In 2024 Microsoft rolled out a feature it called Recall. This feature takes a screenshot every couple of seconds and storing it in a database on your pc. The issues at first release were glaring, no encryption, no protection from other users accessing the data, no way to keep Recall from grabbing private data…like HIPPA. It was a screenshotting feature that stored everything on your screen without any regard for security. Recall has been re-released with promises of better security and promising it’s AI will not grab private data.
DoublePulsar, the original researcher, has now done more analysis on the new Recall and found it wanting. It may have basic encryption and some improved security, it can still access private data and the security drop down to basic without any kind of checking up to make sure the user is actually the user. The website, The Register, did their own analysis of Recall and found some security lapses that make it unsuitable for deployments in sensitive locations like healthcare, accounting, attorneys, just to name a few. When you purchase a new pc, you need to make sure a full security audit is performed to make sure Recall is truly disabled. This story bears watching.
If you have a new pc and aren’t sure if it’s as secure as possible, contact us to for a free evaluation.