I was wondering when a reporter would uncover this.
-
@GossiTheDog@cyberplace.social Windows charging people for a pro/enterprise license to encrypt more than the OS drive (while still uploading their keys to the cloud) is also just insane to me
For a long time I think you had to pay for a pro license to even encrypt your drives at all, but luckily they stopped doing that, instead you get to encrypt the OS drive for free and everything else is gonna cost you a few hundred extra dollars
@GossiTheDog@cyberplace.social oh also as a note to all the users who installed windows with a local system account instead of linking your microsoft account
none of you have an encrypted OS drive, it just doesn't encrypt your drives by default if you do that because it can't back the keys up to MS cloud -
-
@GossiTheDog@cyberplace.social i remember thinking "wow that doesnt seem secure" when i saw the button to download bitlocker keys on my microsoft account page
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/Anyone truly surprised? Microsoft has a history of building back doors into their products under the guise of customer service.
-
@GossiTheDog
At some point, I hope that the national security guys, the techbros, and everyone in between, will come to a final fucking realization that no matter how pure your thoughts and intentions, building backdoors or skeleton keys will ALWAYS eventually wind up in the wrong hands.Like every time
AlwaysIt is time these guys grew up and became adults
@mloxton @GossiTheDog …and stop dreaming about being filthy rich, it’s not equitable nor sustainable.
-
@jkmcnk Yup, certainly. Firing up my win machine now to see what's up with that.
@christopherkunz I call it my gaming machine, but with windows 10 going eol, I'm now researching steamos/stock linux with proton options.
-
@GossiTheDog uploading the BitLocker recovery keys to the MS cloud is not default behavior, is it? Even the Forbes article states that you can opt-out of it (or do you even have to opt-in?).
It became the default option if you use a Microslop account a little while ago.
Obviously not something to worry about if you use workarounds for a local account, and I'm not sure what happens with organisational MS accounts.
-
@GossiTheDog@cyberplace.social oh also as a note to all the users who installed windows with a local system account instead of linking your microsoft account
none of you have an encrypted OS drive, it just doesn't encrypt your drives by default if you do that because it can't back the keys up to MS cloud@froge @GossiTheDog "By default". Rightfully so. The default should never be "you lose everything if you lose your keys". If you want an encrypted drive that you can't recover by putting it in another machine, you should have to opt in to that and understand the risks and availability-confidentiality tradeoff.
-
@GossiTheDog
At some point, I hope that the national security guys, the techbros, and everyone in between, will come to a final fucking realization that no matter how pure your thoughts and intentions, building backdoors or skeleton keys will ALWAYS eventually wind up in the wrong hands.Like every time
AlwaysIt is time these guys grew up and became adults
@mloxton @GossiTheDog They won't because the goal for them is never to have a working equitable sustainable system. It's to justify their adversarial existence and place on the top above responsibility, screw the people they were supposed to be protecting.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog a reminder: in cyberspace, all doors are front doors.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog
How to cancel bitlocker on Linux? -
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/Then you can send a #Copy of your #Flat-#Key right away to the #Police-#Station of your Choice, with a Note:
"In Case of me committing a #Crime or being suspected of doing or planning one, please go to my Flat for seizing #Evidence #instantly."
It's totally #obsolete to #encrypt your #System, when a #Recovery -Key is saved #unencrypted in a #Microsoft-#Cloud. -
@froge @GossiTheDog "By default". Rightfully so. The default should never be "you lose everything if you lose your keys". If you want an encrypted drive that you can't recover by putting it in another machine, you should have to opt in to that and understand the risks and availability-confidentiality tradeoff.
@dalias@hachyderm.io @GossiTheDog@cyberplace.social secure encryption will unavoidably cause you to lose everything if you lose your keys, by default....
but the real issue is that microsoft engineers know this, and didn't even so much as try to program a secure backup feature that doesn't expose the keys, or even give a popup in the installer warning people that their drives will be completely unencrypted and insecure by default without an MS account... or any of the 1000s other things they could do to communicate their security stance to users tbh -
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog wtf
-
@GossiTheDog
At some point, I hope that the national security guys, the techbros, and everyone in between, will come to a final fucking realization that no matter how pure your thoughts and intentions, building backdoors or skeleton keys will ALWAYS eventually wind up in the wrong hands.Like every time
AlwaysIt is time these guys grew up and became adults
@mloxton @GossiTheDog Yes, though you're giving them the benefit of the doubt that their original intentions were pure and altruistic. Personally I think the bubble that most tech bros and gals study, work, and reside in, is deeply supremacist and toxic. Nothing truly good can come out of that.
-
@dalias@hachyderm.io @GossiTheDog@cyberplace.social secure encryption will unavoidably cause you to lose everything if you lose your keys, by default....
but the real issue is that microsoft engineers know this, and didn't even so much as try to program a secure backup feature that doesn't expose the keys, or even give a popup in the installer warning people that their drives will be completely unencrypted and insecure by default without an MS account... or any of the 1000s other things they could do to communicate their security stance to users tbh@froge @GossiTheDog This is what I'm saying - that it shouldn't be on by default, only with informed consent.
For the vast majority of users, losing their photos of their kids or all their personal writing or whatever is much more catastrophic than "someone who seizes my computer might see what's on it".
-
J jwcph@helvede.net shared this topic
