Is Windows Recall secure? Hackers can get "everything you’ve ever looked at within seconds"

Reading time icon 2 min. read


Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

Key notes

  • Microsoft’s Copilot+ Recall takes screenshots of your screen, raising security concerns.
  • Hackers can steal months of your browsing history and keystrokes with Recall.
  • Microsoft may have misled users about how secure Recall really is.
  • Microsoft should delay Recall and improve security before releasing it.

Due to security concerns, Microsoft’s new feature, Copilot+ Recall, has been met with overwhelmingly negative feedback. Kevin Beaumont, a security expert, took a deeper dive into how worried you should be about the Recall feature and whether Microsoft is telling the truth regarding the fact that it can’t be hacked.

What is Copilot+ Recall?

Recall is a feature within Copilot+ PCs that captures screenshots of your computer screen every few seconds. This data is then converted to text (OCR) and stored in a database on your device. The idea is to allow users to easily search for information they’ve previously seen on their PC. However, Windows experts have made it work on other PCs where a dedicated NPU is unavailable after Microsoft announced that an NPU is necessary for Recall to work.

Here are the main security concerns addressed by Kevin Beaumont:

  • While Microsoft claims the data is processed locally, it can still be accessed by malware or unauthorized users with admin privileges. Traditional encryption methods only protect against physical theft, not software-based attacks.
  • The database containing your entire browsing history, application usage, and even keystrokes is vulnerable to exfiltration. Hackers could steal months of data within seconds.
  • Recall can scrape data from websites you visit, even if the website itself wasn’t breached. This creates a goldmine for attackers targeting specific user groups.

Microsoft has been accused of misleading users about Recall’s security, for instance, claiming it’s an “optional experience” when it’s enabled by default.

What Microsoft should do?

The author suggests Microsoft postpone the release of Recall, improve its security measures, and re-evaluate the internal decision-making process that led to this situation. Openly acknowledging the flaws and taking responsibility is crucial for regaining user trust.

Is it really this bad?

A lot of people don’t know much about computer safety, and there’s a lot of harmful software out there. This situation could lead to big problems because many of these security issues start with devices that get infected or hacked.

Overall, while the idea of Recall feels good to think about, its current implementation can cause a security risk. Microsoft needs to work on user safety and rebuild trust by taking decisive action before releasing this feature.

More here.

User forum

0 messages