I'm posting this again to my main timeline, because it's really frustrating (emphasis mine):

"Beaumont says *admin access to the system isn’t required* to read another user’s Recall database. *Another user with an admin account* can easily grab any other user’s Recall database and all the Recall screenshots by clicking through a simple UAC prompt."

https://arstechnica.com/ai/2024/06/windows-recall-demands-an-extraordinary-level-of-trust-that-microsoft-hasnt-earned/2/

How is this not a contradiction? All demos I've seen clearly show that UAC elevation (from an admin account) is needed to access the DB.

I find the idea of #Recall as baffling as anyone, but as professionals we must clearly communicate the risks, so that *real* threats (e.g. abusive spouse with local admin access) are highlighted and MS can't dismiss them as FUD.

@buherator fwiw I am puzzled by this too. and I would be very much surprised if it were true that regular users can access this without elevating in some way. since I have no access to any windows 11 machine, I cannot verify this for myself ATM thouh.

that said: recall is a bad idea, regardless.

@buherator Look at the replies from @tiraniddo

@buherator https://infosec.exchange/@tiraniddo/112566044174482506

@claushoumann @tiraniddo

FTR, and to verify my understanding:

* The DB is *owned by the user* that the recording belongs to, but there are additional access controls that prevent the user from directly reading the DB without adjusting privileges[1]. This kind of answers my other question about what (potentially abusable) mechanism is there so a regular user can access their own recording while the DB is supposedly admin-only.
* You still need admin for cross-user access[2].

Is this correct?

[1] https://infosec.exchange/@tiraniddo/112566044174482506
[2] https://infosec.exchange/@tiraniddo/112566450435430019