this rootless Python script rips Windows Recall’s screenshots and SQLite database of OCRed text and allows you to search them.

  • Neshura
    link
    fedilink
    English
    665 months ago

    Wait so the malware won’t even need a rootkit first? Damn this is worse than I thought…

    • @[email protected]OP
      link
      fedilink
      English
      265 months ago

      the screenshots and text are just sitting in the appdata folder, which requires no special permission to access

      • @[email protected]
        link
        fedilink
        English
        115 months ago

        Nice 😂 having extra pw manager n stuff in secret encrypted file only temporary handle decrypted PWs in RAM etc. But then, if you accidentally click on the eye, boom screenShot PW saved as pic of clear Text, nice. Also all personal eBanking stuff etc. And of Course, if you stream Netflix, tons of copyright protected material, lol.

        • @Spotlight7573
          link
          English
          125 months ago

          And of Course, if you stream Netflix, tons of copyright protected material, lol.

          Nope, DRM protected content like Netflix is one of the few things it doesn’t capture, it’s even mentioned in Recall’s privacy section. I’ll admit that that’s likely due to technical reasons with how the video stream is decrypted and decoded on the GPU and is never actually accessible to the user, not necessarily because they wouldn’t want to save that as well.

    • @Spotlight7573
      link
      English
      125 months ago

      Malware won’t even need to wait for the user to access something sensitive, they can just go back through the user’s Recall history and get the data for immediate exfiltration. No chance for anti-malware software to update and catch it before it does anything truly bad, it will just always be too late if given even a minute.