this rootless Python script rips Windows Recall’s screenshots and SQLite database of OCRed text and allows you to search them.

  • a1studmuffin@aussie.zone
    link
    fedilink
    English
    arrow-up
    1
    ·
    5 months ago

    Wow, it’s pretty wild they didn’t even attempt to encrypt or protect this data, even if it is local to your machine. What a treasure trove for malware to sift through.

      • addie@feddit.uk
        link
        fedilink
        English
        arrow-up
        1
        ·
        5 months ago

        I thought that it was encrypted if your home directory was encrypted? The impression that I got was that it was just a SQLite database stored in the clear. The user must certainly be able to make queries of that database in order for it to work, so even if it’s hosted by a non-user service, malware running locally will still be able to exfiltrate the data.

      • a1studmuffin@aussie.zone
        link
        fedilink
        English
        arrow-up
        1
        ·
        5 months ago

        Is it? I skimmed the GitHub source code and couldn’t see anything involving encryption, but it’s totally possible I missed something. Perhaps just accessing the database from python is enough to decrypt it.