Windows Recall Will ‘Set Cybersecurity Back a Decade’

Cybersecurity researcher Kevin Beaumont says Microsoft Recall is " going to deliberately set cybersecurity back a decade & endanger customers."...
Windows Recall Will ‘Set Cybersecurity Back a Decade’
Written by Matt Milano
  • Cybersecurity researcher Kevin Beaumont says Microsoft Recall is ” going to deliberately set cybersecurity back a decade & endanger customers.”

    Windows Recall is Microsoft’s controversial AI-powered feature that takes snapshots of a user’s activity on their computer. The idea is that it provides a way for users to look back and find files, conversations, pictures, and more, and easily jump back to the selected content. Unfortunately, by default, the feature does not filter out content that a user may not want a record of.

    Microsoft has touted the security and privacy it is building into Recall, but experts remain unconvinced. To make matters worse, Beaumont has conclusively disproved one of Microsoft’s most important claims, namely that bad actors will not be able to exfiltrate on-device Recall data.

    Beaumont continues:

    It’s just an SQLite database, feature ships in a few weeks – I’ve already modded it into an Infostealer hosted on Microsoft’s Github (a few lines of code)

    Microsoft are going to deliberately set cybersecurity back a decade & endanger customers by empowering low level criminals.

    Read More: Why Windows Recall Is a Nightmare

    Adding to the concern is the fact that Recall circumvents security features in other apps. For example, disappearing messages in popular secure messaging apps are recorded in Recall, as Beaumont points out:

    Thread’o’rama at the link: https://cyberplace.social/@GossiTheDog/112531054138802168

    I’ve tested this with messaging apps like WhatsApp, Signal and Teams.

    Somebody message you with disappearing messages? They’re recorded anyway. Write a disappearing message? It’s recorded. Delete a message? It’s recorded.

    Beaumont believes the US government should take Microsoft’s actions as a clear indication that the company has learned nothing from the damning CSRB report in the wake of the company’s Exchange breach last year. The report said “Microsoft’s security culture was inadequate and requires an overhaul, particularly in light of the company’s centrality in the technology ecosystem and the level of trust customers place in the company to protect their data and operations.”

    Microsoft has vowed to put “security above all else” in response, reportedly going so far as to link executive pay to the company’s security performance. As Beaumont points out, it’s difficult to reconcile the company’s “security above all else” policy with the implications of Recall.

    Get the WebProNews newsletter delivered to your inbox

    Get the free daily newsletter read by decision makers

    Subscribe
    Advertise with Us

    Ready to get started?

    Get our media kit