Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
The TotalRecall script can pull out all the data from Windows Recall and there’s still no reaction from Microsoft
This elegant hacking script should be a clear red flag for Microsoft
3 min. read
Published onJune 6, 2024
published onJune 6, 2024
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
In what it’s becoming a ridiculous twist, a fresh tool called TotalRecall has surfaced that can pull out each data bit stored by Microsoft’s Recall feature. It has its own GitHub page and everyone can use it.
Here’s the whole story about Windows Recall
Let’s recap this saga really quickly so we can have a broad picture of this privacy mishap: Recently,Microsoft announced Recall, an AI feature for Copilot+ PCs to take a snapshot on everything you’re doing on your PC, to provide Copilot with data that will help you in your local searches. When users startedthreatening to leave Windows 11due to privacy concerns, Microsoft said thatRecall is harmless and you can disable anyway.
A few days later, a few developers discovered thatRecall stores everything in a plain text databasethat can be accessed as easily as opening it. So, we got to present day, when a researcher even created the script that really does a great job in hacking Recall by automating the job in a totally elegant way.
The TotalRecall script made hacking Windows Recall even easier
So, picture a tool with such strength that it can go through your computer’s digital memories, finding screenshots, text data, and even coded messages you believed were secured. TotalRecall, made by a researcher named Alex Hagenah, is an important example that highlights Recall’s weaknesses.
The TotalRecall risks are not only about personal privacy but also involve broader concerns. In a time when cybersecurity is critical, this tool highlights the necessity for strong security actions to safeguard our digital marks. Now, we’re sure that Hagenah didn’t put TotalRecall on GitHub to encourage people to hack Windows Recall. It is an encouragement for Microsoft to take action about these safety problems before Recall’s full release.
However, TotalRecall is not the single voice sounding alarms. Another cybersecurity researcher named Kevin Beaumont has madea website for searching Recall databases, too; he hasn’t yet released it in hopes that Microsoft will reply. Controls like switching off screenshot saving and pausing Recall are mentioned in Microsoft’s documentation, but these steps might not be sufficient to ease worries about possible misapplication of this tool.
The worse part about all this is that Microsoft didn’t have any reaction to all this issue apart from the fact that they keep repeating that Recall can be disabled.
If you want to know how Microsoft have got themselves into this giant mess with Recall, here’s what the documentation says between the lines:you, the customer, are a simpleton who doesn’t want to be an AI genius yet. Have a caveman mode.pic.twitter.com/ir8HJ10fVN
In anX post, Beaumont highlights the fact that Microsoft thinks it’s the organization’s responsibility to secure this feature, and they might not be prepared for such a complicate task. Luckily, we have a guide on how todisable Recall in Windows 11and we recommend doing so when the feature is released.
The debate between Recall and TotalRecall is part of a larger conversation about the tension between innovation and privacy. We do not know yet whether Microsoft will listen to Hagenah and Beaumont. However, one thing is sure—discussions on digital privacy and security continue.
Let’s discuss about Windows Recall and privacy implications in the comments below.
More about the topics:AI,Cybersecurity,windows recall
Claudiu Andone
Windows Toubleshooting Expert
Oldtimer in the tech and science press, Claudiu is focused on whatever comes new from Microsoft.
His abrupt interest in computers started when he saw the first Home Computer as a kid. However, his passion for Windows and everything related became obvious when he became a sys admin in a computer science high school.
With 14 years of experience in writing about everything there is to know about science and technology, Claudiu also likes rock music, chilling in the garden, and Star Wars. May the force be with you, always!
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Claudiu Andone
Windows Toubleshooting Expert
Oldtimer in the tech and science press, with 14 years of experience in writing on everything there is to know about science, technology, and Microsoft
