Kevin Beaumont
I'm trying to map out time to go back and deep dive on Microsoft Recall and security implications and changes since last year.
Are there any current writeups on it? I'm trying to figure out what needs concentrating on - when I'm googling, I'm just finding my own blog.
Xavier Ashe :donor:
@GossiTheDog Here's one tool that may help you figure out a plan of attack.
https://github.com/xaitax/TotalRecall
Ainsley Lowbeer
@GossiTheDog Do you have a Copilot PC?
Xavier Ashe :donor:
@GossiTheDog And this article is the most recent thing I've seen. Good bits of details here.
https://nguard.com/sa-microsofts-recall-saga-continuous-coverage-and-latest-news/
Kevin Beaumont
summon @tiraniddo
CannedTuna
Not sure if this helps, it links a few demonstrations of vulnerabilities. One is a link to a tool someone else already mentioned, one is to you, and another is to someone on xitter.
https://www.securityweek.com/researchers-show-how-malware-could-steal-windows-recall-data/
James Forshaw :donor:
@GossiTheDog I never managed to the get the updated version working on the ARM CoPilot laptop I bought specifically for that purpose. I don't know of any current write ups other than the puffery from MS.
I'd certainly focus on the encryption, how it ties into Windows Hello, whether there's any obvious bypasses and also whether you can still hoover up the details _if_ the user has unlocked it first (as in how hard is it to access the database once the key is available).
Kevin Beaumont
After a bunch of discussions with a bunch of folks, it’s pretty clear there’s been zero published research on Copilot Recall in almost a year - all the news articles have just reprinted Microsoft’s talking points saying it is secure now.
So that’s not in a happy place.
Alex Hagenah
@GossiTheDog @Xavier I briefly did in the early versions after re-release on Insider. Found some smaller things, but will have a deeper look once it's considered final.
Kevin Beaumont
I set aside 7 hours today to set a fresh Copilot+ PC up (I want to make 100% sure it is representative) and investigate the security of Microsoft Recall in depth..
I’m currently 6 hours in and I’m still waiting for updates to install to get Recall working. The initial Copilot+ Windows setup failed three times too as sdx.microsoft.com kept going offline, I had to debug the setup process.
Kevin Beaumont
After 10 hours, I've finally got Recall installed.
Kevin Beaumont
Okay, the Recall database is still an SQLite database in AppData. Same path.
Accessible without admin rights and without triggering UAC using TotalRecall.
It's encrypted using a .net now, AesGcm - https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.aesgcm
I think I've found the decryption key, one for another day as I've teevee to watch now.
Kevin Beaumont
Some first impressions with Recall is they definitely took some feedback on board
- the Windows setup does ask you if you want to enable now
- first setup needs Windows Hello with biometrics (doesn't work with PIN), checked and it doesn't save anything before that
- it scans (don't know how effective) for passwords and attempts to exclude from snapshots, by default
Architecture under the hood is still largely the same as May last year. The userland processes are taking over 1.2gb of RAM.
Kevin Beaumont
Snapshot processing is actually done on the NPU now it appears, at least there's usage. Prior it actually ran on CPU.
Carsten
@GossiTheDog For whatever reason do you ever want to enable such a surveillance system?
Kevin Beaumont
One big thing to be aware of for domestic violence scenarios - I just managed to access the Recall UI (to browse and search snapshots) using my Windows Hello PIN. It doesn't need biometrics, that failed for me as the light isn't on in my room.
AnneH
@Infoseepage @GossiTheDog Not just yourself. If you're on say, a Teams call then it'll clock the other people, and them you if they have it. I realise ppl could have taken screengrabs anyway, but this takes it to another level.
Kevin Beaumont
Here's what the folder structure looks like, it's basically the same as before.
Kevin Beaumont
Recall still scoops up WhatsApp and Signal chats, haven't tried others yet. Fully searchable and stored as text in the local Recall database. My blur on screenshot.
🌱 Ligniform :donor:
@GossiTheDog Does it still refuse to pick up on DRM though?
da_667
@GossiTheDog 1.2gb of ram. holy shit, lmao.
Rodeo
@GossiTheDog So... It's literally a digital print scanner for oil companies?
Kevin Beaumont
They've done a lot of work on Recall under the hood, it's definitely improved. It needs a lot of time spending on it to properly assess, and right now I've got trash TV (Celebrity Big Brother!) to watch.
IMHO they should allow apps to exclude themselves easily, an API or some such, for privacy scenarios.
RootWyrm 🇺🇦:progress:
@da_667 @GossiTheDog oh, it's even more trivially readable. Because I can pretty much fucking guarantee you that the SQLite isn't ACTUALLY encrypted. Because presumably they're using Microsoft.Data.Sqlite. Which means no proper encryption. So there's a fleet of trucks sized hole there.
https://learn.microsoft.com/en-us/dotnet/standard/data/sqlite/encryption?tabs=net-cli
da_667
@GossiTheDog ..which means that its recoverable by bad guys, which means that this is just as much an infostealer now as it was before.
NosirrahSec 🏴☠️ guillotine enthusiast
@GossiTheDog Explicit exclusions on all apps unless opted in, by the fucking user, or "the org" if it's on an enterprise license.
James Widman
@GossiTheDog request for clarification: is there an option to install windows 11 *without* installing Recall?
If it's optional: is it an opt-in thing or an opt-out thing?
Drew Mochak
@GossiTheDog This is default behaviour you can change, right? Can you exclude them (and other apps) from the snapshots? I imagine it hoovers up an incredible amount of sensitive stuff by default. Probably not something most people are aware of when they buy their new Del!
axleyjc
@GossiTheDog @NosirrahSec how are they determining when a browser window is a private browsing window? Using their privileged OS position to snoop on window titles?
Liam
@GossiTheDog @liachra
Stored as plaintext? This is beyond a mistake, this is intentional. What the hell is Microsoft thinking?!
GeneralX ⏳
@GossiTheDog what about Teams and Outlook?
Kevin Beaumont
Searching for cat finds a @da_667 post via visual recognition, of course.
Kevin Beaumont
When you press "File Explorer results" in Microsoft Recall, you get this security prompt every time saying it may be harmful to your computer (it happens for any search). When you press "How do I decide wherever to open this file?", it redirects to https://support.microsoft.com/en-us/windows which is a generic Windows website with no help at all
Another thing I've noticed is Recall frequently craps out and stops taking snapshots. E.g. today it hasn't snapshot Vivaldi (a web browser) at all - but it did yesterday
Kevin Beaumont
Recall captures video games continuously while playing too, and classifies the images on each screenshot and OCRs text on the screen, you can search for animals and it finds animal NPCs and such 😆 :catjam:
Kevin Beaumont
One other thing I've noticed - if you disable Recall, reboot, then set it back up - it works without biometrics, I covered the camera and it will reenable with just the user PIN.
Kevin Beaumont
What Recall looks like in action - it captures me writing the above tool, and also the bit I deleted.
And if you're wondering why it's capturing Vivaldi again now - I removed Signal from the list of apps not to capture. If you add Signal, it stops capturing Vivaldi - I've no idea why.
Kevin Beaumont
Here's another example - I searched for "cat on some books", it found it via the visual prompt. The text with backgrounds is all indexed too.. and the text on the books in the photo is also indexed, there's me copying some handwriting on a book. Even the vertical text in the photo is indexed into the local database.
I private messaged somebody a photo of a friend here, which has never been public - it indexed it and identified who the friend was. On a technical level it's really impressive.
raspberryswirl
@GossiTheDog wait a sec, you have this active and using mastodon? 😅
raspberryswirl
@GossiTheDog nightmare communicating with someone who has this active, without knowing ofc
Carsten
@GossiTheDog I wonder how this impacts performance of the games. Me basically playing Factorio but for upcoming BL4 I think I will stay on Win10 for a while.
Kevin Beaumont
Here's another Recall issue I see.
I have the sensitive information filter option enabled, highlighted. If I update my credit card on Microsoft's website, it captures the card number, CVV and details, and indexes it into the text database too and stores it under 'credit card', accessible in search.
The only details obscured are by me altering the screenshot to remove some PII.
João Tiago Rebelo (NAFO J-121)
@ninjascum as long as someone you have contact with uses this, your PII will be at risk whatever the OS you use. That's what @GossiTheDog has saved us from once (and I hope he and others can do it again).
ninjascum
@GossiTheDog That's why I'm on Linux for more than 20 years...you should switch too.
Kevin Beaumont
I’ve been using Recall for a few weeks now on my daily driver.
It scooped up my credit card statements after I logged into online banking - both screenshots (text indexed) of the PDFs, transaction history from the website, and my name, date of birth and security question reminders.
Sensitive filtering mode only kicked in when I viewed my cards CVV number.
Worth excluding bank websites from Recall’s options, if you see it enabled.
Wuzzy
@GossiTheDog 😂 This really is the gift that keeps on giving. Why did anyone think this was a great idea?
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.