More ethical hackers sounding alarm bells after trying out Microsoft Recall

Microsoft’s Recall isn’t even out yet, but those who’ve used it already want to turn it off.

When Microsoft presented Recall, a new type of search tool, it quickly sparked a debate. One of the main concerns was whether this feature was secure enough. While the company’s CEO, Satya Nadella, assures users that it is, evidence shows quite the opposite.

Recall is an AI-powered tool that screenshots PC activity every few seconds, storing the data for when a user wants to find specific information they once looked at.

While this new tool with “photographic memory” might sound promising, it also raises concerns. Because if a computer gets hacked, all of the stored information can be used to harm Recall’s users.

Recently shared data (first reported by Wired) by James Forshaw, a computer security expert at Google’s Project Zero, revealed that these “what ifs” are more real than one might suspect.

In his now-updated blog post, the researcher revealed how he found a way to access Recall data without administrator privileges, which is the main requirement for accessing stored data.

“Damn, I really thought the Recall database security would at least be, you know, secure,” Forshaw said in his technical blog, demonstrating how it’s possible to bypass administrator privileges requirements.

The all-seeing Recall feature has been under the spotlight by the security community from the minute it was publicly announced. From “privacy nightmare” to a “hacker’s dream come true,” it has received plenty of negative feedback, with the majority of experts urging users to turn the feature off.

One ethical hacker, Alex Hagenah, even created a tool called TotalRecall to demonstrate how easy it is to take over someone’s information using Recall.

Despite the negative testing results, Recall is scheduled to launch this month, together with Microsoft’s Copilot+ PCs.

More from Cybernews:

Rare Xbox could yield British charity thousands

Meta, IRS among most impersonated organizations

Ex-husband loads woman's car with AirTags to stalk her

Apple TV+ might soon be officially available in China

New Apple patent suggests changes to AirPods case

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked