Windows 11’s AI Recall feature is blasted by a security expert as ‘one of the most ridiculous security failings I’ve ever seen’

Microsoft has already been dragged over the coals regarding its Recall functionality inbound for Windows 11 by security researchers and privacy watchdogs alike – and it’ll need a flame-retardant suit for the latest fiery outpouring against the AI-powered feature.

This comes from security expert Kevin Beaumont, as highlighted by The Verge. The site notes that Beaumont worked for Microsoft briefly a few years ago.

To recap – in case you missed it somehow – Recall is an AI feature for Copilot+ PCs, which launches later this month and acts as a photographic timeline – essentially a history of everything you’ve done on your PC, recorded via screenshots that are taken regularly in the background of Windows 11.

Beaumont got Recall working on a normal (non-Copilot+) PC – which can be done, though it isn’t recommended performance-wise – and has been messing around with it for a week.

He’s come to the conclusion that Microsoft has made a giant mistake here, at least going by the feature as currently implemented – and it’s about to ship, of course. Indeed, Beaumont asserts that Microsoft is “probably going to set fire to the entire Copilot brand due to how poorly this has been implemented and rolled out,” no less.

So, what’s the big problem? Well, principally, it’s the lack of thought around security and how there’s a major discrepancy between Microsoft’s description of the way Recall is apparently kept watertight and what Beaumont has found.

See more

As you can see in the above post on X (formerly Twitter), one of the security expert’s main beef with Microsoft is that it informed media outlets that a hacker can’t possibly nab Copilot+ Recall data remotely. In other words, an attacker would need to access the device physically, in-person – and this isn’t true.

In a long blog post on this topic, Beaumont explains: “This is wrong. Data can be accessed remotely.” Note that Recall does work entirely locally, as Microsoft said – it’s just that it isn’t impossible to tap into the data remotely, as suggested (if you can access the PC, of course).

As Beaumont elaborates, the other big problem here is the Recall database itself, which contains all the data from those screenshots and the history of your PC usage – as all of this is stored in plain text (in an SQLite database).

This makes it very easy to snaffle all the Recall-related info of exactly how you’ve been using your Windows 11 PC – assuming an attacker can get access to the device (either remotely, or in-person).


Analysis: Recall the Recall feature, or regret it

There are lots of further concerns here, too. As Microsoft pointed out when it revealed Recall, there are no limits to what can be captured in the AI-powered history of the activity on your PC (save for some slight exceptions, like Microsoft Edge’s private browsing mode – but not Chrome Incognito, tellingly).

Sensitive financial info, for example, won’t be excluded, and Beaumont further points out that auto-deleting messages in messaging apps will be screenshotted, too, so they could be accessed via a stolen Recall database. Indeed, any message you delete from the likes of WhatsApp, Signal, or whatever could be read via a Recall compromise.

But wait a minute, you might be thinking – if your PC is remotely accessed by a hacker, aren’t you in deep trouble anyway? Well, yes, that’s true – it’s not like these Recall details can be accessed unless your PC is actively exploited (though part of Beaumont’s problem is Microsoft’s apparently errant statement that any kind of remote access to Recall data wasn’t possible at all, as mentioned above).

Hacker

(Image credit: Milan_Jovic)

The real kicker here is that if someone does access your PC, Recall seemingly makes it very easy for that attacker to grab all these potentially hugely sensitive details about your usage history.

While info stealer Trojans already exist and scrape victims at a large scale on an ongoing basis, Recall could enable this kind of personal data hoovering to be done ridiculously quickly and easily.

This is the crux of the criticism, as Beaumont explains it: “Recall enables threat actors to automate scraping everything you’ve ever looked at within seconds. During testing this with an off the shelf infostealer, I used Microsoft Defender for Endpoint – which detected the off the shelve infostealer – but by the time the automated remediation kicked in (which took over ten minutes) my Recall data was already long gone.”

This is a major part of the reason why Beaumont calls Recall “one of the most ridiculous security failings I’ve ever seen.”

If Microsoft doesn’t take action before it ships, mind – as there’s still time, in theory anyway, although the release of Copilot+ PCs is very close now. (However, Recall could still be kicked temporarily to touch while it’s further worked on – perhaps).

If Recall does ship as it’s currently implemented, Beaumont advises turning it off: “Also to be super clear you can disable this in Settings when it ships, and I highly recommend you do unless they rework the feature and experience.”

Herein lies another thorny issue: the AI-powered functionality is on by default. Recall is highlighted during the Copilot+ PC setup experience, and you can switch it off, but the way this is implemented means you have to tick a box to enter settings post-setup, and then turn off Recall there – otherwise, it will simply be left on. And some Windows 11 users will likely fall into the trap of not understanding what the tick box option means during setup and just end up with Recall on by default.

This is not the way a feature like this should operate – particularly given the privacy concerns highlighted here – and we’ve made our feelings on this quite clear before. Anything with wide-ranging abilities like Recall should be off by default, surely – or users should have a very clear choice presented to them during setup. Not some kind of weird ‘tick this box, jump through this hoop later’ kind of shenanigans.

You might also like…

TechRadar – All the latest technology news

Read More

I review VR headsets for a living, and I’ve never seen a better Oculus Quest 2 deal

Amazon is offering a fantastic Oculus Quest 2 deal that not only scores you the impressive VR headset for $ 51 off, but you’ll also get a $ 50 gift card. It’s one of the best Black Friday deals I’ve seen.

Right now the Meta’s Quest 2 (128GB) model is down to $ 249 at Amazon – instead of its MSRP of £299. But if you act fast the holiday bundle will score you the discount and a free $ 50 Amazon voucher; effectively, this will save you $ 100 on the popular VR headset which we gave four–and–a–half stars in our Oculus Quest 2 review

I say you should act fast, because an identical deal was available in the UK for a few days – but it has now sold out. If history repeats itself in the US you don’t have long left to nab yourself one of the best Oculus Quest 2 Black Friday deals this year. 

I've been writing about VR for years and I haven't seen a better deal; so there's no point waiting for something better to come around this Black Friday if you're after a VR headset.

Get the best ever Oculus Quest 2 deal here:

Meta Quest 2 + Amazon Gift Card: was $ 349.99 now $ 249.00 at Amazon
Right now you can save $ 51 on the Meta Quest 2 (128GB) and get a free $ 50 Amazon gift card as well as part of this holiday bundle. I’ve never seen a better Meta Quest 2 deal, and I expect this may sell out before Black Friday, so act fast.View Deal

The only VR headset deal I think you should consider instead of this Oculus Quest 2 offer is the Meta Quest 3 deal that's available everywhere. That is you get the Meta Quest 3 for $ 499 and a free copy of Asgard's Wrath 2.  Alongside Amazon, you can find the same deal at  WalmartBest Buy, and Target among others.

While this isn't the best deal (the headset is full price) I think the Meta Quest 3 is a massive step up over the Quest 2; that's why I awarded it five stars in our Meta Quest 3 review. Yes, it's pricier, but it's worth the extra cost if you can afford it.

If you are on a tight budget then Meta's Oculus Quest 2 is still fine, and the above deal is a fantastic offer to take advantage of. But if you can afford to splash out on a Meta Quest 3 then I'd strongly suggest doing so.

For more on this topic, check out my guide to whether you should buy an Oculus Quest 2 or Meta Quest 3 this Black Friday.

More Black Friday deals

TechRadar – All the latest technology news

Read More

This AMD Ryzen notebook deal is probably the best we’ve ever seen

We reviewers are used to obsessing over incremental technology changes, but every now and then a supernova appears on our radar – something that can single handedly change the status quo.

The AMD Ryzen 4000 family is one such supernova and promises to bring some of the best processing performance ever to laptops, at a price that defies logic.

When we first laid eyes on the Ideapad 5 15, it was immediately clear Lenovo is going for the jugular.

Available for as as little as £475 (roughly $ 590/AU$ 920), the IdeaPad is considered an entry level model, so we were delighted to see the AMD Ryzen 7 4700U making an emphatic appearance.

The laptop comes with 8GB of RAM and a 128GB SSD (M.2 2242, PCIe-NVMe, TLC) and, most importantly, you can swap out Windows 10 for FreeDOS (an MS-DOS equivalent).

You can also add a dummy hard disk drive for free, which means you can integrate a secondary 2.5-inch SSD at a later date.

It also features a 15.6-inch full HD TN display, which you can swap for a touch/non-touch superior IPS model for a small additional fee. 

Likewise, if your budget will allow, you can add a fingerprint reader, replace the 45Whr battery with a 57Whr model and exchange the Wireless 2×2 AC for a more advanced Wi-Fi 6 2×2 AX.

Note, the machine is not yet available in Australia or the US, but we've contacted Lenovo to find out when it will appear in non-European regions.

TechRadar – All the latest technology news

Read More