For those who aren’t aware, Microsoft have decided to bake essentially an infostealer into base Windows OS and enable by default.
From the Microsoft FAQ: “Note that Recall does not perform content moderation. It will not hide information such as passwords or financial account numbers."
Info is stored locally - but rather than something like Redline stealing your local browser password vault, now they can just steal the last 3 months of everything you’ve typed and viewed in one database.
I've written up my thoughts on the Copilot Recall feature in Microsoft Copilot+ PCs
I think it will enable fraud and endanger users, and is not the sign of a company who are committed to security first.
The UK’s ICO have opened an investigation into Copilot+ Recall. https://www.bbc.co.uk/news/articles/cpwwqp6nx14o
The ICO wants to know the safeguards around Recall, which can take screengrabs of your screen every few seconds.
Copilot+ Recall has been enabled by default globally in Microsoft Intune managed users, for businesses.
You need to enable DisableAIDataAnalysis to switch it off. https://learn.microsoft.com/en-us/windows/client-management/manage-recall
Here’s Copilot+ Recall search in action, showing instant text based search finding a WhatsApp chat and a PDF from 6 months ago being viewed on screen.
Two quick updates -
A) if you disallow recording of a website in Control Panel or GPO, in Chrome it is still recorded - disallow recording only works in Edge browser
B) Firefox and Tor Browser is recorded always, including in private mode - the exception is Hollywood DRM’d videos
I got ahold of the Copilot+ software.
Recall uses a bunch of services themed CAP - Core AI Platform. Enabled by default.
It spits constant screenshots (the product brands then “snapshots”, but they’re hooked screenshots) into the current user’s AppData as part of image storage.
The NPU processes them and extracts text, into a database file.
The database is SQLite, and you can access it as the user including programmatically. It 100% does not need physical access and can be stolen.
And if you didn’t believe me.. found this on TikTok.
There’s an MSFT employee in the background saying “I don’t know if the team is going to be very happy…”
They should probably be transparent about it, rather than telling BBC News you’d need to be physically at the PC to hack it (not true). Just a thought.
I ponder if Microsoft's engineers are following the SQLite code of ethics, since they're using it in Windows OS with Copilot+ Recall? :D https://sqlite.org/codeofethics.html
So the code underpinning Copilot+ Recall includes a whole bunch of Azure AI backend code, which has ended up in the Windows OS. It also has a ton of API hooks for user activity monitoring.
Apps themselves can also search and make themselves more searchable.
It opens a lot of attack surface.
The semantic search element is fun.
They really went all in with this and it will have profound negative implications for the safety of people who use Microsoft Windows.
If you want to know where tech companies are with AI safety, know Microsoft Recall won’t record screenshots of DRM’d movies..
..but will record screenshots of your financial records and WhatsApp messages, as corporate interests were prioritised over user safety.
And it’s enabled by default.
I’ve managed to get Recall working in full on a non-Copilot+ system, without an NPU. Will accelerate testing.
Copilot+ Recall feature pop quiz:
You deal with a sensitive matter on my Windows PC. E.g. an email you delete. Does Copilot Recall still store the deleted email?
Answer: yes. There's no feature to delete screenshots of things you delete while using your PC. You would have to remember to go and purge screenshots that Recall makes every few seconds.
If you or a friend use disappearing messages in WhatsApp, Signal etc, it is recorded regardless.
It comes up a lot as people are rightly confused, but if you wonder what problem Microsoft are trying to solve with Recall:
It isn't them being evil, it's business leaders who are middle aged and can't remember what they're doing driving decision making about which problems to solve.
A huge amount of business leaders are dudes who have no idea what the fuck is happening. This leads to the Recall feature.
Microsoft exists in and is driven by that bubble.
I asked Microsoft Copilot to write a song about Copilot+ Recall.
Managed to find out how BBC News printed in a headline story that it was not possible to steal Recall data without being physically at the device (which is false) - this is from the journalist:
Some screenshots of Recall's SQLite database here: https://mastodon.social/@detective/112513529733646088
Just to clarify, I can access it without SYSTEM too. Microsoft are about to set cybersecurity back a decade by empowering cyber criminals via poor AI safety. Feature ships in a few weeks.
Attached: 4 images Can confirm that Recall data is indeed stored in a SQLite3 database. The folder it's in is fully accessible only by SYSTEM and the Administrators group. Attempting to access it as a normal user yields the usual "You don't currently have permission" error. Here's how the database is laid out for those curious, figured you might appreciate a few screenshots.
The latest Risky Business episode on Recall is good, but one small correction - it doesn’t need SYSTEM rights.
Here’s a video of two MSFT employees gaining access to the Recall database folder - with SQLite database right there. Watch their hacking skills. (You don’t need to go this length as an attacker, either). Cc @riskybusiness
I’m not being hyperbolic when I say this is the dumbest cybersecurity move in a decade. Good luck to my parents safely using their PC.
Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.
My look at the feature, FAQs from the community etc
this is the out of box experience for Windows 11's new Recall feature on Copilot+ PCs. It's enabled by default during setup and you can't disable it directly here. There is an option to tick "open Settings after setup completes so I can manage my Recall preferences" instead.
HT @tomwarren
You allow BYOD so people can pick up webmail and such. It’s okay, because when they leave you revoke their access, and your MDM removes all business data from the machine ✅
What the employee does: opens Recall, searches their email, files etc and pastes the data elsewhere.
Nothing is removed from Recall, as it is a photographic memory of everything the former employee did.
Just in time for Copilot+ Recall!
Security and privacy researchers - You can now install Copilot+ Recall on any ARM hardware (doesn’t need an NPU) or in Azure VMs.
Guide from @detective
The devices launch THIS MONTH to customers so I suggest people look at this.
https://github.com/thebookisclosed/AmperageKit
One stop shop for enabling Recall in Windows 11 version 24H2 on unsupported devices - thebookisclosed/AmperageKit
Nvidia just announced that Copilot+ and Recall are coming to AMD systems. https://www.theverge.com/2024/6/2/24169568/microsoft-copilot-plus-gaming-pc-nvidia-amd
AI-powered Windows features are coming to gaming laptops.
Somebody made a tool called Total Recall to dump Recall database and screenshots. https://x.com/xaitax/status/1797349055917416457?s=46
Recent DHS published report handed to the US President which said it had "identified a series of Microsoft operational and strategic decisions that collectively pointed to a corporate culture that deprioritized enterprise security investments and rigorous risk management"
Microsoft: let’s use AI to screenshot everything users do every 5 seconds, OCR the screenshots, make it searchable and store it in AppData!
Searching Recall database for passwords with @awakecoding
🫡
If anybody is wondering if you can enable Recall on a machine remotely without Copilot+ hardware support - yep.
I’ve also found a way to disable the tray icon.
I went and looked at YouTube for Recall to get out of the echo chamber and I can only find one positive video. Even the people at the event are slating it, including people with media provided Copilot+ PCs.
There’s some content creators who’ve realised it records their credit cards, so they’re making videos of their cards going walkies.
It’s going to be interesting to see how Microsoft get out of this one. They may have contractual commitments to ship Recall with external parties.
I thought they were risking crashing the Copilot brand with this one, but I was wrong looking at the videos and comments on them - I think they’re crashing the Windows consumer brand.
The reaction to photographic memory of what people do at home has - you’ll be surprised to know - not been seen as a reason to buy a device, but a reason why not to.
Windows Central, about the only outlet giving Recall positive coverage and having articles tweeted by Microsoft staff - have updated their take after being hands on with a device. https://www.windowscentral.com/software-apps/windows-11/microsoft-should-recall-windows-recall-security-researcher-finds-microsofts-new-ai-tool-woefully-insecure
Microsoft has been declining to comment on criticism of Recall for a week - but they have apparently told a journalist off the record at Future that changes will be made before Copilot+ devices drop in the coming days.
This may include an attempt to invalidate researcher criticism, we’ll see.
WIRED has a piece about Total Recall, a now released tool which dumps keypresses, text and screenshots (they’re JPEGs) from Microsoft Recall
https://www.wired.com/story/total-recall-windows-recall-ai/
Total Recall software by @xaitax https://github.com/xaitax/TotalRecall
Example search for ‘password’:
🪟 Captured Windows: 133
📸 Images Taken: 36
🔍 Search results for 'password': 22
📄 Summary of the extraction is available in the file:
C:\Users\alex\Downloads\TotalRecall\2024-06-04-13-49_Recall_Extraction\TotalRecall.txt
Windows Recall takes a screenshot every five seconds. Cybersecurity researchers say the system is simple to abuse—and one ethical hacker has already built a tool to show how easy it really is.
I hadn’t been aware until today of the external reaction to Recall. Holy shit. Tim Apple must be pleased.
Everything from media coverage to YouTube to TikTok is largely negative. All the comments are negative.
These videos have tens of millions of views and hundreds of thousands of comments.
I knew it would be bad but.. it’s worse. I’ve spent hours looking at the sentiment and.. well, they probably would have got better coverage from launching an NFT of pregnant Clippy.
A key element of Recall is Microsoft say only you can access your Recall, it is per user.
ArsTechnica enabled Recall on Windows 11 box and tested the claim. By logging in as another user they could access the database and screenshots.
If you want to know how Microsoft have got themselves into this giant mess with Recall, here’s what the documentation says between the lines:
you, the customer, are a simpleton who doesn’t want to be an AI genius yet. Have a caveman mode.
Recall and Copilot+ is also coming to ASUS systems, including AMD, in a deal with Microsoft.
ASUS Announces Complete Portfolio of AI-Powered Copilot+ PCs https://www.asus.com/us/news/pnm9tg6qccql6ern/
Nvidia announced they are bringing Copilot+ and Recall to PCs, in a deal with Microsoft: https://www.theverge.com/2024/6/2/24169568/microsoft-copilot-plus-gaming-pc-nvidia-amd
Three Copilot+ Recall questions that keep coming up.
Q. Can you alter the Recall history?
A. Yes. You can change the OCR database and change the screenshots as the logged in user or as software running as the local user. There is no audit log of changes.
Q. Are they snapshots, as Microsoft says, or screenshots?
A. They are just screenshots, jpegs.
Q. What is to stop apps on your machine accessing your Recall covertly?
A. Nothing. There is no audit log of access.
.@awakecoding becomes the latest person reverse engineering Microsoft Recall https://x.com/awakecoding/status/1798168395583746216
If anybody is wondering what Microsoft's reaction to any of the Copilot+ Recall concerns are, they're continuing to decline comment to every media outlet.
I've seen comments MS staff have been given for enterprise customers, which are nonsense handwaving.
Product ships live on devices from Dell, Lenovo etc this month. https://x.com/zacbowden/status/1798221879741931847
As @tiraniddo rightly points out, anybody can programmatically reach the Recall database without admin rights. https://infosec.exchange/@tiraniddo/112566044174482506
TotalRecall has been updated to exfiltrate Recall database and screenshots without needing admin rights: https://github.com/xaitax/TotalRecall
This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots. - xaitax/TotalRecall
You can now remotely dump Recall data and screenshots over the internet from Linux etc. Changes in flight for parsing data too.
https://github.com/Pennyw0rth/NetExec/pull/335
YouTubers are continuing to have fun with Recall
Turns out speaking out works.
Microsoft are making significant changes to Recall, including making it specifically opt in, requiring Windows Hello face scanning to activate and use it, and actually encrypting the database.
There are obviously going to be devils in the details - potentially big ones.
Microsoft needs to commit to not trying to sneak users to enable it in the future, and it needs turning off by default in Group Policy and Intune for enterprise orgs.
https://www.theverge.com/2024/6/7/24173499/microsoft-windows-recall-response-security-concerns
Microsoft promises changes to Recall after security concerns.
Obviously, I recommend you do not enable Recall, and you tell your family not to enable it too.
It’s still labelled Preview, and I’ll believe it is encrypted when I see it.
There are obviously serious governance and security failures at Microsoft around how this played out that need to be investigated, and suggests they are not serious about AI safety.
Microsoft President Brad Smith is going to be grilled by US gov next week. https://therecord.media/microsoft-reverses-course-recall-opt-in
I should be transparent btw that I took Satya and Charlie’s commitment to security at face value too - I even published a blog on it backing that up - and I have concerns (it isn’t just me).
They’re now going to have to win trust back about winning trust back.
I know somebody at a retailer in Europe that is selling Copilot+ PCs. They’ve had fewer than a thousand preorders through to customers.
In relative terms, for them it’s about as successful as Suicide Squad Kill The Justice League.
A reminder that a few weeks ago at RSA, Microsoft signed CISA's Secure By Design pledge... and then shipped an enabled by design keylogger that OCRs your screen constantly into AppData.
Edit: I should say that's less a reflection on Microsoft and more a reflection on CISA's Secure By Design pledge.. it's a good idea, but the scope is extremely limited.
I think MS are a way off extracting themselves from Recall situation they've got themselves into.
This is just one YouTube comments section on a video since the not-enabled-by-default change - 500k views - but there's loads more, similar on TikTok.
I imagine it's going to continue through week and into next week when the laptops ship.
I have heard rumblings MS are discussing trying to take action against me over the whole thing, which a) good luck and b) would be pouring petrol on the flames.
Some backstory - it's being reported Microsoft developed Recall in secret to try to avoid scrutiny. https://www.windowscentral.com/software-apps/windows-11/microsoft-has-lost-trust-with-its-users-windows-recall-is-the-last-straw
I'm hearing that various MSFT people are furious about how this played out over the past few weeks, which IMHO represents a serious lack of introspection.
The world is up-in-arms over Windows Recall, but why? It stems from Microsoft's seeming lack of care for Windows and its users.
Microsoft have paused the rollout of Windows 11 24H2 in preview channel, it was the version containing Recall. Microsoft have not explained why.
https://x.com/brandonleblanc/status/1799478915582542199
I don't know if it was publicly known but it was possible to use Recall on more hardware via Mach2, before this was pulled.
To put this one into perspective, there's one broadcast TV network looking at Recall still, and an investigative journalist.
Plus I imagine @evacide, @wdormann etc would have something to say if MS tried holding anybody but themselves accountable for their own actions.
Cyber Threat Intelligence 2024 is going well
I have an image where when viewed on a Copilot+ Recall PC, a Windows process crashes as it tries to process the screenshot.
New email signature?
If anybody is wondering, with a Copilot+ PC, you can still programmatically access the Recall database as of today with a few commands. Launch is a few days away.
Microsoft’s President Brad Smith appears before US House Committee on Homeland Security tomorrow.
His testimony: https://homeland.house.gov/wp-content/uploads/2024/06/2024-06-13-HRG-Testimony-Smith.pdf
In this bit he talks about Recall (not named), where he pats himself and Microsoft on the back for “a feature change” and job well done.
Given it has been a complete cybersecurity and privacy car crash - and as of today the changes (plural) they’re referring to haven’t even been implemented - it seems like Microsoft fails to grasp customer needs: safety.
One other thing - Microsoft's written testimony to the US House says, quoting, bolded by MS:
"Before I say anything else, I think it’s especially important for me to say that Microsoft accepts responsibility for each and every one of the issues cited in the CSRB’s report. Without equivocation or hesitation. And without any sense of defensiveness."
Counterpoint: they publicly disputed the report in the media. https://www.theverge.com/2024/4/25/24139914/microsoft-cyber-security-incidents-trust-report
I should say that if Brad is asked about Recall tomorrow, the answers may raise some.. uh... eyebrows here.
I don't know what MS SLT have been told, but expect fun when the feature drops on consumer laptops in a few days.
As I mentioned in my blog, there is some more security hardening there on Copilot+ PCs (this was before MS put out their blog)... but it's still easily bypassable.
Nessus, a vulnerability scanning tool, detects Recall as an informational
Microsoft’s Recall puts the Biden administration’s cyber credibility on the line
https://cyberscoop.com/microsoft-recall-secure-by-design/
Interesting article. All through this, CISA and the DHS have declined to comment.
Why has the White House remained silent on the launch of a product that violates the spirit and letter of its flagship cybersecurity initiatives?
The Verge reports today that "Windows engineers are scrambling to get additional changes tested and ready for the release of Copilot+ PCs next week."
It also says "Recall was developed in secret at Microsoft, and it wasn’t even tested publicly with Windows Insiders."
I've also been told Microsoft security and privacy staff weren't provided Recall, as the feature wasn't made available broadly internally either.
https://www.theverge.com/2024/6/13/24177703/microsoft-xbox-game-showcase-windows-recall
Microsoft had an eventful week for gaming and Windows.
Microsoft President Brad Smith just testified to the US House that Recall is a good example of Secure By Design, and that they have the time to get it right (it’s supposed to launch in 3 working days).
Brad Smith just said Recall was designed to be disabled by default. That is not true. Microsoft’s own documentation said it would be enabled by default - they only backtracked after outcry.
He has somehow got almost every detail about Recall wrong while testifying.
I've been back and rewatched the Recall footage at the US House hearing and I just don't get it, Brad Smith representing Microsoft basically did this about Recall's security.. he had no challenge from the Senators as they didn't know any details.
I’m being told Microsoft are prepping to fully recall Recall. Another announcement is being prepped for tomorrow afternoon saying the feature will not ship on Copilot+ devices at launch as it is not secure.
Obviously, I’ll wait to see the announcement but it sounds like they’ve finally realised they need to take the time and get the feature right (and frankly consider the target audience - most home users, it ain’t).
They should have announced this before or during the US House hearing.
Announcement is out. Good on Microsoft for finally reaching a sane conclusion.
- Recall won’t ship as a feature at launch on Copilot+ PCs any more.
- Won’t be available in Insider preview channel at launch, as it was pulled.
When it does appear in preview channels, privacy and security researchers need to keep a close eye on what Microsoft are doing with the feature.
Microsoft tried developing this feature in secret in a way which tried to avoid scrutiny. Thank you to everyone who stood up.
If anybody is wondering, Microsoft moved the announcement up as I scooped them 🤣
Thank you to everyone who helped out with this one, there was no way something that constantly OCR’d the screen being implemented so poorly was acceptable but Microsoft really, really dug their heels in.
Photographic memory of everything you’ve ever done on a computer has to be entirely optional, with risks explained and be done right.. or not at all. Accountability matters.
Microsoft, be better.
If anybody wonders if Recall classifies what porn you watch, yes. Aside from OCRing text it also classifies images in videos.
9 minute 50 second mark in this, screen is blurred for obvious reasons.
https://youtu.be/2GTI00pFcLc?si=EiBEaJ7Lh66fqRff
Here’s the clip translated around adult content with Microsoft Recall.
They filter search terms in English like nude - but don’t filter it in other languages.
Everything you view - including in videos - is classified and stored in the database regardless.
This is pretty good - detecting Microsoft Recall misuse for data exfil. https://youtu.be/SV9-dn-5uEY?si=jVz9sC4A2wKxeiBt
I tested this against the latest release of Recall and both TotalRecall and these detections still work.
Obviously Recall may well alter before it hits Insider preview channel, nobody needs to rush out detections yet.
Btw all through this saga, Microsoft Defender never triggered Recall specific alerts for me. Sophos did.
Nail on head.
Apple on Microsoft Recall.
Windows 11 24H2 preview release has been rereleased (but only for Copilot+ devices). It doesn’t include Recall any more.
Additionally the Copilot+ PCs now have an update which enables the other AI features. This wasn’t available until a few hours ago, hence the lack of unsupervised reviews of the devices. It means you will see those reviews drop after the devices launch tomorrow.
There’s a website which gives some insight into how the UI and marketing push for Copilot+ Recall came together. The actual video appears to have gone MIA.
https://www.iamp.at/work/introducing-recall
.@JohnHammond’s video on Recall is great, and a lot of fun - should also stop history being rewritten on this one later.
I got ahold of what I think is the latest Microsoft Recall (Copilot+ Recall? Nobody knows the branding) build and.. well.. Total Recall still works with the smallest of tweaks to export the database, it's still accessible as a plaintext database with marketing as the security layer.
Another observation, the Recall backlog must be very large as it's just becoming a truck load of features being dumped on.
One thing MS needs to fix in Recall, before the Insider canary build hits again, is the MSRC bug bounty.
As far as I can see, if you find a critical or high in Recall it qualifies for *drumroll* $1k bounty, unless I'm misinformed.
That probably needs clarifying as nobody is going to sell photographic memory access to Windows devices to MS for that value - it's way more valuable elsewhere.
Linus Tech Tips on Copilot+ and Recall, after their embargo lifted. https://youtu.be/w5h_1Buf54I
Microsoft have started running paid adverts for Recall, apparently unaware the feature didn’t ship. https://www.tomshardware.com/software/windows/new-microsoft-ads-tout-unavailable-recall-feature-dont-mention-it-was-indefinitely-delayed-due-to-privacy-concerns
Something about Recall which I don’t think got enough (any?) coverage is it was marketed by Satya as using the NPU.. but it didn’t.
Should Microsoft Recall ever reappear I plan to keep checking how secure it is, because the next evolution of security cannot be Microsoft pouring petrol onto the infostealer fire.
Infostealer malware is swiping millions of passwords, cookies, and search histories. It’s a gold mine for hackers—and a disaster for anyone who becomes a target.
https://www.wired.com/story/infostealer-malware-password-theft/
Infostealer malware is swiping millions of passwords, cookies, and search histories. It’s a gold mine for hackers—and a disaster for anyone who becomes a target.
XDA Developers, who were a good source of behind the scenes info during the Microsoft Recall saga, are saying Microsoft have kicked Recall into the long grass and they think it may never launch. https://www.xda-developers.com/thread/microsoft-wants-you-to-forget-about-copilot-recall-it-seems/
It’s been almost two months since Microsoft said it would launch for Insiders in “weeks” instead.
Microsoft now say Recall will available for Insider testing in October on select Copilot+ PCs.
As a community we’ll need to test the security implications out extensively.
Due to hardware requirements this will obviously be a problem, unless we can hack it to install on non-NPU systems again - I don’t know if that has been ‘fixed’ or not.
https://www.theverge.com/2024/8/21/24225439/microsoft-recall-windows-ai-feature-october-testing
Windows Insiders won’t get access until October.
The Microsoft Recall saga continues - Microsoft accidentally introduced the ability to uninstall it. They say this was an error and you won’t be able to uninstall it in the future. https://www.theverge.com/2024/9/2/24233992/microsoft-recall-windows-11-uninstall-feature-bug
Recall is back.
Overall the planned changes here are much more robust.
Some of the things are boomerangs - eg they said it wasn’t uninstallable weeks ago, but it is now. Also they said it wasn’t developed under Secure Future Initiative a few months ago.. but now say it was originally under SFI.
The proof is in the pudding obviously so hands on tests will be required. They’ve locked it to Copilot+ PC systems now, which will limit research.
Microsoft gives Windows Recall users more control.
Microsoft need to go back and fix this if true, as Explorer shouldn’t be tied to Copilot and Recall. https://news.itsfoss.com/microsoft-windows-recall/
This is what some users have spotted and I am not surprised.
Microsoft have recalled Recall again.
It still hasn't even made it to Insider preview yet, that's been delayed too, now in December.
Good, by the way. They should take the time to get it right. I still don't know what they were thinking when they had the CEO stand on stage and say it was launching on devices 6 months ago and would be fully secure, when they hadn't even done a basic security review of it.
https://www.theverge.com/2024/10/31/24284572/microsoft-recall-delay-december-windows-insider-testing
Microsoft needs more time to work on Recall.
I'd be surprised if it is released in December btw, as Redmond is a ghost town in the office from basically now until mid January.
I guess a cynical version is they're trying to rush out the Insider preview during Christmas so nobody actually reviews it.. but, well, I don't think that would happen as it'd be another own goal. It probably needs 6 months in Insider release with a bug bounty, to avoid exploits dropping like Joker 2 at the box office on release.
In a newly released blog entitled "Windows: AI-powered, cloud-enabled, and secure", Microsoft say the business versions of Windows will ship with Recall disabled by default - IT departments will have to enable the feature before it is available.
This is a smart move and frankly it was incredible that the original idea was to ship this enabled by default in business - it was never, ever going to fly and hopefully Microsoft is rightly humbled by the experience.
Microsoft are getting positive press for calling Recall “one of the most secure experiences it has built”.
I’d point out - they haven’t provided a Preview build to Insiders still, and there’s been no externally provided build (outside of NDA), so nobody has been able to assess the security and talk about it. There’s no specific bug bounty for it either.
When they first announced Recall, they called it totally secure - which was laughably inaccurate. It feels like a lot of premature high fiving
Microsoft Recall is now available for testing.
https://www.theregister.com/2024/11/22/microsoft_recall_release/
It’s only available on Qualcomm Snapdragon-powered Copilot+ PCs. My feeling is we’re probably going to want to hook one up to the internet and hack RDP for unlimited sessions, to allow research - I’ll look into it.
I’ve been told Recall is eligible for bug bounty as part of the Insider programme. I think the process is supposed to be sandboxed so in theory (my reading) the payout limit should be $20k.
: Like its AI, this automated screenshotter and logger is a feature not exactly everyone wanted
Microsoft are rolling out Recall to users in Windows Insider (testing) before a wider rollout to all compatible systems.
It's definitely one to watch (and yes, I am) from a security point of view.
https://www.bbc.co.uk/news/articles/cj3xjrj7v78o
Recall had been dubbed a "privacy nightmare" but has made changes since its original launch was pulled.
I've took a look at the past year of work Microsoft has done on Recall, which is due to roll out to compatible Windows devices soon
tl;dr it's much better from a security and privacy point of view. My partner managed to hack my Recall memory in 5 minutes to browse prior Signal discussions, by guessing my Windows Hello PIN.
There's a bunch of risks people who enable it need to understand.
I think the following groups should probably not enable Microsoft Recall
Ars Technica have a good look at Recall too https://arstechnica.com/gadgets/2025/04/in-depth-with-windows-11-recall-and-what-microsoft-has-and-hasnt-fixed/
Original botched launch still haunts new version of data-scraping AI feature.
One other Microsoft Recall observation, it records Citrix client sessions, even with anti-screen capture enabled.
Microsoft have announced, in a Friday night blog post, they are rolling out Copilot+ Recall to all compatible devices over the next month. https://blogs.windows.com/windowsexperience/2025/04/25/copilot-pcs-are-the-most-performant-windows-pcs-ever-built-now-with-more-ai-features-that-empower-you-every-day/
Windows has always been the place where computing innovation happens first. This was the case when we introduced Copilot+ PCs las
Tabletop scenario for you:
Employee gets into a dispute with employer, leaves, had sensitive role. Employer revokes access, devices etc. Employee had logged in via BYOD to email, IM etc.
Due to Recall, employee walks away with 6 months of screenshots of everything she's ever worked on in a text indexed form - every email, chat, document, Teams call with video snapshots, transcripts of verbal calls etc - even if they set M365 to not store documents locally.
What does the employer do now?
Signal have rolled out an update to all users that stops Microsoft Recall from capturing Signal conversations.
I’ve tested this and it works. Brilliant work by the @signalapp team. 💪
They call on Microsoft to build better, as there was no standardised way as an app developer to do this. Because Signal is open source, now app developers have a template to protect their users from Windows.
https://signal.org/blog/signal-doesnt-recall/
Signal Desktop now includes support for a new “Screen security” setting that is designed to help prevent your own computer from capturing screenshots of your Signal chats on Windows. This setting is automatically enabled by default in Signal Desktop on Windows 11. If you’re wondering why we’re on...
I found an interesting Microsoft Recall issue with the latest version - Recall is enabled on my PC, but the tray icon (bottom right) saying it is running is missing.
Edit: after a reboot, it's back. I'll keep an eye on it. After the latest Windows Update the UI wasn't visible, but it was still recording.
Brave are blocking Microsoft Recall by default, hopefully Vivaldi follow. https://www.bleepingcomputer.com/news/security/brave-blocks-windows-recall-from-screenshotting-your-browsing-activity/
Brave Software says its privacy-focused browser will block Microsoft's Windows Recall from capturing screenshots of Brave windows by default to protect users' privacy.
The Register took a look at Microsoft Recall and found it captured personal information, such as social security numbers and such in its database.
They also found they could access it remotely using TeamViewer, using just a PIN.
https://www.theregister.com/2025/08/01/microsoft_recall_captures_credit_card_info/
exclusive: Our tests have shown there are ways to get around the promised security improvements
I still use Recall on my development laptop, and actually use the feature quite a lot through testing Recall... and yet, I've started to get regular engagement prompts to use it lately.
To me this strongly suggests people aren't actually using it in the wild as MS are trying to juice numbers via nudge prompts.
On a separate note I also got prompted to change my default browser to Edge (I use Vivaldi) and my search engine to Bing when switching on my laptop today 🤦
Microsoft are upselling security controls for Microsoft Recall, which allow orgs to limit what it records specifically - if the org pay for Microsoft Purview.
I’ve had a look at how this works under the hood, it is using undocumented features in Recall. https://learn.microsoft.com/en-us/purview/dlp-recall-get-started
Microsoft is reviewing its Copilot+ integrations, and is saying internally that Microsoft Recall has failed.
People familiar with Microsoft's plans say that the company moving to streamline or remove certain Copilot integrations across in-box apps like Notepad and Paint in 2026, after pushback from users.
So @xaitax has cracked Microsoft Recall, he's got access to the encrypted database and has automated dumping of screenshots and all text from screenshots.
I've looked at most recent Recall and yep, you can just read the database as a user process. The database also contains all manner of fields which aren't publicly disclosed for tracking the user's activity.
No AV or EDR alerts triggered, world's #1 in infostealer 😅
* you can just read it in plain text
