{"id":53081,"date":"2024-06-05T09:00:30","date_gmt":"2024-06-05T08:00:30","guid":{"rendered":"https:\/\/dataconomy.ru\/?p=53081"},"modified":"2024-06-05T09:00:30","modified_gmt":"2024-06-05T08:00:30","slug":"disable-microsofts-recall-ai-feature","status":"publish","type":"post","link":"https:\/\/dataconomy.ru\/2024\/06\/05\/disable-microsofts-recall-ai-feature\/","title":{"rendered":"Disable Microsoft\u2019s Recall AI feature or be ready to&#8230;"},"content":{"rendered":"<p>You might want to disable the Microsoft Recall AI feature when it&#8217;s ready, because of several significant cybersecurity concerns that have recently come to light. These issues could potentially compromise your data security.<\/p>\n<p>Microsoft has refuted allegations that Recall, a feature designed to enhance system-wide searches by remembering user activities on your PC, presents a privacy threat. However, two security researchers now assert that Recall significantly eases the process for hackers to access data from Windows 11 users.<\/p>\n<p>On Tuesday, cybersecurity expert Alexander Hagenah <a href=\"https:\/\/github.com\/xaitax\/TotalRecall?tab=readme-ov-file\" target=\"_blank\" rel=\"noopener\">unveiled<\/a> a demo tool that <strong>illustrates how malware can effortlessly exploit the saved data within the Recall function.<\/strong><\/p>\n<p>&#8220;The database is unencrypted. It&#8217;s all plain text,&#8221; Hagenah emphasized in his discussion with <em><a href=\"https:\/\/www.wired.com\/story\/total-recall-windows-recall-ai\/\" target=\"_blank\" rel=\"noopener\">Wired<\/a><\/em>, highlighting the vulnerability of how Recall stores information on a PC. &#8220;It&#8217;s a Trojan 2.0 really, built in.&#8221;<\/p>\n<figure id=\"attachment_53085\" aria-describedby=\"caption-attachment-53085\" style=\"width: 1920px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-53085\" src=\"https:\/\/dataconomy.ru\/wp-content\/uploads\/2024\/06\/Disable-Microsofts-Recall-AI-feature-or-be-ready-to_02.jpg\" alt=\"Disable Microsoft\u2019s Recall AI feature or be ready to\" width=\"1920\" height=\"1080\" title=\"\" srcset=\"https:\/\/dataconomy.ru\/wp-content\/uploads\/2024\/06\/Disable-Microsofts-Recall-AI-feature-or-be-ready-to_02.jpg 1920w, https:\/\/dataconomy.ru\/wp-content\/uploads\/2024\/06\/Disable-Microsofts-Recall-AI-feature-or-be-ready-to_02-768x432.jpg 768w, https:\/\/dataconomy.ru\/wp-content\/uploads\/2024\/06\/Disable-Microsofts-Recall-AI-feature-or-be-ready-to_02-1536x864.jpg 1536w\" sizes=\"auto, (max-width: 1920px) 100vw, 1920px\" \/><figcaption id=\"caption-attachment-53085\" class=\"wp-caption-text\">Microsoft has yet to make Recall widely available to consumers; currently (<a href=\"https:\/\/learn.microsoft.com\/en-us\/windows\/client-management\/manage-recall\" target=\"_blank\" rel=\"noopener\">Image credit<\/a>)<\/figcaption><\/figure>\n<p>Just a few days after Hagenah&#8217;s disclosure of his tool, named TotalRecall, another security researcher and ex-Microsoft employee, Kevin Beaumont, released a <a href=\"https:\/\/doublepulsar.com\/recall-stealing-everything-youve-ever-typed-or-viewed-on-your-own-windows-pc-is-now-possible-da3e12e9465e\" target=\"_blank\" rel=\"noopener\">blog post<\/a> detailing supposed vulnerabilities in the Recall feature.<\/p>\n<p><strong>Microsoft has yet to make Recall widely available to consumers; currently, it&#8217;s included in the preview release for Windows 11 version 24H2<\/strong>. This also provides early access to Recall for Windows PCs utilizing Arm processors, either directly or via a virtual machine.<\/p>\n<p>Upon testing the feature, Beaumont discovered that hackers or malware can easily access files saved by Recall, despite Microsoft&#8217;s assertion that it employs encryption. Beaumont noted that Recall saves information in a readily accessible database within the user&#8217;s AppData folder. Unexpectedly, the database stores this information in plaintext.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Microsoft told media outlets a hacker cannot exfiltrate Copilot+ Recall activity remotely.<\/p>\n<p>Reality: how do you think hackers will exfiltrate this plain text database of everything the user has ever viewed on their PC?  Very easily, I have it automated.<\/p>\n<p>HT detective <a href=\"https:\/\/t.co\/Njv2C9myxQ\" target=\"_blank\">pic.twitter.com\/Njv2C9myxQ<\/a><\/p>\n<p>&mdash; Kevin Beaumont (@GossiTheDog) <a href=\"https:\/\/twitter.com\/GossiTheDog\/status\/1796218726808748367?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener\">May 30, 2024<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Additionally, the database compresses the saved data tightly, allowing several months&#8217; worth of user history to be extracted from the PC in seconds. The risk emerges if a hacker deceives the user into installing malware that taps into the Recall database and covertly steals sensitive details such as passwords and financial account numbers. <strong>To mitigate this risk, it is crucial to disable Microsoft Recall AI feature whenever possible.<\/strong><\/p>\n<p>\u201cI think [Microsoft is] probably going to set fire to the entire Copilot brand due to how poorly this has been implemented and rolled out,\u201d Beaumont stated. \u201cIt\u2019s an act of self harm at Microsoft in the name of AI, and by proxy real customer harm.\u201d<\/p>\n<hr \/>\n<p style=\"text-align: center\"><strong><a href=\"https:\/\/dataconomy.ru\/2024\/06\/04\/telegram-combolists-we-are-all-hacked\/\">Telegram combolists <\/a>show that we are all hacked<\/strong><\/p>\n<hr \/>\n<p>These revelations prompted Hagenah to develop TotalRecall. In his GitHub posting, Hagenah highlights that Recall &#8220;stores everything locally in an unencrypted SQLite database, and the screenshots are simply saved in a folder on your PC.&#8221;<\/p>\n<p>These findings come amid growing concerns from many security and privacy experts who have labeled Recall as a potentially invasive spyware threat. Microsoft did not immediately respond to requests for comment. However, the company has previously indicated that it is still collecting user feedback on Recall to help develop more controls for the technology and enhance the overall user experience. <strong>Nevertheless, users have observed that Recall is enabled by default on new Windows 11 Copilot+ PCs, making it crucial to disable Microsoft Recall AI feature to avoid potential security risks.<\/strong><\/p>\n<figure id=\"attachment_53084\" aria-describedby=\"caption-attachment-53084\" style=\"width: 1200px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-53084\" src=\"https:\/\/dataconomy.ru\/wp-content\/uploads\/2024\/06\/Disable-Microsofts-Recall-AI-feature-or-be-ready-to.jpg\" alt=\"Disable Microsoft\u2019s Recall AI feature or be ready to\" width=\"1200\" height=\"694\" title=\"\" srcset=\"https:\/\/dataconomy.ru\/wp-content\/uploads\/2024\/06\/Disable-Microsofts-Recall-AI-feature-or-be-ready-to.jpg 1200w, https:\/\/dataconomy.ru\/wp-content\/uploads\/2024\/06\/Disable-Microsofts-Recall-AI-feature-or-be-ready-to-768x444.jpg 768w\" sizes=\"auto, (max-width: 1200px) 100vw, 1200px\" \/><figcaption id=\"caption-attachment-53084\" class=\"wp-caption-text\">Microsoft has previously indicated that it is still collecting user feedback on Recall to help develop more controls for the technology and enhance the overall user experience (<a href=\"https:\/\/learn.microsoft.com\/en-us\/windows\/ai\/apis\/recall\" target=\"_blank\" rel=\"noopener\">Image credit<\/a>)<\/figcaption><\/figure>\n<h2>How to disable the Microsoft Recall AI feature?<\/h2>\n<p>If you&#8217;re concerned about the privacy and security implications of the Microsoft Recall AI feature, you can disable it by following these steps, when it reaches your PC:<\/p>\n<ol>\n<li><strong>Locate Recall on the taskbar<\/strong>: When you reach your desktop, you&#8217;ll find Recall pinned to the taskbar.<\/li>\n<li><strong>Check the system tray<\/strong>: Look for the Recall snapshot icon in the system tray, which indicates when Windows is actively saving snapshots of your activity.<\/li>\n<li><strong>Access settings<\/strong>:\n<ul>\n<li>Click on the <strong>Start<\/strong> menu and select <strong>Settings<\/strong>.<\/li>\n<li>Navigate to <strong>Privacy &amp; security<\/strong>.<\/li>\n<\/ul>\n<\/li>\n<li><strong>Disable Recall &amp; snapshots<\/strong>:\n<ul>\n<li>Under Privacy &amp; security, find and select <strong>Recall &amp; snapshots<\/strong>.<\/li>\n<li>Here, you can toggle the option to save snapshots on or off according to your preference.<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<p>By following these steps, you can ensure that the Recall feature is disabled, helping to safeguard your personal data and maintain your privacy.<\/p>\n<h2>A bad reputation<\/h2>\n<p>Microsoft has a history of setting features to default without user consent, much like requiring a Microsoft account for installing Windows. According to cybersecurity experts, this trend might continue with the Recall feature. Kevin Beaumont mentioned on Twitter that Microsoft has hinted at possible changes to Recall before the release of Copilot+ consumer devices, although officially, they have remained silent on the matter.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Apparently Microsoft have off the record briefed they may make changes to Recall before Copilot+ consumer devices drop (soon). On the record they\u2019ve no commented about everything. <a href=\"https:\/\/t.co\/AjT37vuEfb\" target=\"_blank\">https:\/\/t.co\/AjT37vuEfb<\/a><\/p>\n<p>&mdash; Kevin Beaumont (@GossiTheDog) <a href=\"https:\/\/twitter.com\/GossiTheDog\/status\/1797947115831976147?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener\">June 4, 2024<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Zac Bowden added that users are likely to be prompted to enable Recall during setup, with the option to opt out. This situation suggests that the current issues with default settings in Microsoft products are neither the first nor likely the last.<\/p>\n<hr \/>\n<p><strong>Featured image credit: <a href=\"http:\/\/linkmedya.com\" target=\"_blank\" rel=\"noopener\">Kerem G\u00fclen\/Midjourney<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>You might want to disable the Microsoft Recall AI feature when it&#8217;s ready, because of several significant cybersecurity concerns that have recently come to light. These issues could potentially compromise your data security. Microsoft has refuted allegations that Recall, a feature designed to enhance system-wide searches by remembering user activities on your PC, presents a [&hellip;]<\/p>\n","protected":false},"author":584,"featured_media":53086,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jnews-multi-image_gallery":[],"jnews_single_post":{"source_name":"","source_url":"","via_name":"","via_url":"","override_template":"0","override":[{"template":"5","single_blog_custom":"","parallax":"0","fullscreen":"0","layout":"right-sidebar","sidebar":"default-sidebar","second_sidebar":"default-sidebar","sticky_sidebar":"0","share_position":"float","share_float_style":"share-normal","show_share_counter":"1","show_view_counter":"1","show_featured":"1","show_post_meta":"1","show_post_author":"1","show_post_author_image":"1","show_post_date":"1","post_date_format":"default","post_date_format_custom":"Y\/m\/d","show_post_category":"1","show_post_reading_time":"0","post_reading_time_wpm":"300","show_zoom_button":"0","zoom_button_out_step":"2","zoom_button_in_step":"3","show_post_tag":"1","show_prev_next_post":"0","show_popup_post":"0","number_popup_post":"1","show_author_box":"0","show_post_related":"1","show_inline_post_related":"0"}],"override_image_size":"0","image_override":[{"single_post_thumbnail_size":"no-crop","single_post_gallery_size":"crop-715"}],"trending_post":"0","trending_post_position":"meta","trending_post_label":"Trending","sponsored_post":"0","sponsored_post_label":"Sponsored by","sponsored_post_name":"","sponsored_post_url":"","sponsored_post_logo_enable":"0","sponsored_post_logo":"","sponsored_post_desc":"","disable_ad":"0"},"jnews_primary_category":{"id":"","hide":""},"jnews_social_meta":{"fb_title":"","fb_description":"","fb_image":"","twitter_title":"","twitter_description":"","twitter_image":""},"jnews_override_counter":{"override_view_counter":"0","view_counter_number":"0","override_share_counter":"0","share_counter_number":"0","override_like_counter":"0","like_counter_number":"0","override_dislike_counter":"0","dislike_counter_number":"0"},"footnotes":""},"categories":[3540],"tags":[2610,639,16261],"coauthors":[9895],"class_list":["post-53081","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-featured","tag-microsoft","tag-recall"],"_links":{"self":[{"href":"https:\/\/dataconomy.ru\/wp-json\/wp\/v2\/posts\/53081","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dataconomy.ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dataconomy.ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dataconomy.ru\/wp-json\/wp\/v2\/users\/584"}],"replies":[{"embeddable":true,"href":"https:\/\/dataconomy.ru\/wp-json\/wp\/v2\/comments?post=53081"}],"version-history":[{"count":0,"href":"https:\/\/dataconomy.ru\/wp-json\/wp\/v2\/posts\/53081\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dataconomy.ru\/wp-json\/wp\/v2\/media\/53086"}],"wp:attachment":[{"href":"https:\/\/dataconomy.ru\/wp-json\/wp\/v2\/media?parent=53081"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dataconomy.ru\/wp-json\/wp\/v2\/categories?post=53081"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dataconomy.ru\/wp-json\/wp\/v2\/tags?post=53081"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/dataconomy.ru\/wp-json\/wp\/v2\/coauthors?post=53081"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}