Comment on Microsoft is enabling BitLocker device encryption by default on Windows 11

• stephen01king@lemmy.zip ⁨5⁩ ⁨weeks⁩ ago

  Ok, but what lesson was Microsoft supposed to learn from the Crowdstrike fiasco that have to do with the implementation of Bitlocker in personal devices?

  Are you suggesting that OS drive encryption should never be implemented due to the fact that computers might sometimes need to be accessed without the OS booting up? That doesn’t really make sense. That’s what Bitlocker keys are for, to unlock the drive if needed.

  source

  • db2@lemmy.world ⁨5⁩ ⁨weeks⁩ ago

    OK buddy, you can be right if it’s that important to you.

    source

    • stephen01king@lemmy.zip ⁨5⁩ ⁨weeks⁩ ago

      I don’t know everything about what happened during the Crowdstrike fiasco since it didn’t directly affect my company, so I’m asking questions. I don’t really care about being right. If you were talking about something I don’t know, I’m glad to learn new things about that incident. Why get defensive on something like this instead of just clarifying your point?

      source

      • db2@lemmy.world ⁨5⁩ ⁨weeks⁩ ago

        OK, I may have misread the intent. Sorry.

        Basically for any machine with bitlocker on it we had to unlock the drive before getting the ability to load an external OS to go on to that drive and remove the problem file. The built in Windows was completely borked. For a home user that’s generally quick and easy to do, in any corporate environment it will take hours if not days to get that unlock code and meanwhile nothing can get done meaning business grinds to a halt and waits.

        As for what happened in the first place, Crowdstrike updated a file for their nanny app which has kernel (lowest OS level) access so when their app choked on the bad update it crashed the kernel which meant Windows couldn’t even load much less run.

        The two aren’t directly related but one made the other significantly harder to fix with any speed.

        source