When a bunch of Qualcomm Snapdragon X laptops got announced alongside the Surface Pro 11 and Laptop 7 on Microsoft Build day, one notable feature the company said will be available alongside their launch was Recall. More recently, the feature is said to have been postponed, and will be going through more testing via the Windows Insider program.
For context, Recall is supposed to use natural language prompts to retrieve data from your Copilot Plus PC outside of the norm. As an example, you can use words to describe an image and the feature will show you the picture you were looking for, with possible options arranged in a timeline you can scroll through.
Microsoft told media outlets a hacker cannot exfiltrate Copilot+ Recall activity remotely.
Reality: how do you think hackers will exfiltrate this plain text database of everything the user has ever viewed on their PC? Very easily, I have it automated.
HT detective pic.twitter.com/Njv2C9myxQ
— Kevin Beaumont (@GossiTheDog) May 30, 2024
Earlier this month though, the security behind the Recall feature has been called into question. In one example cybersecurity expert Kevin Beaumont found the feature stores data in plain text, making it easy for its contents to be accessed and extracted by hackers from a compromised machine. Making things worse is that Recall doesn’t do content moderation, so sensitive data like passwords won’t be hidden either.
The Verge reports that “Microsoft engineers were scrambling to get the security improvements tested and implemented in time” for its 18 June debut. It looks like that won’t be happening, as the company has posted an update in its blog that the feature will remain in the Windows Insider Program. The update does not mention a new release date for the feature, so it remains to be seen until when it will remain only for the beta testers.
(Source: Microsoft, The Verge [1], [2])
Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news.
