Ad:

Microsoft’s Recall saves sensitive information despite ‘security filters’

Advertising partnership with Teuton Systems

Published 14 December 2024
– By Editorial Staff
The Windows feature have led to harsh criticism and questions about the reliability of Microsoft's security measures.

The new Windows “Recall” feature, which is designed to create screenshots of your computer and your activity “for increased productivity”, has been found to store sensitive information such as credit card numbers and social security numbers – even when the feature to filter sensitive data is enabled.

According to a report by Tom’s Hardware, tests have revealed several flaws in Recall’s filtering capabilities and showed that Recall was able to capture information from Windows Notepad and PDF forms in Microsoft Edge, including credit card details and social security numbers, despite the feature to block sensitive information being enabled. So you don’t necessarily have to be working in the cloud, but ordinary offline activity is just as vulnerable. This creates a serious security risk for users who expect their private data to be protected.

The feature worked correctly in some cases, such as when it blocked screenshots from payment pages on e-commerce sites like Pimoroni and Adafruit. In contrast, Recall was able to take screenshots of a custom HTML page created by Tom’s Hardware that contained a credit card form and card details, clearly showing flaws in how the filter identifies sensitive data.

Microsoft itself claims that Recall is designed to automatically detect and filter sensitive information, such as credit card details, passwords and social security numbers. The company says it is working on improving the performance of the feature and ensuring that users’ privacy is protected.

Risking to be costly

These flaws in Recall’s filtering feature have led to harsh criticism and raise questions about the reliability of Microsoft’s security measures. Users who rely on Recall to document workflows may inadvertently expose sensitive data, which risks being very costly.

Experts therefore recommend that users be very careful about what data they handle while Recall is active – or better yet, stop using Windows altogether and switch to Linux-based solutions instead.

Microsoft has not yet clarified when an update to Recall can be expected, but the discovered security flaws underline the importance of security tools undergoing rigorous testing before being used in practical applications.

Screenshot of the Linux-based desktop environment KDE Plasma, which comes pre-installed on Teuton Systems computers and is described as being as easy or easier and more logical than Windows to use.

Linux – a privacy-focused alternative

For those who have grown tired of Microsoft and their products, there are further reasons to look towards Linux, which is highly relevant in times of privacy breaches, data collection and more, and which in most cases can fully replace Microsoft Windows. Teuton Systems, a Swedish-based technology company specializing in security and privacy focused products and services, offers personal computers with Linux pre-installed, completely free of “cloud connections” and surveillance software.

All included software is open source and selected with your security in mind. In addition, you have access to support and Linux-savvy customer service.

TNT is truly independent!

We don’t have a billionaire owner, and our unique reader-funded model keeps us free from political or corporate influence. This means we can fearlessly report the facts and shine a light on the misdeeds of those in power.

Consider a donation to keep our independent journalism running…