this post was submitted on 07 Jun 2024
454 points (97.5% liked)

Technology

59534 readers
3195 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world
enu@lemmy.world
454
This Hacker Tool Extracts All the Data Collected by Windows’ New Recall AI (www.wired.com)
submitted 5 months ago by Stopthatgirl7@lemmy.world to c/technology@lemmy.world
56 comments fedilink hide all child comments
 

When Microsoft CEO Satya Nadella revealed the new Windows AI tool that can answer questions about your web browsing and laptop use, he said one of the “magical” things about it was that the data doesn’t leave your laptop; the Windows Recall system takes screenshots of your activity every five seconds and saves them on the device. But security experts say that data may not stay there for long.

Two weeks ahead of Recall’s launch on new Copilot+ PCs on June 18, security researchers have demonstrated how preview versions of the tool store the screenshots in an unencrypted database. The researchers say the data could easily be hoovered up by an attacker. And now, in a warning about how Recall could be abused by criminal hackers, Alex Hagenah, a cybersecurity strategist and ethical hacker, has released a demo tool that can automatically extract and display everything Recall records on a laptop.

Dubbed TotalRecall—yes, after the 1990 sci-fi film—the tool can pull all the information that Recall saves into its main database on a Windows laptop. “The database is unencrypted. It’s all plain text,” Hagenah says.⁩ Since Microsoft revealed Recall in mid-May, security researchers have repeatedly compared it to spyware or stalkerware that can track everything you do on your device. “It’s a Trojan 2.0 really, built in,” Hagenah says, adding that he built TotalRecall—which he’s releasing on GitHub—in order to show what is possible and to encourage Microsoft to make changes before Recall fully launches.

you are viewing a single comment's thread
view the rest of the comments
[–] M500@lemmy.ml 63 points 5 months ago (9 children)

I wouldn’t really call it a hacker tool any more than you would call a hammer a thieves tool.

It just accesses the data that stored in an unencrypted format on the computers hard drive.

If someone had remote access to your computer they could use this, but I imagine they could also use the official tool too.

Since the data is stored in an unencrypted fashion, a hacker who had remote access would be better served running some script that will just transfer all this data to their offsite server and could be accomplished pretty easily.

I guess what I want to really say is that calling it a “hacker tool” is misleading.

[–] mosiacmango@lemm.ee 28 points 5 months ago* (last edited 5 months ago) (4 children)

Nmap is a "hacker tool" and all it does is ask computers what ports they have open, something they are set to advertise to the world.

This is a "hacker tool" in the sense that it is accessing data in an unintended way, in the same contect as nmap using protocols intended to communicate for a set purpose to built a list of possible attack vectors.

[–] chaosCruiser@futurology.today 8 points 5 months ago (3 children)

So when I walk past some bicycles parked outside of a store, and simply use my eyes to determine if they have locks, I’m essentially a hacker.

[–] lurch@sh.itjust.works 20 points 5 months ago

no, your eyes are hacker tools

[–] prole@sh.itjust.works 12 points 5 months ago

There's a word for that, it's called "casing."

Obviously not "hacking," unless they're locked up by a computer or some shit.

A hacker using software like that to test vulnerabilities seems similar to me in some ways.

[–] Restaldt@lemmy.world 5 points 5 months ago

A thief to be

Looking for opportunity

load more comments (4 replies)