Kevin Beaumont, a security researcher, has raised concerns about the vulnerability of Microsoft’s Windows Recall feature. Despite delays in its release due to privacy and security issues, the latest preview version of Recall remains susceptible to cyberattacks. Beaumont highlighted the “TotalRecall” exploit developed by researcher Alex Hagenah, which can still be used to access the database with minimal effort.
Beaumont also criticized Microsoft’s bug bounty program for Recall, stating that the reward of $10,000 for discovering high-severity vulnerabilities is insufficient considering the value of the data at risk. He emphasized the need for clarity on the security measures in place and expressed concerns about the growing list of features being added to Recall without addressing existing vulnerabilities.
Reports suggest that Recall may be included in upcoming releases, such as the Windows 11 24H2 preview, set to be officially released in the fall. The Cyber Express has reached out to Microsoft for comment on these security concerns.
Google Preps ‘Pixel Screenshots’
In response to Microsoft’s Recall feature, Google is reportedly developing a similar technology called “Pixel Screenshots” for its upcoming Pixel 9 devices. Unlike Recall, Pixel Screenshots will only analyze screenshots taken by the user and add metadata such as app names and web links. The data will be processed locally by an AI, enhancing search capabilities and enabling users to ask questions about their screenshots.
Google’s approach to implementing this feature appears to prioritize privacy and user control, aiming to avoid the controversy surrounding Recall. With the new multimodal version of Gemini Nano, Pixel Screenshots is expected to offer a more secure and user-friendly experience for Pixel device users.