[Analemma_]

You’re missing the point. An attacker can only see the passwords in your Recall database if they have root, but if they have root there are (and always have been) a thousand other ways they can get your passwords. There is no new attack vector being introduced by Recall.

[smaudet]

Another big, big difference, anybody, not just some black-hat pro with a long kill chain of zero-days, has a fantastic source of data to exfiltrate.

Perhaps you didn't note before, or are one yourself, but this includes e.g. abusive spouses. Sure, maybe the abusive spouse could hire a black hat, but this is very different to a drunk low-life wife-beater casually snooping through "recall".

It might not be a "new" attack vector, but its absolutely a complete degradation to any computer security.

[morder]

One difference is that you can get root access after the fact and get however much prior data Recall recorded vs only going forward.

[fh9302]

It is possible to access to Recall database without admin access.

https://x.com/GossiTheDog/status/1798832390070276500

[sgent]

RTA, Microsoft announced changes to the security model to prevent that.

[fh9302]

I did read the article. The person I'm replying to claims the entire debate was "uninformed hysteria", which means they thought the previous security model already required admin.

[Benedicht]

If an attacker got root with recall they might not need to wait the user to type their password and risk detection. The information they want to know might be already in the recall database.