Last month, Microsoft introduced a new AI feature called “Recall” exclusively for its new Copilot+ PCs at its special event.
This feature promises to provide a “photographic memory” to your computer, enabling you to easily revisit any app or file you have worked with, sparking privacy concerns among users and experts.
Microsoft has responded with a page detailing how Recall operates but security researchers strongly disagree with the company’s statements.
According to a report by Neowin, cybersecurity expert Kevin Beaumont suggests that this feature makes stealing everything you viewed or typed on your computer very easy.
Experts sceptical of Microsofts new AI feature for Copilot+ PCs
Recall operates by capturing screenshots of your computer’s activities every few seconds. — Neowin
Beaumont claims that while Recall is an interesting feature, it requires “incredibly careful communication, cybersecurity, engineering, and implementation.”
But Recall allegedly has none of those.
According to Beaumont, even though the data processing and encryption occur solely on the device, the information is still vulnerable to hackers and malware.
While encryption can safeguard your data if the attacker doesn’t know your username and password, things change when hackers obtain your credentials using infostealers.
Recall operates by capturing screenshots of your computer’s activities every few seconds and uses optical character recognition (OCR) to convert the data into text.
It is then stored in a database in the user folder.
The report says that all the information is stored in plain text and no system rights are necessary to access it.