Security Researcher Calls Windows 11 AI 'Recall' Screenshotting Feature a Disaster [Updated]

I think the Copilot+ feature may end up being turned off by default in the final release, or at least easily disabled. There are still too many concerns about just how much of the data in Copilot+ is sent back directly to Microsoft specifically.
 
I think the Copilot+ feature may end up being turned off by default in the final release, or at least easily disabled. There are still too many concerns about just how much of the data in Copilot+ is sent back directly to Microsoft specifically.
They’ve already said you can disable it yourself I’m pretty sure, as well as the fact that nothing is sent back and is all kept locally.

I also don’t see how much of a security issue it is since this requires admin rights to have access to anything, people should never be using default admin accounts on a computer, and there obviously needs to be local access to the machine or someone hacked into your network which people have to a of security options to protect themselves.

I find this whole thing to be quite exaggerated, and we are still in prerelease.
 
This is one of the most egregious things I've ever seen a company do

I'm pretty sure the whole reason for this feature is to spy on users and gather their data for AI training, which is bad enough. But the huge security problems are beyond belief

They’ve already said you can disable it yourself I’m pretty sure, as well as the fact that nothing is sent back and is all kept locally.
Yeah, that's the problem
I also don’t see how much of a security issue it is since this requires admin rights to have access to anything, people should never be using default admin accounts on a computer, and there obviously needs to be local access to the machine or someone hacked into your network which people have to a of security options to protect themselves.
Most people use admin accounts, according to Microsoft. That's not going to change anytime soon, especially for the kind of person that isn't aware enough of security issues to turn off this feature

People get hacked all the time. It happens. There's no reason to open an extremely vulnerable attack vector and then on top of it save all the data in plaintext that can easily be compromised
 
Last edited:
I'm pretty sure the whole reason for this feature is to spy on users and gather their data for AI training, which is bad enough. But the huge security problems are beyond belief

Microsoft has stated that this feature runs entirely on-device. Nothing gets uploaded anywhere.

Most people use admin accounts, according to Microsoft. That's not going to change anytime soon, especially for the kind of person that isn't aware enough of security issues to turn off this feature

The user would need to deliberately grant admin rights to the malicious program. it is not on Microsoft to prevent users from running (and elevating!) potentially malicious software.
 
There are steps to have this occur. With all due respect to the people trying to explain this, there is a missed explanation of how hackers can get in. You have to give them control literally. Most times people never get to that point.
The hackers get in the same way they do now: by tricking people. Every report of ransomware taking down a company is due to someone installing something they shouldn't have, and software that absconds with the Recall database will get in the same way.
 
The hackers get in the same way they do now: by tricking people. Every report of ransomware taking down a company is due to someone installing something they shouldn't have, and software that absconds with the Recall database will get in the same way.
Again, I do understand, that "tricking people" is the flash word, isn't it? You need to give permission and or turn it on. People like myself don't even use it. Being gullible about what you are stressing about how this hack works; is what we hope people are not doing to have this happen. Nobody is Infallible and can be involved in a Hideous attack. People who post PSAs on these by people who just want to cause tension (look at all the remarks people post on this thread) Some have some Validity others just dislike/bias remarks. Fine to each their own. If users take risks excess sites are at risk of being hacked etc. Taking your private information with little regard to its safe existence. Have a Great Day
 
The idea to have a keylogger/screen recorder with OCR running ALL THE TIME and permanently on my PC, to save everything I do, is absolutely wild. How can anyone NOT see the security nightmare this will become at some point. Holy ****
 
I'm not sure how real the SSD lifespan thing is. It's the manufacturer warranty everyone refers to. My M1 Mac is at petabytes written already and it's a 256GB model. Been running with 0 issues so far and 0 "Media and Data Integrity Errors". Yes I should've gotten more RAM but I didn't want to wait for it (16GB was custom config at that time). These things are a lot more durable than everybody thought. I read that 256GB should be fine for about 256TB written to it but at this point I've done 6 times that and it's just fine. Of course everything is backed up just in case, but everyone should be doing that anyway.
Sometimes more RAM doesn’t help. I recently ran into a Patreon bug where my 192GB Mac Studio was in red memory pressure and had hundreds of gigabytes written to swap. Just for a couple of Patreon pages! Nothing else on the system was running. I ran into this bug many times but just recently noticed the memory impact. I now have total a few dozen terabytes written just due to this bug. The web is a giant mess these days.
 
The hackers get in the same way they do now: by tricking people.

It should not be on Microsoft to shelter the people that would, metaphorically speaking, be lured to walk off the edge of a cliff. Whenever they make an effort to do so they are vilified anyways, anyone remember Windows 10 S Mode?

Every report of ransomware taking down a company is due to someone installing something they shouldn't have, and software that absconds with the Recall database will get in the same way.

If malware gets admin privileges, it already effectively gains full control of the machine, including access to passwords, payment methods, etc. This is regardless of the existence of Recall.

And the important bit: Recall can be disabled. By users, the organization administrator, etc. Better yet - it won't even be available on systems lacking an NPU.
 
The idea to have a keylogger/screen recorder with OCR running ALL THE TIME and permanently on my PC, to save everything I do, is absolutely wild. How can anyone NOT see the security nightmare this will become at some point. Holy ****

But what about the future! Technology! Look how efficient I am! Stonks! Advancement! Increased capital efficiency!!! More soap with co-pilot we become more efficient so we can make more soap because it tells me how to make more soap! I can fire everyone and hire AI to make all the soap so we can be free to fight each other under the garage every night!

1717605131715.jpeg
 
I think a fair compromise would be "optional during setup," yeah? If turned on, it'll download the necessary models from Windows Update.

See Charlie Stross post above. Apple has been doing AI better by making it useful and taking careful steps. Like the iPod and iPhone they don’t need to be the first. They just need to make something useful and clean.
 
See Charlie Stross post above. Apple has been doing AI better by making it useful and taking careful steps. Like the iPod and iPhone they don’t need to be the first. They just need to make something useful and clean.

I'm in the middle of it and found this bit humorous.

Now, "unencrypted" is relative; the database is stored on a filesystem which should be encrypted using Microsoft's BitLocker. But anyone with credentials for your Microsoft account can decrypt it and poke around. Indeed, anyone with access to your PC, unlocked, has your entire world at their fingertips.

Imagine that. Someone with your computer password has access to the entire computer! What's next, someone with my keys can get into my house? Scandalous!

And it turns out that Microsoft is pushing this feature into the latest update of Windows 11 for all compatible hardware and making it impossible to remove or disable, because that tactic has worked so well for them in the past at driving the uptake of new technologies that Microsoft wanted its ~~customers~~ victims to start using. Like, oh, Microsoft Internet Explorer back in 2001, and remember how well that worked out for them.

This is straight up untrue. Microsoft has stated that Recall can be disabled, they even provide instructions to do so.

Overall, I find their writeup to be reactionary to news articles instead of going to a primary source like Microsoft's release. Moreover, I would not be so quick to call Apple's OCR, Facial recognition and translation features "AI" when Apple themselves has called them Machine Learning until recently. That's splitting hairs, though.

Overall review; I strongly recommend checking out a primary source and forming your own opinions on the presented information.
 
I still retain windows machines for gaming and flexibility in case Apple pulled off a “recall” like feature. Whoops never mind Microsoft is like the villain that goes undercover for a while then re-emerges. Rejoining Amazon and now Google in a journey to put slime Facebook. But oh yes “Apple is a monopoly”. (Yes Apple does some dumb things but man. They’ve made Apple look so good with their recent AI push)
Hello, I do have a Windows tower but it is not even plugged in, haha!

Kept it just in case I needed to use Windows (like you), which I have not turned this thing on in at least five or six years.

Screw Windows, especially Windows 11!

Wonder if this will get people to switch to a Mac?

Linux and Ubuntu should see an increase as well.

:apple:
 
If malware gets admin privileges, it already effectively gains full control of the machine, including access to passwords, payment methods, etc. This is regardless of the existence of Recall.
True, but without Recall it "only" gets access to the current state of the machine, not its history as well.
 
True, but without Recall it "only" gets access to the current state of the machine, not its history as well.

It also gains access to passwords in Windows' password manager, payment methods in your browser, cookies, access to all your drives, etc.

Recall or not, you're cooked if a bad actor gains that much access to your machine.
 
I'm in the middle of it and found this bit humorous.



Imagine that. Someone with your computer password has access to the entire computer! What's next, someone with my keys can get into my house? Scandalous!



This is straight up untrue. Microsoft has stated that Recall can be disabled, they even provide instructions to do so.

Overall, I find their writeup to be reactionary to news articles instead of going to a primary source like Microsoft's release. Moreover, I would not be so quick to call Apple's OCR, Facial recognition and translation features "AI" when Apple themselves has called them Machine Learning until recently. That's splitting hairs, though.

Overall review; I strongly recommend checking out a primary source and forming your own opinions on the presented information.

Silence MS man. He’s entitled to a overall correct opinion without being super correct on every detail. If you’re going to act like you’re 100% correct every time you put thousands of words to the page you know you’re not.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Back
Top