Microsoft recently announced their AI Recall feature for Windows 11. It creates a timeline that lets you search past interactions on your device. It's a goldmine for attackers and here's why.
Microsoft says, "With Recall, you have an explorable timeline of your PC’s past. Just describe how you remember it and Recall will retrieve the moment you saw it."
And it does this by "...Recall takes snapshots of your screen. Snapshots are taken every five seconds while content on the screen is different from the previous snapshot."
Why's it such a goldmine for attackers?
1. It uses the new Core AI Platform - this opens up a new attack surface to be explored.
2. It takes constant screenshots - These screenshots are saved in the user's AppData folder - accessible to anyone who gains access to that user account or has local admin on the machine.
3. Recall is available on the new Copilot+ PCs which includes a new piece of hardware - The Neural Processing Unit(NPU). These screenshots are processed by the NPU and then the text from the screenshots is saved in a local SQLite database. Again, accessible by the current user or local admin.
As someone in OffSec, I look forward to the adoption of this feature.
I feel bad for CISOs and other security leaders that need to deal with it.
OH. And what about privacy?
"Note that Recall does not perform content moderation. It will not hide information such as passwords or financial account numbers. That data may be in snapshots that are stored on your device, especially when sites do not follow standard internet protocols like cloaking password entry."
Nice.
What do you think this will do to organizational policies when it's enabled by default in Windows 11 Copilot+ machines?
