Security Flaw in Windows’ New Recall AI Exposed: Hacker Tool Can Extract User Data Unencrypted

To look over this article again, go to My Profile, and then click on View saved stories.

By Matt Burgess

This Software Breaks Into the Information Gathered by Windows' Latest Recall AI

During the unveiling of the latest Windows AI feature, which can provide insights into your internet navigation and computer usage, Microsoft's CEO, Satya Nadella, highlighted its remarkable ability to keep data on your laptop. The Windows Recall function captures and stores images of your actions on the computer every five seconds. However, cybersecurity specialists are raising concerns that this information might not remain secure on your device indefinitely.

A fortnight before the scheduled release of Recall on the latest Copilot+ computers on June 18, cybersecurity experts have shown that early versions of the software keep screenshots in a database that lacks encryption. According to the experts, this information is vulnerable to theft by cybercriminals. Highlighting the potential misuse of Recall by malicious actors, Alex Hagenah, a professional in cybersecurity and ethical hacking, has unveiled a demonstration tool capable of retrieving and showcasing all the data captured by Recall on a notebook computer.

Named TotalRecall—inspired by the 1990 science fiction movie—the software is designed to extract all the data that Recall compiles into its primary database on a Windows computer. "The database doesn't use encryption. It's entirely in plain text," Hagenah mentions. Since Microsoft announced Recall in the middle of May, cybersecurity experts have often likened it to surveillance or tracking software that monitors every action on your device. "Essentially, it's a new version of a Trojan, built-in," Hagenah remarks, noting that he developed TotalRecall—which he plans to share on GitHub—to demonstrate its capabilities and to push Microsoft to implement changes before the official rollout of Recall.

Last month, during a presentation for their Surface laptop, the company introduced a new feature called Recall. This feature operates by constantly capturing images of the user's PC screen activities. Recall's purpose is to enable users to "re-access" their past activities on their computer, such as websites browsed or messages received, through searches using conversational language. According to Microsoft, Recall can be particularly useful for finding online recipes again when you can't remember the specific websites you viewed them on.

According to Hagenah, TotalRecall is designed to effortlessly locate the Recall database on any laptop, subsequently duplicating the file and decoding all contained information. Although Microsoft's upcoming Copilot+ computers have not yet been released, it's feasible to access Recall through simulating a model of these devices. "The process is completely automated," he notes. The system also offers the capability to narrow down the data retrieval to a certain period, such as data from a particular week or day. For instance, retrieving a single day's worth of screenshots from Recall, which utilizes an SQLite database for storage, takes no more than two seconds, Hagenah points out.

The database encompasses screen captures of the user's desktop content, which could be a treasure trove for cybercriminals or domestic abusers who might gain physical access to the victim’s computer. This includes screenshots of conversations from encrypted messaging services like Signal and WhatsApp, which are saved even if the messages are set to disappear. It logs details of web pages visited and all text appearing on the computer screen. After TotalRecall is installed, it compiles an overview of the collected data, and users can also look up particular keywords within the database.

Authored by Joseph

Authored by Matt

Authored by Marah Eakin

**Authored by Morgan Me

Hagenah highlights that an assailant has the potential to acquire an extensive range of data on their victim, encompassing details about their email exchanges, intimate discussions, and all confidential data that Recall manages to gather.

Hagenah's research expands upon insights from Kevin Beaumont, a cybersecurity expert, who has extensively documented the amount of data collected by Recall and the simplicity of its extraction. Beaumont has also developed an online platform that enables the immediate search of uploaded Recall databases, although he has postponed its launch to give Microsoft an opportunity to possibly alter the system. He highlights the longstanding issue of InfoStealer trojans, which have been compromising usernames and passwords for more than ten years, noting that these could be readily adapted to exploit Recall, according to Beaumont's analysis.

Critique has arisen following breaches in US government data due to intrusions into Microsoft's networks; Nadella has emphasized that enhancing security ought to be Microsoft's foremost concern. By the publication deadline, Microsoft had not replied to WIRED's inquiry regarding the security aspects of Recall.

The privacy information for Recall indicates that users have the option to stop screenshots from being saved (essentially deactivating Recall), temporarily halt the system, select specific applications for screenshot capture, and erase collected data whenever they choose. Recall operates directly on the user's laptop, keeping all captured data on the machine without transmitting any of it to Microsoft's servers. According to Hagenah, this assertion seems accurate, as there's no evidence to suggest any data is being transferred to Microsoft.

Microsoft acknowledges the potential privacy and security concerns associated with Recall, as indicated on its support pages. The company explains that the system doesn't filter or moderate the content of the images it stores. According to Microsoft's documentation, this implies that sensitive data, like passwords or bank account details, won't be concealed. Security experts have successfully retrieved passwords from Recall, confirming these vulnerabilities.

The primary database of Recall is housed within the system directory of a laptop, requiring administrator permissions for entry. However, the existence of privilege escalation attacks for a long duration suggests that, in theory, it could be feasible for an attacker to remotely achieve initial entry into a device.

Hagenah mentions that when employers allow staff to use their personal devices for work, there's a chance that an employee might depart with a significant amount of company information stored on their personal computers. This risk is especially high if the employee is unhappy or exits the company under unfavorable conditions, he notes. The Information Commissioner’s Office in the UK has requested additional information from Microsoft regarding Recall and its implications for privacy.

Beaumont suggests in his analysis that despite being in the "preview" phase and subject to alterations as indicated by Microsoft's fine print, Recall needs to be withdrawn and revamped to reach its full potential, to be reintroduced at a later time. He further emphasizes the need for Microsoft to reassess the internal processes that resulted in this predicament, asserting that such issues should be avoided.

Recommended for You…

Direct to your email: Dive into the future with Will Knight's Fast Forward, focusing on AI breakthroughs.

Welcome to the nightmare world of automated advertising

What is the required number of electric vehicle charging points to supplant fuel stations in the USA?

A charitable organization attempted to reform the technology industry's culture but ended up losing grip on its own operations.

Eternal Sunshine: Discover the Perfect Shades for Any Journey

Dhruv Mehrotra

Name Altered:

Matthew Burgess

Reece Rogers

Name:

J

Hannah Singleton

Justin Ling

N/A

Additional Content from WIRED

Insights and Manuals

© 2024 Condé Nast. All rights reserved. Purchases made through our website may result in WIRED receiving a commission due to our Affiliate Partnerships with various retailers. Reproduction, distribution, transmission, storage, or any form of utilization of the content on this website is strictly prohibited without the explicit written consent of Condé Nast. Ad Choices

Choose a global website