Summary: Microsoft's new Recall feature takes constant screenshots of your activity on Copilot+ PCs, storing and classifying everything you do. This poses a significant security risk as it could potentially expose sensitive information to malicious actors. Consumers and businesses are advised to disable or reject Recall on these PCs to protect their data.
new feature called Recall, as part of their Copilot+ PCs. It takes screenshots of what you’re doing on constantly, by design: (View Highlight)
information around account numbers, balances, purchases etc will enter Recall’s database (View Highlight)
If you look at what has happened historically with infostealer malware — malicious software snuck onto PCs — it has pivoted to automatically steal browser passwords stored locally. In other words, if a malicious threat actor gains access to a system, they already steal important databases stored locally. (View Highlight)
They can just extend this to steal information recorded by Copilot’s Recall feature. (View Highlight)
