Microsoft recently announced a technology that contains a feature that is leading some in security to scratch their heads and wonder: “What were they thinking?”
Called Copilot+, it brings artificial intelligence and search to local desktops in a bundle that is making many question whether it’s going to be a game-changer or a new way for attackers to gain information without letting us know that they’ve gained access.
Announced at the 2024 Build developer conference, Copilot+ is currently only supported on certain processors — computers that do not have high-performing CPU, GPUs or neural processing units (NPU) will be unable to take advantage of this new feature. Those Windows 11 Intel or AMD systems you’ve been deploying won’t cut the mustard at this time.
But that’s not what has some in the security industry concerned. Additional software called Recall will take snapshots and images and store them locally on the device so that you can review and roll back to remind yourself of what file, website, or app you were using in the past.
The Recall feature introduces some alarming possibilities
As Microsoft states: “Now with Recall, you can access virtually what you have seen or done on your PC in a way that feels like having photographic memory. Copilot+ PCs organize information like we do — based on relationships and associations unique to each of our individual experiences. This helps you remember things you may have forgotten so you can find what you’re looking for quickly and intuitively by simply using the cues you remember.”
Microsoft indicates that these files of “recall” images will only be available to the user, cannot be accessed in the cloud, and will be protected by encryption on the device. In the second half of 2024, Microsoft will enable encryption on the device by default, even on Windows Home computer systems, whereas in the past, encryption was enabled by logging in to a Microsoft account or Entra ID and the recovery key password was automatically saved.
For some, the idea that a Windows system is now taking screenshots of your activities and may (should it grab an image and you haven’t sanitized) even include passwords gives one pause — there is already third-party software in the marketplace that can track and record what a user does on their systems in a corporate environment. Activtrak, for example, can identify what a user does on their systems so that companies can identify personal versus productive time being spent.
Recall could potentially create privacy concerns when capturing user activity
This sort of software brings with it concerns over privacy. In the case of employer monitoring of computer systems, the rise of remote work has led to increased use of such software, which will often monitor keystrokes, screenshots of what the users are looking at, and in some cases, webcam images.
In most jurisdictions, employers are required to inform employees that they have the right to monitor users and their behavior when using company equipment. But the requirements for explaining exactly what software is being used and what or who is being monitored and when are often vague and ill-defined.
The same is not true for personal devices, which is why an employee should not perform personal tasks on an office computer, nor work tasks on a personal device.
When using anything like the Recall feature, CISOs will want to ensure that employees are informed and sign an acknowledgement in their employee manual that they understand that they are being monitored and are aware of what could potentially be monitored.
Make sure you’re aware of local laws around employee monitoring
You’ll need to be aware of the laws governing such monitoring in the areas where your firm does business. What might be acceptable in one region may not be allowed in another. German and EU privacy policies often set a standard for software use that may not need to be followed in other parts of an organization.
In the United States, employers can monitor communication with customers by presenting a legitimate business reason for doing so. Employers can look at employee’s sent emails — once sent, emails are deemed to be in electronic storage and thus the firm is permitted to review them.
Does Microsoft’s Recall software act as monitoring software? In reality, no. The software is only enabled if the user turns it on during setup or at a later time. It is not saved to the cloud and thus only saved in the user profile, protected by encryption. At this time there is no cloud console to allow employers to monitor what is being saved, nor is there any such console planned.
Could Copilot+ Recall give attackers access to private info?
However, given recent security issues with Microsoft software and threat actors, the concern is that attackers may be able to gain access to this private information. Bad actors are already able to install software on systems through phishing — if they already have that kind of access, it’s possible they may be able to silently enable Recall and mine the resulting data.
The concern comes into play when users use passwords or sensitive information. As noted by Microsoft, “, Recall does not perform content moderation. It will not hide information such as passwords or financial account numbers. That data may be in snapshots that are stored on your device, especially when sites do not follow standard internet protocols like cloaking password entry”.
Microsoft goes on to say that Recall snapshots are kept on the local hard disk of Copilot+ PCs and are protected using data encryption on the device and (if you have Windows 11 Pro or an enterprise Windows 11 SKU) BitLocker.
“Recall screenshots are only linked to a specific user profile and Recall does not share them with other users, make them available for Microsoft to view, or use them for targeting advertisements,” the company said.
“Screenshots are only available to the person whose profile was used to sign in to the device. If two people share a device with different profiles they will not be able to access each other’s screenshots. If they use the same profile to sign in to the device then they will share a screenshot history. Otherwise, Recall screenshots are not available to other users or accessed by other applications or services.”
Some have already found ways to manipulate Recall
Some users have already set out to demonstrate that it is possible to exfilitrate data created when using Recall. Github user xaital recently posted TotalRecall, a proof of concept tool that “extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC’s activity snapshots.”
Cybersecurity researcher and blogger Kevin Beaumont recently detailed metholds on his DoublePulsar blog that could be used to steal data using Recall after obtaining Copilot+ software and experimenting with it. Beaumont found that he could exfiltrate his own Recall database.
“Recall enables threat actors to automate scraping everything you’ve ever looked at within seconds,” Beaumont wrote.
“During testing this with an off-the-shelf infostealer, I used Microsoft Defender for Endpoint — which detected the off-the-shelf infostealer — but by the time the automated remediation kicked in (which took over 10 minutes) my Recall data was already long gone,” he wrote.
“I have automated exfiltration, and made a website where you can upload a database and instantly search it.”
Use when you understand the risks and monitor accordingly
In the 10 basic foundations of Microsoft security from years ago, Law No. 1 states: “If a bad actor can persuade you to run their program on your computer, it’s not solely your computer anymore.” With Recall, Microsoft runs the risk of breaking its own security law — though to be fair, every operating system is similarly vulnerable.
Does Microsoft Recall bring more insecurity to the Windows operating system? I’d argue that we already make it easy for attackers to gain access and that this is just another avenue that attackers can use to gain more information and should be treated like any other risk we face now — only enable when you understand the risks and monitor accordingly.