this new windows feature should make you VERY nervous

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
Microsoft recall a new AI tool by Microsoft is one of the biggest mistakes in terms of privacy that I've ever heard of in the history of computing if you don't know what recall is in this video we'll break down what recall is why I think it's such a security issue and we'll talk about the troves of people that are actually leaving the windows Community to use Linux as desktop just to avoid this feature now if you're new here hi my name is Ed this is lowle learning a channel where I make videos about software and security so if you like that stuff or just want to hang out hit that sub button I really appreciate it so what is Microsoft recall well the idea behind Microsoft recall at face value is actually pretty cool when it comes to the modern user right the regular user who just wants to use their computer more efficiently and more effectively so let's say for example and I'm going to repeat basically the example that Microsoft gave let's say for example you knew that sometime in the past you were looking at brown leather bags but you couldn't really remember exactly what program you're using or what website you're using to look at that piece of information what recall does is recall is taking a screenshot of your computer every 5 seconds and it's taking that screenshot and within your computer so locally it's running an instance of azure AI which is Microsoft's proprietary AI model and it's using the internal npu or the neural Processing Unit which is different than your CPU it's using the npu in your computer to do OCR of data and text in in that image to add metadata to that image and be able to search through it to look for that brown leather bag so you can go through and you can just search in the Microsoft recall prompt hey I'm looking for a time that I was looking at brown leather bags or if you knew generally the time you're looking at it you can go through and look at all the screenshots of your computer now again from a basic user perspective sounds pretty cool I mean it'd be pretty sweet if you know I remember I was watching a video about you know a cool car can't remember exactly what the video was and I could just type in Ferrari and like there you go you get the video but again I think some people probably my audience that's watching this video right now will go back to what I just said where Microsoft is taking a screenshot of your computer every 5 seconds and immediately have issues with that now the first concern was that what is Microsoft doing with these pictures a Microsoft executive promised that the screenshots and metadata were all being hosted and processed locally and that is true there is right now no evidence for computers that have recall enabled that any of that Telemetry is going out to Microsoft all the processing is done again locally on your npu so the data exists on your computer and then your mpus is doing the processing so then the question you're probably asking is why is this such a security vulnerability well there are two I think primary issues that I have with this the first being yes the data is stored locally it is good that Microsoft is not collecting it up to the cloud you don't want Microsoft to have access to that data even if it's encrypted you get into this question of who has the keys where does all that key information live but from a personal privacy standpoint if I had a folder on my desktop and it said tax information right I would be very nervous that if I ever got hacked that that folder would be targeted as a piece of information that a hacker could take and use to hold me Ransom use to steal my Identity or anything like that consider the case that now instead of having a folder called tax information I literally have an infinitely long tape reel of everything I've done on my computer ever as well as metadata that can be searched through that is just like text that you can search to see what kind of things I'm doing on my computer so for example if someone wanted to know if I were interested in Magic the Gathering to Target me in a social engineering campaign they could literally just search in that data Magic the Gathering and see that I'm that kind of person also maybe an authoritarian government if they were to collect this data off of me and then they were able to search if I were looking at something that was deemed you know not suitable by that government they could use that in this panopticon to kind of tag me as a as a denter right there's a lot of really really dangerous things that happen when you have this kind of information stored about you literally anywhere and again the idea is that it's stored locally but if you make one mistake and get hacked one time your entire personality your entire lifestyle and browsing history are leaked to the person that that hacked you much like I wouldn't store my social security number in plain text on my desktop in please don't read this. txt I don't want to leave a trace of all the things I've ever done on my computer for somebody to possibly take in the future now you're probably thinking maybe there are ways we can securely store this data in a way that if a hacker were to get into the computer they couldn't access it well a recent wired article actually showed that the ways that Microsoft promised the data was stored were actually not not entirely true the first thing they said was that the screenshots that recall takes are going to be encrypted at rest meaning that you can't go and view the screenshot after it's taken it lives in a way that you are not able to access it if the program that runs recall is able to access the data there is a way for the computer to decrypt it and open it which means that somebody running at the same privilege level as recall meaning you're able to elevate to system level is able to open that data now how do we Elevate the system level right do we need to be administrator to open the recall data the thought was that you have to be admin on the computer so of course if you get hacked maybe they're not admin level when they hack into you so the recall access isn't possible and it doesn't really matter a researcher at project zero actually just figured out by doing basic Windows token impersonation which if you don't know what that is in Windows every process runs at a certain level and that level is captured in a token there's a way that you can use the windows API to take the token from one process running at a higher level and inject that into a different process and now that process runs as the higher privilege of the other process they were able to do token injection to access the recall database that lived on their computer and search through that database and find text about the things that they were doing in previous days without running as administrator so basically what the recall database turned into is a text file that had all of the OCR data from their previous browsing history why is this such a big deal to me why why do I care so much about this again I'm in the security Community but the majority of the world basically everyone else but me minus like a thousand people or whatever are not in the security community so why do I feel so deeply about this I think features like this put the average user who are unaware or just ignorant to these problems at a security disadvantage like for example my grandmother right maybe she doesn't really care about the security of her computer maybe she wants to just go play Farmville or Mojang tiles or of it right so when data like this is collected about her and her browsing habits as she goes through her day and being a person who is not very technically literate eventually goes and gets hacked Microsoft is basically built in a pattern of Life collector that tells the story of my grandmother's last couple of days without her even knowing or consenting to obviously you probably think that you can disable recall and actually right now if you're on a computer that has recall installed you can go and disable it but you may find out that in a couple weeks after Microsoft chips a new update or maybe in a few months when like Windows 11 Service Pack 2 or whatever comes out um that recall was magically turned back on it would not be the first time that Microsoft had a feature in a product that people didn't like that got disabled by the user and then got accidentally turned back on when an update came out to me this whole recall situation just feels like more corpo where AI is the new hotness right now personally believe we're in a bit of an AI bubble I acknowledge that chat GPT 3.5 and forward are pretty cool um but I think we are getting to see the end of like what AI is capable of doing without some kind of major technological advancement in uh npu Computing or in like actual compute but that being said I just don't think that there's anybody that actually wants recall and I don't think it's a good idea from a security standpoint I think it puts more people at risk than it actually helps and I don't think it's for the good of people that are using their computers and to be fair I am not the only one that feel this way I'm not some kind of like AI Doomer or you know Microsoft recall Doomer alone in my basement although I am in my basement right now um there are entire tropes of people that are saying that 2025 is going to be the year of the Linux desktop meaning that they are going to move their daily drivers from being a Windows platform over to being a Linux platform just to get away from the idea that Microsoft is going to have recall on their computers eventually probably whether they like it or not so that's it for now just kind of wanted to give my opinion on this I kind of held back about talking about this I tweeted about it um I didn't think it really warranted a whole video but when I saw that not only did Recall come out and then I was sketched out about that I saw the wired article that'll Link in the description below uh that showed that the implementation of recall was not correct to me it's just a disaster waiting to happen um so I really hope they either roll it back or make it opt in not opt out but we'll see what happens anyway if you enjoyed this video do me a favor hit that like button hit the sub button and then go watch this video about the PS4 jailbreak which is actually pretty neat see you there
Info
Channel: Low Level Learning
Views: 122,327
Rating: undefined out of 5
Keywords: ps4, jailbreak, ps4 exploit, pppwn, hacking, security, cyber
Id: wX9cJ6t8IdI
Channel Id: undefined
Length: 9min 34sec (574 seconds)
Published: Fri Jun 07 2024
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.