Hacker Tool Extracts All the Data Collected By Windows' New Recall AI 145
An anonymous reader quotes a report from Wired: When Microsoft CEO Satya Nadella revealed the new Windows AI tool that can answer questions about your web browsing and laptop use, he said one of the"magical" things about it was that the data doesn't leave your laptop; theWindows Recall system takes screenshots of your activity every five seconds and saves them on the device. But security experts say that data may not stay there for long. Two weeks ahead ofRecall's launch on new Copilot+ PCs on June 18, security researchers have demonstrated how preview versions of the tool store the screenshots in an unencrypted database. The researchers say the data could easily be hoovered up by an attacker. And now, in a warning about how Recall could be abused by criminal hackers, Alex Hagenah, a cybersecurity strategist and ethical hacker, has released a demo tool that can automatically extract and display everything Recall records on a laptop.
Dubbed TotalRecall -- yes, after the 1990 sci-fi film -- the tool can pull all the information that Recall saves into its main database on a Windows laptop. "The database is unencrypted. It's all plain text," Hagenah says. Since Microsoft revealed Recall in mid-May, security researchers have repeatedly compared it to spyware or stalkerware that can track everything you do on your device. "It's a Trojan 2.0 really, built in," Hagenah says, adding that he built TotalRecall -- which he's releasing on GitHub -- in order to show what is possible and to encourage Microsoft to make changes before Recall fully launches. [...] TotalRecall, Hagenah says, can automatically work out where the Recall database is on a laptop and then make a copy of the file, parsing all the data as it does so. While Microsoft's new Copilot+ PCs aren't out yet, it's possible to use Recall by emulating a version of the devices. "It does everything automatically," he says. The system can set a date range for extracting the data -- for instance, pulling information from only one specific week or day. Pulling one day of screenshots from Recall, which stores its information in an SQLite database, took two seconds at most, Hagenah says.
Included in what the database captures are screenshots of whatever is on your desktop -- a potential gold mine for criminal hackers or domestic abusers who may physically access their victim's device. Images include captures of messages sent on encrypted messaging apps Signal and WhatsApp, and remain in the captures regardless of whether disappearing messages are turned on in the apps. There are records of websites visited and every bit of text displayed on the PC. Once TotalRecall has been deployed, it will generate a summary about the data; it is also possible to search for specific terms in the database. Hagenah says an attacker could get a huge amount of information about their target, including insights into their emails, personal conversations, and any sensitive information that's captured by Recall. Hagenah's work builds on findings from cybersecurity researcher Kevin Beaumont, who has detailed how much information Recall captures and how easy it can be to extract it.
Dubbed TotalRecall -- yes, after the 1990 sci-fi film -- the tool can pull all the information that Recall saves into its main database on a Windows laptop. "The database is unencrypted. It's all plain text," Hagenah says. Since Microsoft revealed Recall in mid-May, security researchers have repeatedly compared it to spyware or stalkerware that can track everything you do on your device. "It's a Trojan 2.0 really, built in," Hagenah says, adding that he built TotalRecall -- which he's releasing on GitHub -- in order to show what is possible and to encourage Microsoft to make changes before Recall fully launches. [...] TotalRecall, Hagenah says, can automatically work out where the Recall database is on a laptop and then make a copy of the file, parsing all the data as it does so. While Microsoft's new Copilot+ PCs aren't out yet, it's possible to use Recall by emulating a version of the devices. "It does everything automatically," he says. The system can set a date range for extracting the data -- for instance, pulling information from only one specific week or day. Pulling one day of screenshots from Recall, which stores its information in an SQLite database, took two seconds at most, Hagenah says.
Included in what the database captures are screenshots of whatever is on your desktop -- a potential gold mine for criminal hackers or domestic abusers who may physically access their victim's device. Images include captures of messages sent on encrypted messaging apps Signal and WhatsApp, and remain in the captures regardless of whether disappearing messages are turned on in the apps. There are records of websites visited and every bit of text displayed on the PC. Once TotalRecall has been deployed, it will generate a summary about the data; it is also possible to search for specific terms in the database. Hagenah says an attacker could get a huge amount of information about their target, including insights into their emails, personal conversations, and any sensitive information that's captured by Recall. Hagenah's work builds on findings from cybersecurity researcher Kevin Beaumont, who has detailed how much information Recall captures and how easy it can be to extract it.
Stop "improving" a product needlessly (Score:5, Interesting)
Comment removed (Score:5, Insightful)
Re: (Score:2)
You can get a new computer and not run windows on it ;)
Doesn't that mean not running (most) games on it, which is the OP's intentions?
Re: (Score:3)
Re: (Score:3)
At this point, it seems ~66% of newer games work, but older stuff is iffy. Vulkan seems like a more stable target than Direct3D even on Windows these days.
Re: Stop "improving" a product needlessly (Score:2)
Games which use new features likely also use vulkan which works great, so they work great too.
Older games are a mixed bag. The older a game is the more likely it played stupid tricks with APIs and therefore will have problems. So if it's new enough to have 3D graphics but not new enough to be past the awkward stage, compatibility is likely poor.
Re:Stop "improving" a product needlessly (Score:5, Interesting)
On Steam, using Proton, most older games work great. Even many which have issues on newer versions of Windows. Newer games is a bit more hit or miss, but a huge chunk of them will work great. Even heavier AAA titles.
Since the Steam Deck came out, compatibility has increased immensely. I find very few games which have issues. The exception is games with heavy anti-cheat engines. Those tend to be a mess. And some DRM systems are just awful and won't work.
Re: (Score:2)
I guess it must depend on the games. I ran Baldur's Gate 3 via steam on Linux once it went retail. Runs spectacular on my machine and I spent under $1k on my box this past August. Haven't tried a lot of other brand new games, but mostly that's because they do not interest me all that much.
Re:Stop "improving" a product needlessly (Score:5, Informative)
Re: (Score:3)
I have a steamdeck, and Linux certainly has a enough games (for me); many of them new.
But my needs are pretty minor.
Re: (Score:2)
My favorite Linux game is Find The Offending Line Of Code.
Re: (Score:3)
There's plenty of games on Linux. Like Tux Racer and. . . . uh. . .
I know you're joking, but it might be worth a check to see how many of your own Steam games have been verified for Steam Deck [steampowered.com], which runs on Linux.
I had assumed it'd just be a few titles, especially bigger ones that get attention. I was shocked when I saw that it was basically my entire library. You might be surprised to find out how many of your games run fine on a little Linux handheld.
Re:Stop "improving" a product needlessly (Score:5, Funny)
Re: (Score:2)
Keep your Windows in a VM on Linux, then deny it access to the internet. Then keep denying it access until Windows starts to cry and apologizes for it's naughty behavior in the past.
Re: (Score:2)
And condemn yourself to triple the work to get a game running decently or more likely, not at all?
Seems practical.
Re: (Score:3)
One man's bloat is another's critical feature. The Recall fiasco aside I've seen people bitch and moan about every Windows feature, e.g. snipping tool, e.g. screen layout memorisation, which are all things that were easily dismissed, but ultimately ended up being great improvements to usability.
No we absolutely should not stop improving software. It's all very far from perfect, both for power users as well as newbies. What we should do is call out the bullshit - precisely as we are doing now.
Re: (Score:3, Interesting)
Re: (Score:2)
That goes for "improvements," yes. Seems you think any old insanity is an improvement, yet your technical skill seems severely lacking.
Re: (Score:3)
The snipping tool is decent, but very limited. But what it did was kill off the market for excellent snipping tools which used to be available. In the end, this was a huge loss of usability for those who really need a good snipping tool.
This is the norm for Microsoft. Push out other choices and leave a mediocre solution in place. The lowest common denominator ends up being the only choice. And in the end the cost for the end user is higher than it needs to be due to killed off competition.
In this case, ther
Re: (Score:2)
I'm curious what features are missing from greenshot.
This isn't rhetorical, I am honestly curious as to what I'm missing since I have a failure of imagination of how it could be improved.
Re: Stop "improving" a product needlessly (Score:2)
Snipping tool is quite good in windows 10. In 11 it sucks. Shock Amazement.
Re: (Score:2)
Yeah, I'm calling bullshit alright, on you, for constantly apologizing for Microsoft taking things away while pretending its "for your protection".
Nobody wanted anything other than XP.
Windows 7 was just a better XP.
Microsoft has made ZERO improvments to usability, since then, or maybe ever. We absolutely DO NOT need "upgrades". So called "upgrades" are for Microsoft, NOT YOU.
Wait. Let me get the popcorn before you shoot another load
Re: (Score:3)
If it's just a game machine then it doesn't matter that they're storing all your activity on a government server.
Just don't use it for ANYTHING else and put it in its own isolated vlan.
If they really want copies of your saved games and your library list at steam, do you really care?
I haven't used windows for years. My PC has windows 7 and has been powered off since about 2016. If I ever build another windows box it will be for gaming, and maybe I'll hook it up to my big screen tv and that's it. No random
Re: (Score:3)
If it's just a game machine then it doesn't matter that they're storing all your activity on a government server.
Just don't use it for ANYTHING else and put it in its own isolated vlan.
I am in the process of doing that. Separate machine with no email and only gaming web-browsing is already there. Separate network segment is already there (not just a vlan), from when I connect work laptops to my own network. Isolation is not perfect yet and I will need to isolate a Win11 VM as well for when I have to use Office. But the plans are clear. MS is too clearly an enemy and a threat to its users for anything else to be viable.
Re: (Score:2)
I'm on the fence about getting a new computer at home (mostly for gaming, let's be real - even a 10 yr-old computer works fine for office stuff), and Win11 is the main reason I'm not biting the bullet. Every feature I read about makes me wonder "how can I disable this" and "will I really be able to disable it, or will it come back every forced update". I just want a version of Win10 (or heck, win7) with endless security updates. *shakes fist at sky*
Now imagine how you'd feel if you need the system to just be stable and available for near real-time processing. My recording system is the last Windows system in the house. And it's getting more and more difficult to disable all the "special features" that seem to have nothing to do with running the system and everything to do with hoovering up data. A screenshot every five seconds has to have some burden on the system, and I'd rather have that IO and processing available for my DAW when it already runs ne
Re:Stop "improving" a product needlessly (Score:5, Informative)
Have you tried some of the "lite" Windows variants like Ghost Spectre or PhoenixOS? I've been running Phoenix OS Win10 as a 2nd OS on my laptop for years with no problems, mainly for music programs and plugins. Windows is actually somewhat likeable this way. I can bet games run better than on stock Windows, too, without having to deal with 512 different services and background processes.
Re: (Score:2)
A "tool that can answer questions about your web browsing and laptop use." I wonder what use this even has. If I want to know about my laptop use, I will just ask myself. For web browsing, I can look at the history. Capturing screenshots to help with web browsing questions just seems utterly idiotic; just capture the history.
Microsoft, ever several years behind the pack but who think it is in the lead, seems desparate to adopt every possible new technology someone else comes up with and then standardizi
Re: (Score:2)
Don't worry, I read they are reopening a beta test phase for Windows 10 so they can get Recall going on that platform as well. Your welcome! https://www.theverge.com/2024/... [theverge.com]
Surprised (Score:2, Interesting)
I'm surprised by how many security promises were broken even before launch.
New lows for Microsoft every day. Remember that little period of when Microsoft was okayish most of the time.
Re:Surprised (Score:5, Funny)
No, not at all.
Re: (Score:2)
Nope, I don't remember that time.
Re: (Score:2)
Yeah, that was Windows 10 a few years ago. 10 is still good, but since Edge became super pushy it's been a PITA.
Re: (Score:2)
Remember that little period of when Microsoft was okayish most of the time.
That happened? When?
Re: (Score:2)
I don't think that period actually existed. We were probably just to ignorant of how bad things were, even in the 90s. I mean, remember when you had to restart your entire computer just to change the screen resolution? If you looked at Windows funny back then, you had to restart. It was a joke. Wanna play a game? You exited windows to go to DOS.
No Arnold fans at Microsoft (Score:2)
Re: (Score:2)
What's the point? (Score:5, Interesting)
Re:What's the point? (Score:5, Insightful)
I can bet that government / law enforcement are drooling about this. This will be the almost ideal incarnation of Big Brother is Watching You. "When did the suspect search for information about X?" "Who where they in contact with from this date to that date?"
Re: (Score:2)
Re: (Score:2)
Re: What's the point? (Score:2)
True. Microsoft is a US defense contractor and known PRISM participant...
Re: What's the point? (Score:2)
How about reverse blame as well? "You were using a computer? What about the Recall data? What do you mean Linux? Oh you must be guilty for sure then!"
Re: (Score:2)
Just ask my ISP, they already know about pretty much all my Internet habits. Got a VPN? Good, the government will just "ask" them for their records, and they will comply. Heck, they probably already have an API setup for direct access to save them the spooks time and themselves all the effort.
Re: (Score:2)
Re: What's the point? (Score:2)
We don't need AI. (Score:5, Insightful)
Re: (Score:3)
After having used ChatGPT for a few days, I find it verbose, insightless and (probably intentionally) making it hard to check its sources. Not very useful.
Re: (Score:2)
You've finally actually tried it, huh? Good for you.
Through the lines I'm reading that your idea of it and LLMs in general is slowly changing in the direction of reality. You'll get there eventually.
Re: (Score:2)
I tried it before in a limited context. Nothing I found now is different from my expectations. Which I have stated here on this site. I think you are talking out of your behind.
We do need "AI" (Score:2)
We've been using ML
FUD, eh? (Score:2)
Now where is that tool who swore up and down I was just spreading "FUD FUD FUD?" Yet couldn't say one specific thing?
The guy who believed the Microsoft press releases hook, line, and sinker, which claimed the data would be securely stored?
Instead, "Two weeks ahead ofRecall's launch on new Copilot+ PCs on June 18" it's stored in an unencrypted MySQL database anyone could read, in plain text. All you need is file system access. Hell, you can get that without hacking the PC, just steal the danged thing.
Re: (Score:2)
The data will be securely stored on the NSA servers.
Re: (Score:2)
I guess to be fair, this is "hack" is for the preview version of this product. Perhaps the released version will include the promised encryption.
I am not apologizing for MS or anything, but they *did* explicitly state that all this data would be stored in a locally encrypted state so, if they released this version they would be flat out lying which seems like it would open them up to some major liability and I can't imagine they would be that stupid.
Re: (Score:3)
I didn't realize it was a preview, but I wouldn't have released even a preview with no encryption.
Re: (Score:2)
I am not apologizing for MS or anything, but they *did* explicitly state that all this data would be stored in a locally encrypted state so, if they released this version they would be flat out lying which seems like it would open them up to some major liability and I can't imagine they would be that stupid.
Microsoft is not exactly known for their polish before and after a product is released. Promised encryption not being in the beta sounds like MS as usual. The released version will probably have encryption—which someone will find a hack immediately after release.
*YAWN* (Score:2, Insightful)
If someone has physical access to my device I'm just going to assume they installed their own keylogger / screenshot software and don't need to fuck around with Microsoft's tools.
Repeat after me: If someone has physical access to your device, you have already lost the game.
Also it's 2024 and every OS supports whole disk encryption of the OS drive. It's something people should seriously consider even on their home computers, not just laptops and portable devices. (And before someone shouts but but but Bitloc
Re: (Score:2, Flamebait)
MS doesn't have "physical access" to your machine. don't bait and switch. FDE doesn't make a diff to Daddy.
You're not wrong about having lost the game to MS, but you don't have to get gang banged all day long like you're suggesting is just fine.
It's not fine and you don't have a valid argument.
Re: (Score:2)
Tell everyone you didn't understand what I wrote without saying you didn't understand what I wrote. You don't need to look far into my post to see who the actual subject was. It's the second word in.
Re:*YAWN* (Score:5, Insightful)
If someone has physical access to your device, you have already lost the game.
True, but you can lose games in multiple levels. If past data is not stored, it cannot be compromised at a single point of access. While the user might not use the data at all, and even be unaware that the data still exists, it is quite handy for all evildoers.
Microsoft helps all evildoers to get data from before the system is compromised.
Re: (Score:2)
While this is true, the reality of modern nefarious activity is to own the machine. It's very rare that a past activity would compromise the user in a way a future activity doesn't. I logged into internet banking last week (which incidentally would do things such as capture a username, but not capture a password), and I'll log into internet banking again this week. The difference is a full nefarious keylogger will actually capture the password too.
Re: (Score:2, Informative)
Re: (Score:3)
Re:*YAWN* (Score:5, Interesting)
The difference is, if someone steals my system, and then install keyloggers and whatnot, that's not really going to help them, now is it? Because I will no longer be using that system. They can sit and stare at it all day and they'll get nothing from it.
But if the system has an installed keylogger with screen scraper which has saved everything I have done on it, named Recall, and then they steal it, that's a very different story. Especially since the data is stored in plaintext on the system. Anyone can read it.
Re: (Score:2)
The difference is, if someone steals my system
That is taken care of in the second half of my comment. Someone stealing your system shouldn't have access to your data period. It's 2024. Full disk encryption should be the norm. Windows 11 will even prompt you to enable it during install. Unless someone has acceess to your device powered on and logged in, then stealing it won't be much of an issue for you if you take even the most basic of security precautions (and by basic I mean literally smashing the yes button during a Windows install).
But if the system has an installed keylogger with screen scraper which has saved everything I have done on it, named Recall, and then they steal it, that's a very different story.
Recall is not a
Authoritarian wet dream (Score:2)
There is zero chance that this feature will be altered in a way that is friendly to end users. The various law enforcement agencies are having a combined orgasm over this feature. It is here to stay and will be mandated in every single operating system once the furor dies down over the initial introduction. Welcome to 1984 mother fuckers. The future is so bright, that even sunglasses won't help.
Re:Authoritarian wet dream (Score:5, Interesting)
There is zero chance that this feature will be altered in a way that is friendly to end users. The various law enforcement agencies are having a combined orgasm over this feature. It is here to stay and will be mandated in every single operating system once the furor dies down over the initial introduction. Welcome to 1984 mother fuckers. The future is so bright, that even sunglasses won't help.
I don't doubt governments and enforcement agencies, including police, will be absolutely thrilled with Recall. But how are they going to mandate that all OSes must have it? Can you see the Open Source folks just rolling over and going, "OK," on that front?
Is there a point where we can demand that the OS just get the fuck out of the way and let us work? I don't want my system eating resources to report my every move to someone else. I want the hardware I bought to be available to process the tasks I throw at it. I'm sick of having to fight the system just to do the things I bought the system to do. This feature better be something we can disable completely, or it may very well be the end of Microsoft. While I'm sure the C-suites will love the spying potential it gives them, I have my doubts a single one will be happy with the idea of their system doing the same thing to them. Who comes up with these schemes and who the fuck thinks it's a good idea to force it on end users?
Re: (Score:2)
While I'm sure the C-suites will love the spying potential it gives them
To be fair the C suites already have access to everything they want, any enterprise is already using centralized email, Group Policy, Domains. If you think you have privacy on your IT provided system well you are woefully misinformed. Their property, their network and their systems. This is just another feature the IT folks are going to say "lol, no. GP this into to the nether realm" until an executive comes down and overrules them.
Re: (Score:2)
The change is it's being pushed down to Home users who don't have an enterprise of security to protect it. (Protect the company, not you)
Re:Authoritarian wet dream (Score:5, Interesting)
That is very true and I hope Home users have an option to enable/disable the feature as they see fit. Really is an issue of awareness since your average home only users may not be aware of the risks but that's already the system they are engaged in, anyone with that distrustmul of MS probably is already using Apple or Linux, I can't imagine the person out there who is using Windows 11 and is like "ok, now this is a step too far!!!", like we crossed that bridge a long time ago.
If Microsoft wants to covertly spy on all home users there really isn't anything stopping them already, they wouldn't need a splashy new very public feature to do it. And if we think this announcement is just a cover to sneak in the feature that's also a bit naive to me, the feature would already be baked in (and very well might be). That's just a fact of the matter of closed systems all the time.
Re: Authoritarian wet dream (Score:3)
What "worked" for Hunter, who is now in court defending against a firearm background check violation where the case was prompted by the action of people who are against firearm background checks existing, was that the chain of evidence was completely untrustworthy.
MIssed PK Dick opportunity on that naming... (Score:2)
Dubbed TotalRecall -- yes, after the 1990 sci-fi film
We can remember it for you freeware?
People don't get fired enough (Score:4, Insightful)
Re: (Score:3)
Who, on their right mind, could have ever thought this was a good idea?
Your mistake lies in thinking that Microsoft and "right mind" can coexist in the same context.
Re: (Score:2)
It not about "right mind". It's about money. Collecting data and selling it. What you paid for Windows is not enough.
Re: (Score:3)
Microsoft would never fire the team who came up with this idea. It is, after all, the same company that employs the creator of systemd.
Re: (Score:2)
Microsoft wants more data for their LLM training. This is an excellent way to get it.
Re: (Score:2)
Re: People don't get fired enough (Score:2)
That didn't take long at all (Score:3)
I still don't understand the alleged purpose or intended benefit of this new feature to users.
Re: (Score:2)
That link! :D
Re: (Score:2)
Thanks, feedback always appreciated :-)
Re: (Score:2)
intended benefit of this new feature to users
"To users" is the important part. This feature does not benefit users but is for MS and their stockholders. MS is trying to spin it as a feature otherwise they would have to outright state their users are not customers. Their users are the product.
ALERT: Microsoft did something stupid and insecure (Score:2)
Recall is HIPAA compliant right? (Score:2)
More concerned about abused spouses (Score:4, Informative)
Recall will cause more women to be murdered as it allows their abusers to get every last piece of information they searched for and where they'll be. Then again, a company like Microsoft doesn't believe in consent, so this is probably its intended use case.
Don't improve, Just FIX (Score:2)
Follow the money... (Score:2)
So of course we ask who benefits and it's Microsoft who will now collect and sell even more of your information. Windows is pretty much just an analytics and advertising framework now. They say the information will stay on the computer and of course it will. For now. But pretty soon they'll add "features" which need to send information back to the cloud or they will just secret
Recall will teach A.I. to replace you! (Score:2)
Everybody is focusing on the security issues with the recall feature in Microsoft Windows, but you guys remember that Microsoft bought a huge partnership stake and Open AI.
Open AI is hungry for huge data sets to learn and teach their AI. And recall will be the data set that they need to teach it to replace you as a worker. This way Microsoft can sell their operating system in their AI features as a way to replace most workers that produce repetitive work that AI can do, such as reports or graphics or typewr
Microsoft's business is changing to data mine then (Score:2)
Have you noticed that the price of the Microsoft Windows operating system has been dropping so much that it's not even a big profit point for them anymore and you can buy license keys from third party online websites for a few dollars each for their operating system and Microsoft never cracks down on those sites?
The OS is practically free because the value is in data mining the users, just like Google did!
Internally I believe the company has shifted to data mining. The work that is being done under operatin
Re:fuck right off fuck right off FUCK RIGHT THE FU (Score:4, Funny)
Where are you?
Re: (Score:2)
Best laugh I've had so far this week - thanks!
Re: (Score:2)
Sure. As a claustrophobe, this reminds me of the most terrifying short story I've ever read:
"If you’re armed and at the Glenmont metro, please shoot me"
https://www.reddit.com/r/nosle... [reddit.com]
Re:fuck right off fuck right off FUCK RIGHT THE FU (Score:5, Interesting)
i just cant even begin to understand who the fuck would want this? have they not thought at all about resource usage or performance? god i hate this world, someone put a bullet in my head please.
That's what I keep wondering. Every five seconds? That's eating some IO and a little processor no matter how it's being performed. And I'd rather not waste the resources just so someone else has access to my entire computing history. I'm completely baffled as to how or why anyone would think this is a good use of system resources.
Re: (Score:2)
Of course, they didn't do the next step of "sure, but what if..." on any number of basic fucking security to kibosh it.
And then to store the damned shit in PLAIN TEXT secured only by any drive encryption 90% of users don't use.
Re: (Score:2)
Re: (Score:2)
Even if we grant their implementation concept, the simple odds it *won't* actually capture that moment you want b/c it's a timed thing, is utterly stupid.
Murphy was an Optimist and this will happily catch every password you've ever typed but miss what you want - is entirely what this will end up doing.
Re: (Score:2)
It's true that Windows doesn't have granular enough permissions and any program running with user privilege can grab the screen and steal keyboard strokes. Windows is way behind macOS in this area - they only have microphone and webcam permissions enforced in the OS.
Meanwhile, Windows 11 already requires a TPM. They should be able to make it awfully hard for a userspace program to read this data. Separate from full-disk encryption because that only protects from outsiders without user access.
Re: (Score:2)
It's true that Windows doesn't have granular enough permissions and any program running with user privilege can grab the screen and steal keyboard strokes.
The last time I checked Windows sorta has this key logging ability via the Virtual Keyboard. It captures everything a user inputs with a keyboard. In fact it is always in the background under Microsoft Text Input Application. It cannot be removed or stopped.
Re: (Score:3)
Think about it for even a few seconds. Recall means that this newly-installed "hacker tool" you mention not only has access to what you do at this point in time... but also what you did before the "hacker tool" got installed.
Re: (Score:3)
I propose to you 2 scenarios, you tell me which is worse
Scenario 1) my work computer gets infected and a malicious actor gets 1 day of my keystrokes and screenshots before abnormal network activity is detected and cuts my connection, sends me to security class, and gives me a new machine
Scenario 2) my work computer gets infected and a malicious actor gets screenshots and keystrokes going back a month and the same consequences for me.
The going back a month will capture password change day at the very least m