During the launch of Surface three weeks ago, Microsoft showed the Recall feature that allows the Copilot+ PC to remember all the activities done by the user. It is seen as a tool that will be able to solve the problem of users forgetting where files are stored, searches that have been performed and pages visited.
But now Kevin Beaumont, a cyber security expert who used to work at Microsoft says he discovered some serious security risks after trying Recall. According to him, all the information detected on the screenshot by Recall is stored on the computer in the form of an SQLite database that is not encrypted by Windows 11.
More seriously according to him if you send a message that should be deleted, Recall will not delete the screenshots that have been taken during the session using the messaging application. If this SQLite data can be accessed by a certain party, it can easily reveal various user activities and at the same time is a serious security risk.
By default Recall is enabled on all Copilot+ PCs but can be turned off by the user. Users are also given the power to limit what Recall can record. However the menu to deactivate it is not easy to find.
The good news here is that at this point Recall is not yet offered to all users and is limited to Copilot+ PCs with Snapdragon X Elite and X Plus chips only. It will only be given to PCs with AMD Ryzen AI 300 chips that haven't been sold yet. To other Windows 11 users, this feature will not be provided because your computer does not have an NPU with sufficient Ai capabilities.