I was wondering when a reporter would uncover this.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/ -
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog You can save Key as a file.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog finally! Even worse, they don't even need to request it from Microsoft, if they have access to another device with acess to the MS account connected to that device, it's just some keystrokes and clicks away.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/It's not just the FBI, btw - MS accepts valid law enforcement request internationally. Also it's not just BitLocker.
-
@GossiTheDog You can save Key as a file.
@niknukem Which doesn't help if the key is additionally and automatically synced to MS. You have a MS account to login, don't you? So it's easy to connect...
And afaik the sync can only be deactivated using GPOs - but perhaps even this is no longer a possibility...
-
It's not just the FBI, btw - MS accepts valid law enforcement request internationally. Also it's not just BitLocker.
@GossiTheDog they had a form somewhere, sometime ago, to expedite the requests, if I'm not mistaken.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog I remember TrueCrypt and all of the discussions regarding the beginnings of VeraCrypt.
Is VeraCrypt now finally decided to be a legal fork? Yeah, I know, nobody cares, but before I trust MS in this....
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog is it not the case that the only way to avoid this is to use Windows Professional, or have they changed that with Windows 11 as well?
-
It's not just the FBI, btw - MS accepts valid law enforcement request internationally. Also it's not just BitLocker.
@GossiTheDog What's amazing to me is how many people have sleepwalked into having their user profile synced to Microsoft's servers. Super bad idea for any number of reasons.
-
@niknukem Which doesn't help if the key is additionally and automatically synced to MS. You have a MS account to login, don't you? So it's easy to connect...
And afaik the sync can only be deactivated using GPOs - but perhaps even this is no longer a possibility...
@jesterchen So is there peoof they sync the key even if you select sace as file? Yeah no MS account in windows. But guess most do use intune, than key is cloud based. Welcome back veracrypt. Xd
-
@GossiTheDog I remember TrueCrypt and all of the discussions regarding the beginnings of VeraCrypt.
Is VeraCrypt now finally decided to be a legal fork? Yeah, I know, nobody cares, but before I trust MS in this....
@jesterchen @GossiTheDog Try Cryptomator.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/Rob Braxman has been bitching about this for quite some time.
-
@GossiTheDog What's amazing to me is how many people have sleepwalked into having their user profile synced to Microsoft's servers. Super bad idea for any number of reasons.
@Infoseepage @GossiTheDog but Microslop says it "does not provide any government with our encryption keys or the ability to break our encryption". https://www.microsoft.com/en-us/corporate-responsibility/reports/government-requests/customer-data
(And they seem to have stopped publishing the reports after the Orange Menace barged into office)... -
It's not just the FBI, btw - MS accepts valid law enforcement request internationally. Also it's not just BitLocker.
@GossiTheDog Unfortunately, not *just* valid ones.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog giving the current climate, this is sketchy as hell
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog Yep. Which is why I don't have a Microsoft account, don't back up recovery keys to the cloud, or use BitLocker in the first place.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog
Bitlocker is only to guarantee that Microsoft's beak gets wet every time your data is stolen. To who is this news? Its been clear for years, great job "Forbes". Where news goes to get lobotomized...One must be an utter buffoon with what we know today, to think Microsoft in any way has aligned interests with users. They don't.
MS has already betrayed you. They are not your friend.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog bitlocker in all enterprise implementations I have seen always felt more like security theatre than actual security. Sure it was gonna keep a thief of opportunity out of your files, but anyone with more resources could get around it
-
@Infoseepage @GossiTheDog but Microslop says it "does not provide any government with our encryption keys or the ability to break our encryption". https://www.microsoft.com/en-us/corporate-responsibility/reports/government-requests/customer-data
(And they seem to have stopped publishing the reports after the Orange Menace barged into office)...@jt_rebelo @Infoseepage @GossiTheDog it's important to note that the objection here is that users should not be encouraged to store their own encryption keys on a service provider, as that provider has a responsibility to comply with legal search warrants wherever it does business. Microsoft does not "directly" give anyone keys to data without such a warrant as a matter of policy.
@GossiTheDog is correct to argue that a) it shouldn't be made easy to default to the cloud and b) that ultimately, if you mean to encrypt then you likely mean to own those keys yourself. Don't put them in a service that must respond to legal instruments.
-
@jt_rebelo @Infoseepage @GossiTheDog it's important to note that the objection here is that users should not be encouraged to store their own encryption keys on a service provider, as that provider has a responsibility to comply with legal search warrants wherever it does business. Microsoft does not "directly" give anyone keys to data without such a warrant as a matter of policy.
@GossiTheDog is correct to argue that a) it shouldn't be made easy to default to the cloud and b) that ultimately, if you mean to encrypt then you likely mean to own those keys yourself. Don't put them in a service that must respond to legal instruments.
@jt_rebelo @Infoseepage @GossiTheDog the default for storing such things would be an encrypted version, per the Apple option.
We have no knowledge whether Apple or Google have ever given something out. I would not take that for a denial that they had.
