While Microsoft has put lots of effort into the redesigned Recall feature – which was marred by critical security flaws at original launch prompting delays – tests performed by publication The Register showed the AI-powered feature can still present some privacy-related problems, in particular relating to its sensitive information filter.
Recall Is Not Perfect
In case you didn’t know, Recall is a feature designed for Copilot+ PCs with its “photographic memory” as its key selling point, which captures the on-screen content every few seconds that allows users to search semantically in the future (i.e. by describing the content within a file, a webpage, or an app, instead of the names of files, webpages and apps themselves).
On paper, this is a solid feature if you’re particularly forgetful while using your PC – but this does introduce several undesirable side effects. As The Register proved, one of Recall’s flaw is the limited capability in identifying sensitive information to avoid capturing screenshots of such. In the publication’s words, Recall “frequently fails,” despite its relative effectiveness at hiding “a lot of financial data, some passwords, and most instances of Social Security numbers.”
The gist of it is Recall relies on checking keywords to determine if the information needs to be hidden. For example, it looks for phrases like “checkout page” or “enter payment info” to hide credit card details; if for whatever reason these phrases are not present, Recall will capture it like any other content. The same applies to passwords: it can correctly identify Chrome’s password manager and hide that, but not when the same data is written into a plain text file (although that kind of defeats the purpose of passwords anyway).
While the redesigned Recall has significant security improvements, such as Windows Hello authentication requirement and data stored under encryption by default, the truth is it is impossible to be perfectly secure. For example, Windows Hello can be set up using PIN, which, if leaked, can easily give attackers unattended access to the snapshots; besides that, potential security vulnerabilities can also siphon the data out, and with sensitive data now centralized, attackers will be very keen on stealing them.
As a matter of fact, some of the more privacy-centric apps have started to block Recall from capturing its contents, which makes Recall’s photographic memory less effective (think of it as trying to search a file in the computer but the search feature only covers just a few folders – it wouldn’t be very useful). A feature like this has always needed to tread the line carefully between privacy and convenience, but if the recent events are anything to go by, it looks like it might not be working in Recall’s favor here.
Pokdepinion: I’m inclined to believe this concept is fundamentally flawed from a privacy perspective.
