The new Windows 11 Recall feature is terrible for security. Anyone can access the files in the %USERPROFILE%\AppData\Local\CoreAIPlatform.00\UKP folder. This is accessible by any user or malicious software. This stores data in an SQLite database. This is not even encrypted. Is this the way Microsoft is going in 2024? This will erase trust in the Microsoft platform. I can not wait to get ahold of the sample database and try to open it on Linux, it should not be too hard at all. Will Windows Server have this as well? I hope there is a way to disable this but this might be an immutable service. Maybe make the folder it uses not writable. But once this is commonly used on Windows, there will be a way to remove this from Windows and have some peace of mind. Sure if it could be switched off, is it off? Maybe not. but this is not the Microsoft we know from the 1990s. This is an all-new Redmond WA.
The Windows Recall settings shown below do contain options to switch it off. but will this be permanent? We will have to wait and see for more information. I can not wait for the malware to steal credit card numbers and addresses. That will be amazing. Cybercriminals will have a field day with all of the data harvesting and credit card fraud.
