Windows AI’s Screenshot Feature Labeled a ‘Disaster’ for Security

 

In the last few months, Microsoft has been touting AI PCs. Additionally, Microsoft recently released a new feature for Windows 11 called “Recall” that is capable of taking a screenshot of everything users do and making all their actions searchable. Additionally, the company claimed that Copilot and Recall activity data would not be remotely accessible by threat actors. 
However, a security researcher by the name of Kevin Beaumont claims that the data is stored in a simple SQLite database that is stored in plain text. Windows’s recall feature, which is currently in preview, captures a screen snapshot every few seconds and stores it locally. Even though it is intended to provide users with an easy way to search for and revisit past activities, there are serious security and privacy concerns surrounding the feature. 
As a result of this feature, which tracks every activity on a Windows computer to help users find things easily in the future using natural language, Microsoft is being called a hackable security catastrophe. An individual who is a white-hat hacker has already developed a tool that is capable of extracting sensitive data from Recall.
The tool is called TotalRecall, and it is available on GitHub right now. Recall uses local artificial intelligence models to capture everything users do and see on their computer, and then they can search for and retrieve anything they want in seconds, e

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: