Windows AI Recall feature could be a security disaster

June 5, 2024

  • Windows will soon launch Recall, an AI-powered feature that screenshots your activity on your PC
  • The data is stored locally but experts say the lack of encryption makes it susceptible to cyber criminals
  • Screenshots of data like credit card information will be stored in plain text

Microsoft is preparing to launch its Recall feature which utilizes Windows Copilot Runtime to help you find anything you’ve seen on your PC. Experts say it could be a privacy and cybersecurity disaster.

The idea behind Recall is a good one. You remember seeing a good deal on a website but can’t quite remember which one, or which photo had you wearing your favorite hat.

No problem. Recall takes screenshots every few seconds as you use your PC and will help you find what you’re after if you simply describe it.

Do you find the idea of your operating system snapping away to remember all of your activity on your PC a little concerning? Microsoft says there’s no need to worry because none of Recall’s data is sent back to its servers. It all gets stored locally on your machine.

The problem is that it isn’t stored securely and security experts are saying this could make it extremely easy for cybercriminals to steal your sensitive data.

When Recall takes a snapshot of you entering your address, telephone number, or credit card details, it uses OCR (Optical Character Recognition) to extract and then store that data in plain text.

It’s not encrypted and is saved in a plain text database in the AppData folder that anyone with admin rights on the PC can access.

Security researcher Kevin Beaumont says that with Recall “Microsoft are going to deliberately set cybersecurity back a decade & endanger customers by empowering low level criminals.”

Beaumont has been testing Recall and demonstrated how easy it would be for someone to access your Recall data.

Surely Microsoft made it very difficult to access this data by securing the folder, right? Not so much. Beaumont shared a video showing Microsoft engineers simply opening the folder at a demonstration at the company’s Build event.

Beaumont says “Recall enables threat actors to automate scraping everything you’ve ever looked at within seconds.”

Explaining the severity of the situation he explained, “So prepare for AI powered super breaches. Currently, credential marketplaces exist where you can buy stolen passwords — soon, you will be able to buy stolen customer data from insurance companies etc as the entire code to do this has been preinstalled and enabled on Windows by Microsoft.”

There has been widespread backlash from privacy advocates and security professionals over this. We may even see Microsoft recall Recall before its release later this month.

Join The Future


Clear, concise, comprehensive. Get a grip on AI developments with DailyAI

Eugene van der Watt

Eugene comes from an electronic engineering background and loves all things tech. When he takes a break from consuming AI news you'll find him at the snooker table.


Stay Ahead with DailyAI

Sign up for our weekly newsletter and receive exclusive access to DailyAI's Latest eBook: 'Mastering AI Tools: Your 2024 Guide to Enhanced Productivity'.

*By subscribing to our newsletter you accept our Privacy Policy and our Terms and Conditions