The article describes a tool that grabs the data without admin privileges, but yes, there are methods used by current malware to escalate privileges.
Comment on Microsoft's Recall Feature Is Even More Hackable Than You Thought
Hirom@beehaw.org 3 weeks ago
Not surprising. If there’s a way for a non-admin user to use this feature, it means there’s a way for a non-admin process to access the data.
Even if if were more secure, there’s probably plenty of ways to escalate privileges and escalate anyway.
The bigger issue is Microsoft providing an official tool for snooping on user activity. Malware won’t have to install their own, and recall taking screenshots periodically won’t be considered anomalous behaviour since it’s an official Microsoft service.
psud@aussie.zone 3 weeks ago
BurningRiver@beehaw.org 3 weeks ago
Seriously, you didn’t get through the first paragraph?
Saying “periodically” is a pretty trivial way of putting it.
Microsoft and Adobe fighting each other over who gets enshittification of the decade award. Sam Altman is probably crafting a victory speech about what chatGPT 12 might possibly be able to do, someday. The sooner all this snake oil hype crashes and burns, the better off we’ll all be.