Windows Recall takes a screenshot every five seconds. Cybersecurity researchers say the system is simple to abuse—and one ethical hacker has already built a tool to show how easy it really is.
When Microsoft CEO Satya Nadella revealed the new Windows AI
tool that can answer questions about your web browsing and laptop use, he said
one of the “magical”
things about it was that the data doesn’t leave your laptop;
the Windows
Recall system takes screenshots of your activity
every five seconds and saves them on the device. But security experts say that
data may not stay there for long.
Two weeks ahead of Recall’s
launch on new Copilot+ PCs on June 18, security researchers have demonstrated
how preview versions of the tool store the screenshots in an unencrypted
database. The researchers say the data could easily be hoovered up by an
attacker. And now, in a warning about how Recall could be abused by criminal
hackers, Alex Hagenah, a cybersecurity strategist and ethical hacker, has
released a demo tool that can automatically extract and display everything
Recall records on a laptop.
Dubbed TotalRecall—yes,
after the 1990 sci-fi film—the tool can pull all the information that Recall
saves into its main database on a Windows laptop. “The database is unencrypted.
It’s all plain text,” Hagenah says. Since Microsoft revealed Recall in
mid-May, security researchers have repeatedly compared it to spyware
or stalkerware that can track everything you do on
your device. “It’s a Trojan 2.0 really, built in,” Hagenah says, adding that he
built TotalRecall—which he’s releasing on GitHub—in order to show what is
possible and to encourage Microsoft to make changes before Recall fully
launches.
The company unveiled Recall as part of a
Surface laptop event last month. The tool continuously takes screenshots of
whatever’s happening on your PC. Recall is intended to allow people to
“retrieve” things you’ve done on your machine—whether it’s web pages you’ve
visited or messages you’ve been sent—using natural language search queries.
Microsoft’s description of the tool says Recall could be
used to search for recipes you’ve looked at online but whose websites you’ve
forgotten.
TotalRecall, Hagenah says, can
automatically work out where the Recall database is on a laptop and then make a
copy of the file, parsing all the data as it does so. While Microsoft’s new
Copilot+ PCs aren’t out yet, it’s possible to use Recall by emulating a version
of the devices. “It does everything automatically,” he says. The system can set
a date range for extracting the data—for instance, pulling information from
only one specific week or day. Pulling one day of screenshots from Recall,
which stores its information in an SQLite database, took two seconds at most,
Hagenah says.
Included in what the database captures are
screenshots of whatever is on your desktop—a potential gold mine for criminal
hackers or domestic abusers who may physically access their victim’s device.
Images include captures of messages sent on encrypted messaging apps Signal and
WhatsApp, and remain in the captures regardless of whether disappearing
messages are turned on in the apps. There are records of websites visited and
every bit of text displayed on the PC. Once TotalRecall has been deployed, it
will generate a summary about the data; it is also possible to search for
specific terms in the database.
Hagenah says an attacker could get a huge amount of
information about their target, including insights into their emails, personal
conversations, and any sensitive information that’s captured by Recall.
Hagenah’s
work builds on findings from cybersecurity researcher Kevin Beaumont, who
has detailed how much information Recall
captures and how easy it can be to extract it.
Beaumont also says he has built a website where a Recall database can be
uploaded and instantly searched. He says he hasn’t released the site yet, to
allow Microsoft time to potentially change the system. “InfoStealer trojans,
which automatically steal usernames and passwords, are a major problem for well
over a decade—now these can just be easily modified to support Recall,”
Beaumont writes.
The
criticisms come as hacks of Microsoft systems have led to various US government data breaches; Nadella has said security should be Microsoft’s “top priority.” Microsoft did not respond to WIRED’s request for
comment about the security features of Recall by the time of publication.
Recall’s privacy pages say it is possible to disable saving screenshots
(effectively turning Recall off), pause the system temporarily, filter
applications where screenshots are taken, and delete what is gathered at any
time. Recall runs on the laptop itself, storing data it captures on the device
and not sending this information to Microsoft’s servers. Hagenah says this
claim appears to be true, with no signs that data is sent to Microsoft.
Microsoft
is, at least, aware of some of the possible privacy and security-related issues
with Recall: Its help pages say the system does not perform any content
moderation on what is contained in the images it saves. This means, Microsoft
says in the guide, that it won’t “hide information such as passwords or
financial account numbers.” Security researchers have already been able
to extract passwords from Recall.
Recall’s
main database is stored on the laptop’s system directory, and while it needs
administrator rights to access, privilege escalation attacks have been around for years, making it theoretically
possible for an attacker to gain initial access to a device remotely.
Hagenah
says that in cases of employers with “bring your own devices” policies, there’s
a risk of someone leaving with huge volumes of company data saved on their
laptops. That’s a particular risk if they’re disgruntled or leave on bad terms,
he says. The UK’s data protection regulator, the Information Commissioner’s
Office, has asked Microsoft to provide more details about Recall and its
privacy.
While
Recall remains as a “preview” feature and, according to Microsoft’s small print, could change before it launches, Beaumont writes in his
research that the company “should recall Recall and rework it to be the feature
it deserves to be, delivered at a later date.” He adds: “They also need to
review the internal decisionmaking that led to this situation, as this kind of
thing should not happen.”
