possible for users to opt-out, out instead of having to opt in to the feature. Besides security researchers, there has also been criticism of the feature by the UK Information Commissioner's Office, and the organization is planning to reach out to Microsoft to get further information.