TFA says it's encrypted at rest, with Bitlocker. When running, the data is accessible only to the SYSTEM user. That's exactly how I'd expect to implement this on Windows, I'm not sure what else you could do while offering the features it does.
The insecurity stems from the concept of Recall, not its implementation.
The main threat is from malware that compromises SYSTEM, or whatever user interface is offered onto Recall.
There's a second-order threat too - Microsoft changing their privacy policy in 1,2,3 years and feeding it to their AI models & 2317 advertising partners. Sure there'll be an opt-out - a paper form in a basement filing cabinet, with a sign saying "beware of the leopard" etc.
There's just no secure way of implementing a feature that collects and stores an enormous amount of new personal data.
That's like calling most disk encryption "unencrypted": When you decrypt on boot or with veracrypt, the files become accessible to all running processes that can access disks.
Based on the article, it is encrypted, but you can access it without manually decrypting it on every access.
mattbee|1 year ago
TFA says it's encrypted at rest, with Bitlocker. When running, the data is accessible only to the SYSTEM user. That's exactly how I'd expect to implement this on Windows, I'm not sure what else you could do while offering the features it does.
The insecurity stems from the concept of Recall, not its implementation.
The main threat is from malware that compromises SYSTEM, or whatever user interface is offered onto Recall.
There's a second-order threat too - Microsoft changing their privacy policy in 1,2,3 years and feeding it to their AI models & 2317 advertising partners. Sure there'll be an opt-out - a paper form in a basement filing cabinet, with a sign saying "beware of the leopard" etc.
There's just no secure way of implementing a feature that collects and stores an enormous amount of new personal data.
GartzenDeHaes|1 year ago
It's a keylogger -- the system IS the malware.
ketzu|1 year ago
Based on the article, it is encrypted, but you can access it without manually decrypting it on every access.