Once again the Verge totally misses the point on #Recall, as they dismiss the security and privacy concerns with "If someone has access to your computer, you're already screwed because your computer is already collecting all this."
Like...DFIR pros with full control over a system know how to get at most of what a constant stream of screenshots provides to attackers/abusers, but having a straight up database of images is a level of access I don't think they've thought through. And as I've said, many infostealers are already primed to pull these kinds of databases.
Snapshots are encrypted by Device Encryption or BitLocker, which are enabled by default on Windows 11. Recall doesn't share snapshots with other users that are signed into Windows on the same device. Microsoft can't access or view the snapshots.
Soooo just Bitlocker then? Like disk encryption? That means the snapshots aren't encrypted while the machine is up.
Anything with high enough permissions (like, say security tools) will have the ability to read these snapshots, if I'm reading this right.
In two specific scenarios, Recall captures snapshots that include InPrivate windows, blocked apps, and blocked websites. If Recall gets launched, or the Now option is selected in Recall, then a snapshot is taken even when InPrivate windows, blocked apps, and blocked websites are displayed. However, Recall doesn't save these snapshots. If you choose to send the information from this snapshot to another app, a temp file is created in C:\Users[username]\AppData\Local\Temp to share the content. The temporary file is deleted once the content is transferred over the app you selected to use.
So if I write a piece of malware that kills Recall and relaunches it, the resulting screener will not be filtered at all? And I can just grab that temp file immediately?
It is worth noting that the Recall feature is only going to work on newfangled PCs with that special NPU chip. So for now, a reasonable defense is to... not buy one of those laptops
It's not about whatever Microsoft is doing with these features today. Maybe it's apocalyptic, maybe it's not. But what we're seeing is next-level disregard for user choice about their OS. Yes, even for Microsoft, this is exceptional.
And in the constant pursuit of monetizing our data or extracting training sets, we must confront the question of what they will push on us next, without consent or reasonable recourse.
This is not an OS under owner control, and as such, should not be trusted for any purpose where data security is a concern.
@mttaggart there's a whole lot going on. A Worrisome erosion of the concept of privacy and consent from tech bros (click yes, or maybe later - a technique Sam altman tried on scarlet Johansson and then just did it anyway). The whole thing where people on reality programmes eventually forget they are constantly being filmed. And Microsoft's terrible recent record of information security beaches and cover ups. I wouldn't want it from any vendor but I especially don't want it from Microsoft
My new favorite hobby is to tell the middle/high schoolers I pass on walks that I had a pair of Jncos just like those, then watch their face warp into horror.
There is never going to be a GPG/PGP renaissance. People will not suddenly flock to this hard-to-use tool en masse. Please stop pushing it as the solution to things. We've tried. It didn't take.