Recall: Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible.

The author demonstrates that Microsoft’s Recall (Copilot) feature periodically captures screenshots, OCRs them to text, and stores that text in a locally accessible SQLite database; this data can be read and rapidly exfiltrated by malware or another local account. The report details design and deployment choices (enabled-by-default, storage path, exclusion gaps), shows proof of concept exfiltration and automation, and warns of large-scale privacy and breach risks since data persists even after deletion and can be harvested without the data processor’s involvement.