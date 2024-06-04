When Recall launched, some worried it looked a bit like spyware, and now it seems this much-lauded new AI Windows feature could pose a serious data leak risk.

In principle, Microsoft’s new Recall system sounds like a useful tool for anyone using a PC at work. The AI-informed system regularly takes a snapshot of what you’re doing on screen, and lets you search for important data you may have lost track of as you work. But security experts who looked closely at how Recall works conclude that the system could pose serious security risks.

Recall is built into what Microsoft is calling “Copilot+” PCs–the tech giant’s vision of how the boring, traditional computer will become a 21st century AI-powered workhorse. When it launched, Microsoft explained that Recall wouldn’t capture certain things on your PC’s screen–like copyrighted video on apps like Netflix, or private browser sessions on its Edge web browser–but that it would see everything else.

FEATURED VIDEO An Inc.com Featured Presentation

In theory this makes sense: imagine you typed in an all-important financial statistic to a Word document for your business, but then a half-hour or so later, it has disappeared among the pages. Recall allows users to dial back in time using AI smarts to find it. So you really do want Recall to see everything you’re up to, in order for it to be useful (and save you from swearing blue murder at your laptop screen when your own memory fails). Microsoft stressed Recall would not be a privacy risk, since the data was stored only on a user’s PC, and not on a cloud service–which could allow it to “leak” out. Tech news site The Verge reports security researcher Kevin Beaumont has already found very worrying flaws in Recall. In particular, the system stores data in a very straightforward plain text system. That means if a hacker got some malicious code onto a user’s PC, the code could simply trawl through the Recall database and find literally any type of personal data it wanted, depending on how you’d been using your computer.

Think about the sensitive information typed into your work laptop, or the private communications you send via your personal laptop-things you’d prefer never saw the light of day–and the scale of potential secirity hazards comes into focus. In an era of controversial, punitive laws affecting reproductive health, even the websites you visit could be considered dangerous information.

Beaumont does point out that some very precise coding steps are needed to access the Recall data, and he admits that in some places Microsoft “made some smart decisions” in terms of security and encryption to protect the Recall database. But they just don’t work. He also said he was “deliberately holding back technical details” about exactly how his hack works because he wants to give Microsoft “time to do something” about fixing the loophole. Whether or not Microsoft acts swiftly to fix Recall’s security flaws, or stands by its claim that the service is merely optional for Copilot+ users remains to be seen. But Beaumont’s work seems to confirm critics’ initial worries when Recall launched. It also suggests that when the UK’s official “data watchdog” said it was going to demand answers from Microsoft as to exactly how secure Recall was, it wasn’t barking up the wrong tree.