Now that everyone's had a few weeks to contemplate Microsoft's Recall feature getting shoved into the next major Windows update, the consensus seems to be that Recall is a security nightmare. While the LLM/AI stuff is run locally and data is encrypted (if you have Bitlocker enabled), it is "trivially easy to grab and scan through a user's Recall database" because "admin access to the system isn't required to read another user's Recall database" and the "SQLite database is stored in plain text, and data in transit isn't encrypted, either". There's already a Python script called TotalRecall that "copies the databases and screenshots and then parses the database for potentially interesting artifacts". The fact Microsoft will enable this by default for all Windows users, for all apps, is incredibly careless. No thought given by Microsoft as to how Recall can be abused or even how to limit the damage when abuse inevitably happens.
If you liked this tiny snippet of content from The Sizzle - Australia's favourite daily email containing the latest tech news & bargains - then sign up for a 30-day free trial below. No credit card required! Learn more about The Sizzle at https://thesizzle.com.au