If MS claims the data is not accessible [by malware] remotely and can only be accessed if the attacker has physical access, a POC just just fopens the file and prints it is a fair exploit POC. No matter how trivial that looks to you.
The repo is along the lines of "2+2=4". GP said there is nothing interesting in that, to which I pointed to the QnA entry which shows that MS did tell a journalist that "2+2=22", so to speak. What else is there to disprove?
The significance of the repo is not to show 2+2=4 but that 2+2 != 22
The BBC quote says "a would-be hacker". I interpreted that as a general claim about windows security, not saying that this particular feature is invisible to malware. They have to break the security of your particular device, the data is nowhere else.
> I interpreted that as a general claim about windows security
Sure, because you understand that the other interpretation is nonsensical. All the publications that are popping up showing that the Recall DB is locally accessible are aimed at all the other Windows users.
Now, I would fully agree if you question what's the benefit of posting this on GH and not on FB, for example, and what's in there to surprise the HN crowd.
> Now, I would fully agree if you question what's the benefit of posting this on GH and not on FB, for example, and what's in there to surprise the HN crowd.
The author posted Wired's article about the tool on LinkedIn. Does Facebook host code and render Markdown? Does the author have a Facebook account? Would you bet your Facebook account they wouldn't consider it distributing a hacking tool and lock the account?
Must it be surprising? Some in the HN crowd would want to explore their own databases I think. Some will have family and friends ask them about Recall security.
You interpreted a statement about saved screenshots in an article about Recall as a general claim about Windows security even the general public would know was false?
I interpreted that line as analogous to normal Windows security.
As a general rule, a would-be hacker can't get to any of your on-device data, Recall included, without a local user giving them access.
So the intent of the statement is to say it's immune to anything else being hacked, like servers. Not to say they finally invented a completely hack-proof system... and only used it for this single program.
> As a general rule, a would-be hacker can't get to any of your on-device data, Recall included, without a local user giving them access.
Physical access means physical access to experts and the general public. Not physical access, social engineering, supply chain exploit, or remote code execution. Saying Windows can't be hacked without physical access would be false too.
> So the intent of the statement is to say it's immune to anything else being hacked, like servers.
Anything else would include Windows Update and Microsoft accounts.
They said Recall snapshots were stored on the PC itself and not available to Microsoft. Adding a misleading description of Windows security did nothing but confuse people.
Nothing in this FAQ is in any way surprising. If
someone (“hackers”) gains remote access to your PC, they can also install a key logger and take screenshots. They just don’t have access to the historic data.
okay, so the only "pwning" of recall is that if your computer is already hacked, the hackers can get the recall data along with all the other data on your computer...
Yes. With the difference that now the have the DB which they can interrogate with a prompt like "list all credit card numbers entered in the past 3 months". The post touches on your question/remark.
If hackers pwn your desktop computer and you do not notice it, they get all the data you have access by yourself. Nothing new here.