"Windows 11's Recall AI, known to take snapshots and recordings of user computers regularly, including key presses, was discovered to store all its information in an unencrypted local folder."

posted by Roy Schestowitz on Jun 11, 2024,
updated Jun 11, 2024

Computer Online Forensic Evidence Extractor (COFEE) is a tool kit, developed by Microsoft, to help computer forensic investigators extract evidence from a Windows computer. Installed on a USB flash drive or other external disk drive, it acts as an automated forensic tool during a live analysis. Microsoft provides COFEE devices and online technical support free to law enforcement agencies.

Or as Ryan explained Recall a few hours ago: (in IRC)

You can copy the data from another user's "recall" folder as another user.
Even if you don't have Administrator privileges on that account.

> Q. What kind of things are in the database?

> A. Everything a user has ever seen, ordered by application. Every bit of text the user has seen, with some minor exceptions (e.g. Microsoft Edge InPrivate mode is excluded, but Google Chrome isn’t). Every user interaction, e.g. minimizing a window. There is an API for user activity, and third party apps can plug in to enrich data and also view store data. It also stores all websites you visit, even if third party.

So it sends screenshots of your Private Browsing in Firefox and Chrome and Brave to Microsoft.

This will make it easier for police to use COFEE and scrape up more interesting bits from a user's Windows PC.

You have to use the Policy Editor and know what you're doing to disable Recall.

And even then, who really knows?

If you run Windows, it can do anything it wants later.

The Windows 11 Home Edition is not listed as a SKU where the user can opt-out of Recall via the Policy Editor.

[...]

https://github.com/xaitax/TotalRecall

GitHub - xaitax/TotalRecall: This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.

Also see: Is Microsoft trying to commit suicide?

Other Recent Techrights' Posts

SLAPP Censorship - Part 32 Out of 200: Garrett Made Spurious Requests (Later Withdrawn) the Same Week Someone He Later Spoke to by E-mail Sent Threats to Our Webhost: The "plot thickens" because there's a multi-party tag-team act, as confirmed by Garrett after he had sworn on the Bible
Links 04/04/2026: Social Control Media Verdict and Bans, Whistleblower (Axel Rietschin) Explains How "Microsoft Vaporized a Trillion Dollars": Links for the day
Reaching the End/Event Horizon of LLM Slop: Are we moving towards a post-LLMs world?
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, April 03, 2026: IRC logs for Friday, April 03, 2026
Gemini Links 04/04/2026: STXGE and Computer Relationships: Links for the day
SLAPP Censorship - Part 33 Out of 200: Garrett Sued by My Wife and I, Then His Microsoft Acquaintance Files Another Lawsuit and Our Webhost Receives Legal Threats Too: Today we also show how our solicitor Mark Lewis responded to it
Good Friday, Leaving IBM for Good: Even on holidays
Links 03/04/2026: Rejection of More Software Patents and Social Control Media in Several Continents: Links for the day
Malware in Proprietary Software - Latest Additions by Rob Musial: Original published yesterday in gnu.org
Visual Evidence/Documentation of IBM Dying Like the Dinosaurs: IBM has many of these giant white elephants lying around, with some getting demolished
Links 03/04/2026: USPTO’s Latest Greenwashing and Internet Blackouts Impact Journalists in War Zones: Links for the day
IBM is a Dying Company, Nowadays It Kills Red Hat With Slop: when your last day is a national holiday in IBM's country
"Independence Drives" and Community-Run Sites: Independence in reporting is a much-valued trait
When Charlatans Are Only Good at Losing Money and Storytelling (e.g. About Investment in Them): Wait till a a barrel of oil costs $300
What Apple Fans Are Missing: Apple is a bad company
The "Pale Blue Dot" Moment Had Returned: To many people, the "bitter-sweet" observation of how small we are
Saudi Arabia Does Not Rely Much on Microsoft/Windows: Putting aside politics, this is good for Free software
Almost 12 Years of Exposing Corruption in Europe's Second-Largest Institution: The "unready" President is now an abandoned President
Easter Moon Mission and Its Reminder of IBM's Demise: A lot of NASA operations now rely on GNU/Linux
When Power is Scarce and GNU/Linux Has Power: In Cuba, GNU/Linux has long enjoyed high adoption rates
Don't Totally Dismiss the 'Survivalists': 'Survivalists' or similar terms are used to describe a particular mindset of people who prepare for some really awful scenarios
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, April 02, 2026: IRC logs for Thursday, April 02, 2026
A Much Better Use of Fuel Than Slop: Something positive for a change
Hoping for Peace: There are still many things to be enjoyed, including nature and kind people
Gemini Links 03/04/2026: "Slide Rule Triple Multiplication" and End of "Picture Pages": Links for the day
Rumours of Microsoft Layoffs This Season: Just how much trouble is Microsoft in at this point?
GNU/Linux Measured at All-Time High in Sweden: Can 'influencers' have played a role
SLAPP Censorship - Part 31 Out of 200: Speaking About 20+ Years of Alleged Harassment/Defamation and High-Profile 'Targets' of Garrett: attempts were made to settle (in effect end the case) by the person who started the case almost half a dozen times along the way
In Asia, Windows is in Its Teens (Below 20%): On a global scale, Windows is down to about 26%
GNU/Linux Becoming More Universal: It seems likely the end of Vista 10 coinciding with a sharp rise in memory prices (and now energy prices) will benefit GNU/Linux and therefore give us more to write about
Low Morale at IBM and Perception of Destructive Management: IBM is going nowhere, fast
Gemini Links 02/04/2026: Super Mario Galaxy Movie and New Antenna Instance: Links for the day
It Seems Like Google News Cracked Down on (Omitted, Delisted) a Lot of Slopfarms: There's no justification/point in spending so much energy just to plagiarise things poorly
Can Economies Like the American One Hang On?: The coming weeks will be "interesting" unless wars end
Steam Survey for Last Month Says 5.33% Use GNU/Linux: big leap for GNU/Linux
Links 02/04/2026: Science News, Energy Scarcity, Oil Sold in Yuan: Links for the day
Links 02/04/2026: Apple Turns 50, Efforts To Ban VPNs: Links for the day
Gemini Links 02/04/2026: Kubernetes With FreeBSD, OFFLFIRSOCH, and Great Circle Distance: Links for the day
Dr. Andy Farnell on Microsoft Silencing or Deplatforming Opposition in the UK and Elsewhere: Microsoft as a king or a kind of "religion" one cannot question
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, April 01, 2026: IRC logs for Wednesday, April 01, 2026