Gearbest Tech
[ Gearbest Technology News]At a special event held at Microsoft's new campus in May, Microsoft launched a new Windows PC category that incorporates its AI assistant Copilot – Windows 11 AI PC designed specifically for AI experience. This new PC category introduces a breakthrough technology: Recall function. Microsoft has vigorously promoted this feature, which gives computers unprecedented “memory” capabilities, able to record and recall all user interactions.
But it turns out that the Recall feature can be a security nightmare for Windows users. Security expert Kevin Beaumont recently said that although Microsoft claims that Recall information cannot be remotely leaked, it can automatically generate a program that provides plain text data of all content viewed by the user.
Beaumont claims that Recall is “essentially an information-stealing program” that is included in Windows by default and will “set back cybersecurity by a decade by empowering cybercriminals.” With Recall, hackers are able to “grab everything you've ever seen in seconds,” and users should prepare for a “super-intrusion powered by artificial intelligence.”
Microsoft describes Recall as a feature that lets users “search across time to find what they're looking for.” Powered by artificial intelligence, Recall takes a snapshot every five seconds and stores the snapshot in the timeline when the content on the screen differs from the previous snapshot. The artificial intelligence software then uses OCR (image text recognition) to make the text in the snapshot searchable. Microsoft says the snapshots are stored locally and analyzed on the device, which should keep them safe, but the OCR data is stored in a SQLite database, which hackers can access using malware to compromise the PC.
Beaumont said the information-stealing Trojan can be “easily modified to support Recall” and can remotely access data for this function. Microsoft “tried to do a lot of things” to improve security, but ultimately “none of them really worked in the real world.” The database that a malicious actor could theoretically access contains everything a user sees, such as text messages and passwords, every user interaction, and all websites visited (except Microsoft Edge in private mode).
Beaumont has not yet shared the full technical details of how he automatically penetrated the Recall database and will wait until Recall is released because he wants to give Microsoft “time to do something.” Beaumont suggested that Microsoft temporarily remove the feature.
Copilot+ PC with Recall will be available on June 18th. As of now, Recall is on by default, but users can choose to disable it.
magicCubeFunc.write_ad(“dingcai_top_0”);
Login with Google