When Microsoft CEO Satya Nadella revealed the new Windows AI tool that can answer questions about your web browsing and laptop use, he said one of the “magical” things about it was that the data doesn’t leave your laptop; the Windows Recall system takes screenshots of your activity every five seconds and saves them on the device. But security experts say that data may not stay there for long.
Two weeks ahead of Recall’s launch on new Copilot+ PCs on June 18, security researchers have demonstrated how preview versions of the tool store the screenshots in an unencrypted database. The researchers say the data could easily be hoovered up by an attacker. And now, in a warning about how Recall could be abused by criminal hackers, Alex Hagenah, a cybersecurity strategist and ethical hacker, has released a demo tool that can automatically extract and display everything Recall records on a laptop.
Dubbed TotalRecall—yes, after the 1990 sci-fi film—the tool can pull all the information that Recall saves into its main database on a Windows laptop. “The database is unencrypted. It’s all plain text,” Hagenah says. Since Microsoft revealed Recall in mid-May, security researchers have repeatedly compared it to spyware or stalkerware that can track everything you do on your device. “It’s a Trojan 2.0 really, built in,” Hagenah says, adding that he built TotalRecall—which he’s releasing on GitHub—in order to show what is possible and to encourage Microsoft to make changes before Recall fully launches.
You do have a point, but it does highlight why Microsoft’s framing is bad.
Microsoft is basing their approach to this on the concept that your MS account-secured local machine is itself secure, so whatever is in it is fine, because hey, your confidential work info is probably also in your hard drive and unencrypted, so if a bad actor can steal the pictures of it, then it can also steal the original document.
Which mostly is true, to be clear, but it fundamentally misunderstands how much juicier and easier of a target is a reliable, searchable database that logs all activity stored in a consistent location, as opposed to potentially having to extract everything up front. Plus, even if there are few guardrails to all data inside your system, there are some, as this will likely include info you may keep hidden, password-protected or encrypted both locally and remotely. There’s a reason my password manager asks for my credentials manually once every time I use it.