 |
When it was launched last year, the feature was met with fierce criticism for having virtually no reliable security protections. Photo: Axios . |
After a long silence since its failed launch last May, Microsoft has relaunched Recall, an AI feature built into Windows 11 that works by continuously taking screenshots of everything you do on your computer, then extracting text from the screenshots and storing it all in a searchable database.
This feature is currently only available on computers labeled Copilot+ PCs. These Windows 11 computers are equipped with specialized hardware optimized for AI tasks. In terms of technology, this is a big step forward.
But from a privacy perspective, Recall is facing harsh criticism from experts. Because everything you do on your computer, from private messages to sensitive financial information, can be recorded without you knowing.
When Recall was first released last year, it was met with a wave of backlash, forcing Microsoft to withdraw the feature almost immediately. The main reason was that security researchers discovered that Recall's screenshot database was stored in an unencrypted form. As a result, any hacker who broke into the computer could access and read all the information the user had ever accessed.
Since then, Recall has been in internal testing through Microsoft's Insider program. However, security concerns have continued to surface. In December 2024, a Tom's Hardware investigation found that Recall was still regularly logging sensitive information like credit card numbers and social security numbers, even with the "sensitive information filtering" feature enabled.
In this comeback, Microsoft said they have made some adjustments to enhance the security of Recall. Specifically, the screenshot database is now encrypted, instead of being blank as before. Users also have to voluntarily enable this feature, instead of being enabled by default as before. Users can also completely uninstall Recall if they want.
But these improvements aren’t enough to alleviate the core concern. Recall is a systematic privacy invasion. The biggest risk, Ars Technica reports, isn’t just to the person using Recall, but to anyone who interacts with them.
Messages, photos, documents, videos , even health information or passwords, everything sent can be captured by Recall and processed by AI, without the person on the other end knowing.
That means Recall could accidentally vacuum up all sorts of sensitive data, including photos, passwords, medical conditions, and even encrypted videos and messages, Ars Technica writes.
The scariest consequence of Recall is that it turns any PC into a hidden surveillance device, forcing us to think more carefully about what we send digitally, even when chatting with friends.
“Technically, Recall is impressive. But from a privacy perspective, it’s a minefield,” security researcher Kevin Beaumont wrote on his blog.
Beaumont tested Recall firsthand and found that the feature’s sensitive information filtering was still unstable. Additionally, the encrypted database was actually protected by only a four-digit PIN, a security layer that was considered very easy to crack.
He recommends that if you're talking to someone about something sensitive and they're using a Windows computer, ask them if they have Recall turned on.
Source: https://znews.vn/tinh-nang-ai-cua-microsoft-am-tham-chup-lai-moi-tin-nhan-rieng-cua-ban-post1549825.html
Comment (0)