The Dynamics of Windows Recall: What Do You Need to Know Before Using Your Windows Database? Share Your View with the Community on Facebook, Twitter and LinkedIn
“As we always do, we will continue to listen to and learn from our customers, including consumers, developers and enterprises, to evolve our experiences in ways that are meaningful to them,” says Davuluri “We will continue to build these new capabilities and experiences for our customers by prioritizing privacy, safety and security first. We remain grateful for the vibrant community of customers who continue to share their feedback with us.”
Microsoft revealed on Friday that it was changing its recall feature in a number of ways, including making it an opt-in feature in the Copilot+ compatible versions of Windows where it used to be turned on by default, as well as introducing new security measures.
Microsoft’s changes to the way the database is stored and accessed come after someone found out that the data in the database is in plain text. That could have made it easy for authors to create tools to extract the database’s contents. Several tools have been shown in recent days that promise to release recall data.
A memo issued by the Microsoft CEO just last month stated that security would be the company’s first priority. If you are faced with tradeoff between security and another priority, do security, according to the memo. In some cases, this may mean that we should prioritize security over other things, such as releasing new features or supporting legacy systems.
Recall is not Secure: No Protected nor Licensed to Access Recall Databases Without a Prescribed User Identifying You
Microsoft will also require Windows Hello to enable Recall, so you’ll either authenticate with your face, fingerprint, or using a PIN. “In addition, proof of presence is also required to view your timeline and search in Recall,” says Davuluri, so someone won’t be able to start searching through your timeline without authenticating first.
TotalRecall extracts the Recall database so you can easily view what text is stored and the screenshots that Microsoft’s feature has generated. NetExec appears to be getting its own Recall module soon that can access Recall folders and dump them so you can view the screenshots easily. There is no protection or security on the Recall database, which means that these tools can be used.
“It makes your security very fragile, more charitably than any of the other things that have been described,” said Dave Aitel, founder of security firm Immunity. “Anyone who penetrates your computer for even a second can get your whole history. Which is not something people want.”