Microsoft Recall Fails to Block Sensitive Data Capture, Posing Security Risks
By
rntn
A five-star bake. Worth schmearing, sharing, saving.
Summary
Microsoft Recall, an AI app designed to capture and search PC activity, fails to filter sensitive information like credit card numbers and passwords despite security promises. Exclusive tests reveal vulnerabilities, making it a potential target for thieves. The app was introduced in 2024 for Copilot+ PCs with a dedicated Neural Processing Unit (NPU) but faced security issues leading to its temporary withdrawal.
Key quotes
· 3 pulledMicrosoft Recall, the AI app that takes screenshots of what you do on your PC so you can search for it later, has a filter that's supposed to prevent it from screenshotting sensitive info like credit card numbers. But a The Register test shows that it still fails in many cases, creating a potential treasure trove for thieves.
Recall was introduced in 2024 as an exclusive app on Copilot+ PCs, which are laptops that come with a dedicated Neural Processing Unit (NPU) to help with AI-related tasks.
Our tests have shown there are ways to get around the promised security improvements.
You might also wanna read
App Developers Block Microsoft's Recall Feature Over Privacy Concerns
Microsoft's Recall feature, which automatically screenshots activities on Copilot Plus PCs, is facing opposition from app developers like Si
The Verge·10mo ago
Microsoft's NLWeb Protocol Faces Early Security Flaw, Exposing Sensitive Data
Researchers discovered a critical vulnerability in Microsoft's NLWeb protocol, which was recently introduced as a revolutionary tool for int
The Verge·9mo ago