In recent years, Microsoft has introduced a number of innovations aimed at increasing productivity and making work easier for users around the world. One of the latest additions is the Recall feature. While at first glance this feature seems extremely helpful, it is worth looking at it from the perspective of user security. What risks might it carry?
Recall is an artificial intelligence-based feature that analyzes your activity to then offer the most relevant information, reminders or suggestions. It is a kind of “assistant” that learns from your behavior and adjusts its actions to increase productivity.
One of the key issues facing users using artificial intelligence-based functions is privacy. Recall, in order to operate effectively, collects and analyzes huge amounts of data. Microsoft’s official position regarding this functionality is that the data is stored with us locally on computers.
In analyses during the test phase, it was shown that data collected locally was not secured in any way. A local database was used, and jpg files that did not simply have the “.jpg” extension added to the name.
In addition, the data included in the database, were detected texts on the screen, captured texts while typing on the keyboard, etc.
If an attacker gained access to our computer, he would not have to deal with analyzing the acquisition of information about us. After entering our system, he has given on a tray quite a large resource of information about us. One could, in fact, download the data, collected by this function, and calmly analyze it later.
Similar behavior has scripts that attackers try to transfer to our computer. For example, some of them have an option, capturing the keyboard, taking screenshots, etc.
The difference is really only that these scripts, must “survive” in the system and remain undetected. In the case of Recall, this is a built-in function in the system.
As you can probably guess, a huge wave of criticism has fallen on Microsoft from cybersecurity experts. Imagine a Bank where the level of data protection is quite high. Every employee with a Windows PC would be given such a feature.
This would cause quite a problem, for security departments, as they would have to control potentially another sector of possible attack and data leakage.
