[lolinder]

> isn’t providing a photographic memory of everything you do on your PC exactly what this is supposed to do?

Yes, but look at the Q&A at the bottom: apparently Microsoft told the BBC that hackers would have to have physical access to the device in order to access the data. This repo proves that's nonsense because all an attacker would have to do is install this code on your computer, which is something we already know they could do.

> Yes, you can access the data through other means than the official UI - this is the case for every software that runs on my PC.

I don't have software on my PC that indiscriminately takes screenshots of what I'm working on every few seconds, OCRs it, and indexes it in a convenient searchable database. A hacker can get a ton of information off my computer as it is, but a lot of what Recall will be saving has been hitherto ephemeral.

[planb]

So MS lied in an interview. Or the press person was not very knowledgeable. But how would that even work, that data can only be accessed locally? How does a computer decide if the intent to access a file is coming from the user in front of the PC or from someone who installed malware that sends keystrokes or mouse clicks on behalf of the user?

[smarx007]

https://doublepulsar.com/recall-stealing-everything-youve-ev...

Apple maintains some databases on macOS that are not sudo-accessible.