I was wondering when a reporter would uncover this.
-
@GossiTheDog uploading the BitLocker recovery keys to the MS cloud is not default behavior, is it? Even the Forbes article states that you can opt-out of it (or do you even have to opt-in?).
It became the default option if you use a Microslop account a little while ago.
Obviously not something to worry about if you use workarounds for a local account, and I'm not sure what happens with organisational MS accounts.
-
@GossiTheDog@cyberplace.social oh also as a note to all the users who installed windows with a local system account instead of linking your microsoft account
none of you have an encrypted OS drive, it just doesn't encrypt your drives by default if you do that because it can't back the keys up to MS cloud@froge @GossiTheDog "By default". Rightfully so. The default should never be "you lose everything if you lose your keys". If you want an encrypted drive that you can't recover by putting it in another machine, you should have to opt in to that and understand the risks and availability-confidentiality tradeoff.
-
@GossiTheDog
At some point, I hope that the national security guys, the techbros, and everyone in between, will come to a final fucking realization that no matter how pure your thoughts and intentions, building backdoors or skeleton keys will ALWAYS eventually wind up in the wrong hands.Like every time
AlwaysIt is time these guys grew up and became adults
@mloxton @GossiTheDog They won't because the goal for them is never to have a working equitable sustainable system. It's to justify their adversarial existence and place on the top above responsibility, screw the people they were supposed to be protecting.
-
S svenja@mstdn.games shared this topic
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog a reminder: in cyberspace, all doors are front doors.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog
How to cancel bitlocker on Linux? -
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/Then you can send a #Copy of your #Flat-#Key right away to the #Police-#Station of your Choice, with a Note:
"In Case of me committing a #Crime or being suspected of doing or planning one, please go to my Flat for seizing #Evidence #instantly."
It's totally #obsolete to #encrypt your #System, when a #Recovery -Key is saved #unencrypted in a #Microsoft-#Cloud. -
@froge @GossiTheDog "By default". Rightfully so. The default should never be "you lose everything if you lose your keys". If you want an encrypted drive that you can't recover by putting it in another machine, you should have to opt in to that and understand the risks and availability-confidentiality tradeoff.
@dalias@hachyderm.io @GossiTheDog@cyberplace.social secure encryption will unavoidably cause you to lose everything if you lose your keys, by default....
but the real issue is that microsoft engineers know this, and didn't even so much as try to program a secure backup feature that doesn't expose the keys, or even give a popup in the installer warning people that their drives will be completely unencrypted and insecure by default without an MS account... or any of the 1000s other things they could do to communicate their security stance to users tbh -
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog wtf
-
@GossiTheDog
At some point, I hope that the national security guys, the techbros, and everyone in between, will come to a final fucking realization that no matter how pure your thoughts and intentions, building backdoors or skeleton keys will ALWAYS eventually wind up in the wrong hands.Like every time
AlwaysIt is time these guys grew up and became adults
@mloxton @GossiTheDog Yes, though you're giving them the benefit of the doubt that their original intentions were pure and altruistic. Personally I think the bubble that most tech bros and gals study, work, and reside in, is deeply supremacist and toxic. Nothing truly good can come out of that.
-
@dalias@hachyderm.io @GossiTheDog@cyberplace.social secure encryption will unavoidably cause you to lose everything if you lose your keys, by default....
but the real issue is that microsoft engineers know this, and didn't even so much as try to program a secure backup feature that doesn't expose the keys, or even give a popup in the installer warning people that their drives will be completely unencrypted and insecure by default without an MS account... or any of the 1000s other things they could do to communicate their security stance to users tbh@froge @GossiTheDog This is what I'm saying - that it shouldn't be on by default, only with informed consent.
For the vast majority of users, losing their photos of their kids or all their personal writing or whatever is much more catastrophic than "someone who seizes my computer might see what's on it".
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog Microslop strikes again. Anyone interested in keeping their data safe from the pigs should jump ship immediately
-
B blumine@troet.cafe shared this topic
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog nothing with a back door is secure. I’m saying this since 1993 and I’ve almost got me fired.
#nobackdoorsAnd don't get me wrong I have nothing against good old-fashioned police work to hunt down crooks and criminals.
(Unusually in the United States a judge is involved if keys are handed over. But we don't know for how long this will be the case. A lot of damage has been done already and this is only the first year.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog
It still provides a layer of security, provided the threat actor isn't one of the governments Microsoft cooperates with, can't hack Microsoft's servers, can't impersonate law enforcement, and can't hack your Microsoft account (if I recall correctly, getting a recovery key requires password + SMS token, both of which are easy to steal).In other words, a lock made of papier-mâché.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog i’m just surprised anyone is even surprised about this?
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog The latest situation has become crystal clear. Avoid the main-stream Social Media, avoid the big centralized software companies. Stick around with Fediverse, stick around with Open-Source Softwares. Or, you can get in trouble.
️
-
Rob Braxman has been bitching about this for quite some time.
@Brokar @GossiTheDog Brax is a grifter selling insecure hardware and software https://grapheneos.social/@GrapheneOS/114825638504244405
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog Good day @protonprivacy where do you store your data for ProtonPass?
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog weak to a cyberattack?
-
@GossiTheDog Good day @protonprivacy where do you store your data for ProtonPass?
@GossiTheDog @protonprivacy Oh - "limited resources so no longer posting on Mastodon".
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/I feel vindicated — thank you!
I remember telling everyone this many years ago, and people acted like it was no big deal. So many had the mindset that if you had nothing to hide, you had nothing to fear, and therefore nothing to worry about. The prevailing attitude was essentially: “Trust Microsoft.”
Today, we know the government cannot always be trusted. You can follow every law, pay your taxes, and mind your own business — and the government (ICE, for example) may still kick in your door. Furthermore, we also know that large corporations like Microsoft will willfully hand over your data without so much as a warrant. Lastly, we also know that Microsoft Cloud, along with Amazon and Google, can go offline or be hacked.
I think about how many people blissfully chose to ignore all of this… this whole time… and how those of us who pointed out the obvious were labeled as crazy.
-
S strubbl@social.tchncs.de shared this topic
