Hacker Tool Extracts All the Data Collected by Windows' New Recall AI

44 points by LookAtThatBacon 1 year ago | 22 comments
  • LookAtThatBacon 1 year ago
    This stood out to me:

    "Dubbed TotalRecall—yes, after the 1990 sci-fi film—the tool can pull all the information that Recall saves into its main database on a Windows laptop. “The database is unencrypted. It’s all plain text,” Hagenah says."

    • donkulous 1 year ago
      Is Microsoft intentionally making this exploitable? I knew it was only a matter of time before Recall would be compromised, but this shows they aren't even trying to secure it.
      • Terr_ 1 year ago
        The opposite extreme is also worrisome: Imagine if they tried to make it totally opaque and impossible to read even by the user generating the data--that'd be a different kind of Messed Up.

        P.S.: I'm sympathetic to the concept that "whole-disk encryption will protect this from most thieves", but I hope there's at least a little more defense-in-depth against other programs running as the user, snooping on that data without user-permission.

        I mean, a malicious third-party screen-capture/keylogger program might be detectable by heuristics, but not-so-much if it can just indirectly draw from the stream of data being generated by pre-approved default program from the OS manufacturer...

        • rtev 1 year ago
          It’s supposedly only accessible to LocalSystem. If they were to encrypt it, it could just be decrypted anyway. Still, it’s a huge liability and a major blunder by Microsoft.
          • tsujamin 1 year ago
            Wonder if they could enclave it similar to Cred Guard
          • ziml77 1 year ago
            They recently added encryption separate from Bitlocker that applies per-user and only unlocks when you log in. It's possible they're using that.
            • 486sx33 1 year ago
              Seems like BitLocker is highly compromised… too bad it was a good concept
          • conradev 1 year ago
            At least Rewind encrypts their database
          • rsynnott 1 year ago
            The AI threats we were promised: Roko's Basilisk etc.

            The AI threats we received: People collecting tons of sensitive data in a really stupid manner because it is important to be able to make lots of press releases containing the word 'AI' while the market bubble lasts.

            • mpalmer 1 year ago
              Would love to know the ratio of marketing spend to R&D on this thing.
              • gigel82 1 year ago
                My guess is this was never supposed to be the marquee feature for Copilot PC, but likely whatever else they had either slipped or was cut so they had to push this half-baked crap to the front.
              • xyst 1 year ago
                I want to know which idiot at MS headed this effort. That person and anybody that green lit this operation needs to be 86’d.

                I haven’t held Windows in high regard in a long time but they somehow managed to lower the bar even further

                • adventured 1 year ago
                  I've been using only Windows (and DOS) since version 2. I've entirely disregarded Linux desktop, until now. I won't be moving on to Windows 11 etc. This is where Microsoft and I part ways. It's clear they plan to make AI on Windows hyper intrusive and privacy violating, and there's no way to trust them with the data they're going to accumulate (which will inevitably end up in the hands of criminals and governments).
                  • stuartd 1 year ago
                    • parpfish 1 year ago
                      Curious what the folks at RewindAI think about this debacle of a product.
                      • toomuchtodo 1 year ago
                        Sherlocked. It was inevitable considering the ease of capturing local user data and enriching it, and a bit naive to think these capabilities wouldn’t get baked into the OS. But if you don’t try, you don’t have a chance to get acquired by an org way bigger and lazier who’d rather write a check than do the work.

                        We’ve just come back to a fancier Google Desktop search. It doesn’t need to be great if you have scale (Teams vs Slack uptake, for example). Rewind has to actively sell, sing for their meal. Everyone buying Windows is still going to buy Windows, Microsoft has plenty of time to iterate and polish.

                        > In September 2011, Google announced it would discontinue a number of its products, including Google Desktop. The reason given was that "In the last few years, there’s been a huge shift from local to cloud-based storage and computing, as well as the integration of search and gadget functionality into most modern operating systems. People now have instant access to their data, whether online or offline. As this was the goal of Google Desktop, the product will be discontinued."

                        What is old is new again.

                        https://en.wikipedia.org/wiki/Google_Desktop

                        • agg23 1 year ago
                          I'm very curious if they've seen reactions like this. In my mind Rewind is more egregious privacy wise, though it does have the advantage of being very unknown and default off, compared to built into Windows.
                          • parpfish 1 year ago
                            When I first saw a rewind demo my initial reaction was “good lord, don’t install that on my computer”

                            I was shocked to see people excited by it

                        • gnabgib 1 year ago
                          Discussion [0] (77 points, 6 hours ago, 80 comments)

                          [0]: https://news.ycombinator.com/item?id=40577894

                          • gigel82 1 year ago
                            You too can be a hacker by using... get this... any SQLite client/library of your choice. You're welcome!
                          • 486sx33 1 year ago
                            Well, that was fast! I’m glad it was disclosed
                            • 1 year ago
                              • yoyohello13 1 year ago
                                [flagged]