- Windows 11’s recall function has just been completed through its steps
- It made it better than when it was first released in preview but still made slides with its sensitive info filter
- In some scenarios, this filter simply doesn’t keep important data – like credit card numbers – out of recall images
Windows 11’s recall function is under control again with a new report that claims that the functionality of certain situations is to capture sensitive information as part of its daily tasks (for those with Copilot+ PCs that have turned it on).
As a rapid refresher, the recall is the AI-driven natural language search that is in-depth and regularly acts on screen shots of the host PC. Although it is undoubtedly powerful, it has been dogned with privacy and security when it was first revealed (and the launch was a shambles, you can remember – ahem).
And there are still some concerns that a report from the register makes it clear – at least in certain scenarios with the screens that remember, which can be a ‘potential treasure trove for thieves’, as the author, Avram Piltch, puts it.
Piltch ran test on a recall with a Lenovo Yoga Slim 7x (which is a copilot+ laptop), finding that although the feature managed to exclude sensitive financial details – as credit card numbers – from many of the roof taken did not do so all the time.
Some of Hall’s failures reported here include the feature that takes a screen shot of a fake web page (created by the author for testing purposes) with a credit card entry form when certain text (as ‘checkout page’ and ‘enter the payment info’) was removed. Remembering successfully excluded the place from its screen -catching activity as these labels were present, but without them acknowledged, remember no longer that the card information was sensitive information, so it still took.
As Piltch points out, not all online shopping -checkout forms look similar, thus doubting whether recall with some sites may not block card information.
Remember also had security points less by Piltch to screen that grabs a text file full of (composed) usernames and passwords. If the word ‘password’ was present in the document somewhere, recall would not take a screenshot – but if it was not explicitly mentioned, it would gladly take a grip on the sensitive content. (And no, you definitely don’t have to keep a list of your passwords in a text file, but some people do, unfortunately).
Piltch also noted that when he looked at his online bank account, revocation of screens of pages where his balance appeared and a list of deposits. It could be valuable information to a malicious party that got hold of this recall info, but the feature blocked the account number (and ABA Routing), fortunately.
When it came to PayPal use, recall took a screen shot of the login portal that revealed the username but not the password. The feature also did not take a grip on the account page (which shows recent activity and transactions), which was good, but to let the username still not slip well.
Remember also recognized a photo of a passport and avoided screenshot. But when another window on the desk partially hid some of the picture, it took a grip, which obviously failed to recognize it as a passport in this case (although sensitive details were still visible).
Analysis: Better – but still not good enough
These, described here, are mainly about recall that does not recognize sensitive details when they are not clearly marked with a label (such as ‘Payment Info’) or are only partially visible (as in the case of passports).
How hard should we be on the recall of this? If I used Remember myself (Disclaimer: I don’t, and in fact I can’t because I haven’t got a copilot+ PC), I would be disappointed with the feature that stumbles on the credit card numbers and especially passports.
I think recall should be sophisticated enough to pick up and acknowledge that grouping card numbers (16-digit long credit card number, date, CVC) to block this. Ditto for a partial passport photo, I feel that recall should still have been able to deal with it, that it is something hidden from being judged as doing a good job with regard to its sensitive info file.
On the other hand, some scenarios – a file full of passwords – are not such a big slip in my books (these words could be something real and there is not such an obvious pattern there).
There is still enough sliding through the filter here to be worrying. Remember, however, is still in preview, and Microsoft even admits that sensitive info can miss (and if this happens, you must feed this back to the company as part of the testing of recall).
So the long and short of it is that recall is still being tested. It gets better – Piltch actually ran similar tests for Tom’s Hardware when revocation first debuted for public consumption (in preview), and the function’s sensitive data filter priests far worse, but it still has wrinkles that we clearly see here. It’s not good enough for me and even though I had a copilot+ PC, I wouldn’t use it.
Furthermore, I am concerned about whether withdrawal will ever be fully tuned in terms of blocking sensitive data completely or guaranteed not to be subject to bugs where such slides can happen. (Windows 11 is known for never having any bugs, of course 😉). And then I can’t see myself ever use the feature, honestly, because I’m also not convinced that I still need this AI-assisted search.
Of course, you do not have to turn on foreclosure – in fact, by default, it is off with a copilot+ PC.
It is also worth making it clear that an striker will need to access your PC to get on these screens, which is far from an easy task. However, Piltch points out that a personal attack (of someone who knows or guesses your Windows Hello Pin) is possible, and remote access is also not completely off the table.
It is not very comforting when you consider that a filter designed to maintain your safety fully in such an eventuality does not shoot at all cylinders.
