Microsoft's introduction of the Copilot+ Recall feature has sparked significant concern within the cybersecurity and compliance communities. While innovative for its AI-infused enhancements, Copilot+ Recall works to increase user productivity by constantly capturing screenshots of users’ PC activities. This feature is designed to create a searchable database of everything a user has seen or interacted with on their PC, including text from documents, emails, web pages, and screenshots (in which metadata is produced). Collected data is reportedly processed locally on the user's device.
This ongoing, pervasive collection of data poses serious implications for a variety of business operations, and especially for cybersecurity, compliance, privacy, and reputation management. While this feature has been marketed as useful for tracking day-to-day activities, there are critical information security tradeoffs that come with such a tool that business leaders will need to keep a close eye on to mitigate potential damages. In this blog I discuss these implications from the perspective of a Chief Information Security Officer (CISO).
Data Collected by Copilot+ Recall
The Copilot+ Recall feature captures a comprehensive range of data from users' PCs and creates a detailed record of their activities. This data includes:
Screenshots: Copilot+ Recall takes periodic screenshots of the user's screen, capturing whatever is displayed, including sensitive information.
Text from Documents and Emails: Any text visible on the screen, whether in documents, emails, or other applications, is recorded and processed through Optical Character Recognition (OCR) to make it searchable.
Web Pages: The content of web pages visited by the user is captured, including both the visible text and underlying data structures.This includes sites such as DoD SAFE and other “.mil” applications.
Application Interactions: Information about user interactions with applications, such as minimizing or closing windows, is logged.
Communication Records: Text from messaging applications, including non-persistent messages from secure messaging apps, is recorded and stored for long periods of time.
User Activity: Detailed logs of user activities, such as file accesses and software usage, are maintained.
Login Credentials and Financial Data: Sensitive information like login credentials and financial details viewed on the screen are also captured and stored.
Regulated Data: Any regulated data interacted with or displayed on the screen, including Controlled Unclassified Information (CUI), International Traffic in Arms Regulations (ITAR) data, and other compliance-sensitive information, is also captured and stored.
This extensive collection of data poses significant risk from the fundamental perspective of data flow and control. What’s more, it impacts traditional ways of securing and segmenting sensitive data. For example, view-only permissions and Virtual Desktop Infrastructure (VDI) instances are common features of the CISO’s toolbelt rendered ineffective by Copilot+ Recall.
Cybersecurity Implications
The comprehensive nature of the Recall database makes it an attractive target for hackers. If compromised, attackers could exfiltrate months' worth of sensitive information within seconds, including financial data, login credentials, personal communications or any work that has been done on that device. Traditional incident response measures may fall short in such scenarios, as the data might already be stolen before any mitigation steps can be taken.
Moreover, the ease with which Recall data can be accessed by other users on the same device, even without administrative privileges, exacerbates insider threat risks. This could be particularly damaging in professional contexts where sensitive business information is at stake.
Compliance and Legal Implications
From a compliance perspective, the use of Recall raises significant red flags. Under regulations like GDPR, HIPPA, and CMMC companies are responsible for the processing and protection of sensitive information. If data breaches involving Recall data occur, companies could face substantial legal penalties and reputational damage. Recall’s ability to collect and store highly detailed information in novel ways indefinitely also poses ethical and legal challenges.
Privacy Implications
The detailed personal data collected by Recall raises serious privacy concerns. Users' private information, once thought to be secure, is now at risk of exposure, violating their privacy expectations. This could lead to legal challenges and ethical objections, further complicating the landscape for businesses using Windows devices with Recall enabled.
Insider Threat Implications
The accessibility of Recall data to other users on the same device, even without admin rights, poses significant insider threat risks. Other users could potentially misuse this data for personal gain or malicious intent. Additionally, administrators with access to the Recall database have unfettered access to data that may not be required for their role, which for many bound by cyber security regulations will cause additional compliance risk and possible violations. A SIEM provides valuable insight to system and user behavior in a less intrusive and more controlled manner which is much more suitable in work environments.
How to Disable Windows Recall
If you’re concerned about your privacy and want to disable Windows Recall, follow these simple steps:
Step-by-Step Guide to Disable Windows Recall:
Open Settings:
Press Win + I to open the Settings app.
Navigate to Privacy & Security:
In the Settings window, click on Privacy & Security.
Go to Recall & Snapshots:
Under the Windows permissions section, find and click on Recall & Snapshots.
Turn Off Saving Snapshots:
In the Recall & Snapshots settings, toggle off the option to Save Snapshots.
Confirm Your Choice:
You may be prompted to confirm your choice. Confirm to disable Recall.
Additional Measures:
For enterprise users, IT administrators can disable saving snapshots using Group Policy or Mobile Device Management (MDM) policies. This ensures that all saved snapshots are deleted and that users cannot enable saving snapshots.
Deleting the Recall Database
To further protect your data, it is crucial to delete any existing Recall databases on your device. Here’s how you can do it:
Open File Explorer:
Press Win + E to open File Explorer.
Navigate to the Recall Database Folder:
Go to C:\Users\[YourUsername]\AppData\Local\CoreAIPlatform.00\.
Locate the GUID Folder:
Open the folder named with a GUID (a string of letters and numbers).
Delete the ImageStore Folder:
Right-click on the ImageStore folder and select Delete.
Delete the GUID Folder:
Go back to the previous directory, right-click on the GUID folder, and select Delete.
Repeat for All Users:
Repeat these steps for each user profile on your device.
Disable Windows Recall through Group Policy (GPO)
Please note this section of the guide requires administrative access to the device. Here are the step-by-step instructions:
Step 1: Open Group Policy Management
Open the Run dialog:
Press Win + R to open the Run dialog box.
Launch Group Policy Editor:
Type gpedit.msc and press Enter. This will open the Local Group Policy Editor.
Step 2: Navigate to the Appropriate Policy Setting
Navigate through the Group Policy Editor:
In the Local Group Policy Editor, navigate to the following path:Computer Configuration -> Administrative Templates -> Windows Components -> Windows AI
Locate the Recall Policy:
Within the Windows AI folder, find the policy setting named Turn off saving snapshots for Windows.
Step 3: Configure the Policy
Open the Policy Setting:
Double-click on Turn off saving snapshots for Windows to open its settings.
Enable the Policy:
In the policy setting window, select Enabled.
Apply and Confirm:
Click Apply and then OK to save the changes.
Step 4: Force Group Policy Update
Open Command Prompt:
Press Win + R, type cmd, and press Enter to open the Command Prompt.
Force Update Group Policy:
In the Command Prompt, type the following command and press Enter:gpupdate /force
This command will force the Group Policy settings to update immediately.
Step 5: Verify the Policy Application
Check the Policy Status:
After the Group Policy update completes, you can verify that the policy has been applied correctly by reopening the Local Group Policy Editor and checking the status of the Turn off saving snapshots for Windows policy.
Step 6: Additional Considerations for Enterprise Environments
Deploy via Group Policy Management Console (GPMC):
For large environments, you might need to deploy this setting via the Group Policy Management Console (GPMC) to apply it across multiple systems within an Active Directory (AD) domain.
Create or Edit a GPO:
Open the GPMC, create a new Group Policy Object (GPO) or edit an existing one.
Navigate to the same path (Computer Configuration -> Administrative Templates -> Windows Components -> Windows AI) and configure the Turn off saving snapshots for Windows policy as described above.
Link the GPO to the Appropriate Organizational Unit (OU):
Link the GPO to the Organizational Unit containing the computers you want to apply this policy to.
Step 7: Continuous Monitoring
Please note that continuous monitoring of this setting may be required. Windows has been known in the past to have configuration drift after Windows updates and other issues that impact configuration management.
Conclusion
The introduction of Copilot+ Recall by Microsoft, while marketed as a great way to improve user productivity, produces massive security and privacy concerns. While the information does seem to be processed locally, centralization of such a large amount of sensitive information is an extremely enticing target. This will motivate threat actors to exploit such a valuable information source and severely complicate disaster response and forensic efforts.
Ultimately, the risk is too great for this feature’s value-add to offset its downsides. I would urge the implementation of policies that disable Recall and make sure it stays disabled after each Windows update. Windows has been known to reset settings after updates in the past, which is why a good baseline configuration is always a good idea. Keeping this new intrusive feature disabled will help your security posture and prevent the potentially massive compliance pitfall.
References
Beaumont, K. (2024). Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster. Retrieved from doublepulsar.com.
Microsoft. (2024). Privacy and control over your Recall experience. Retrieved from support.microsoft.com.
Microsoft. (2024). Recall API documentation. Retrieved from learn.microsoft.com.