So, this means Microsoft has copies of every single bitlocker key, meaning that a bad actor could obtain them… Thereby making bitlocker less than worthless, it’s an active threat.
MS really speedrunning worst possible software timeline
Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects' laptops: Reports | TechCrunch
Submitted 17 hours ago by commander@lemmy.world to technology@lemmy.world
Comments
empireOfLove2@lemmy.dbzer0.com 17 hours ago
dual_sport_dork@lemmy.world 16 hours ago
They don’t have a copy of every single Bitlocker key. They do have a copy of your Bitlocker key if you are dumb enough to allow it to sync with your Microsoft account, you know, “for convenience.”
Don’t use a Microsoft account with Windows, even if you are forced to use Windows.
tabular@lemmy.world 16 hours ago
To use Windows without a Microsoft account requires tech literacy these days, I thought. I would not be suprised if users didn’t choose to sync with a MS account but it’s doing it anyway, if that’s what MS want.
DeathByBigSad@sh.itjust.works 16 hours ago
Encryption doesn’t actually complete until you log in with a Microsoft account for Home Edition.
Anyways: Use Veracrypt.
Or just Linux + LUKS
lemmyout@lemmy.zip 16 hours ago
It’s a bit harsh and unfair to say “you are dumb enough to allow it”. Microsoft makes it damn near impossible to avoid this unless you are extremely particular and savvy about it, and never have an off day where you make a mistake while using your PC.
JustEnoughDucks@feddit.nl 3 hours ago
Are you naive enough to believe the surveillance OS that uploads literally all of your activity along with screenshots of your desktop doesn’t automatically upload you keys no matter what little box you tick on the installer?? 😂 there is absolutely not one single 3rd party auditing that they actually follow any of the options at all that they give.
realitaetsverlust@piefed.zip 12 hours ago
Don’t use
a Microsoft account withWindowsFtfy
goferking0@lemmy.sdf.org 10 hours ago
But, by default, BitLocker recovery keys are uploaded to Microsoft’s cloud, allowing the tech giant — and by extension law enforcement — to access them and use them to decrypt drives encrypted with BitLocker, as with the case reported by Forbes.
I mean it’s dumb to sync but at same time it’s not like MS isn’t great at either making it almost impossible to not sync it re-enable syncing for a bit after updates.
You can constantly tell it not to sync but all it takes is MS saying we want it now and they’ll get it
empireOfLove2@lemmy.dbzer0.com 16 hours ago
They do have a copy of your Bitlocker key if you are dumb enough to allow it to sync with your Microsoft account, you know, “for convenience.”
Which I don’t believe is the only way it can leak. It’s well known Microsoft can access anything and everything on an internet connected Windows PC whether there’s a Microsoft account or not. If the nazi’s push for the device of someone on a local account only, you know they’ll magically find a way.
iterable@sh.itjust.works 14 hours ago
Save a copy of your bitlocker keys to a Veracrypt drive with a password no shorter then 15 mixed characters. Then upload that encrypted container to any free service. They wont be able to open it and now you have a remote backup copy.
Tollana1234567@lemmy.today 5 hours ago
i heard win11 its automatically used online for home.
bw42@lemmy.world 16 hours ago
No they do not have copies of every Bitlocker key.
Bitlocker by default creates a 48-bit recovery code that can be used to unlock an encrypted drive. If you run Windows with a personal Microsoft account it offers to backup that code into your Microsoft account in case your system needs recovered. The FBI submitted a supoena to request the code for a person’s encrypted drive. Microsoft provided it, as required by law.
Bitlocker does not require that key be created, and you don’t have to save it to Microsoft’s cloud.
This is just a case of people not knowing how things work and getting surprised when the data they save in someone else’s computer is accessed using the legal processes.
user28282912@piefed.social 16 hours ago
Except that Microsoft basically puts a gun to every users head to login with a Microsoft account which can/does backup the recovery keys.
greybeard@feddit.online 13 hours ago
If you sign into a Microsoft account during setup, Microsoft automatically turns on bitlocker and sends the key off to Microsoft for safe keeping. You are right, there are other ways to handle bitlocker, but that’s way beyond most people, and I don’t think Microsoft even tells you this during setup. It’s honestly a lifesaver for when bitlocker breaks(and it does), but it comes at a cost. In the business world, this is seen as a huge benefit, as we aren’t trying to protect from the US government, mostly petty theft and maybe some corporate espionage.
As is often the case, the real solution is Linux, but that, too, is far beyond most people until manufacturers start shipping Linux machines to big box stores and even then they’d probably not enable any encryption.
NatakuNox@lemmy.world 12 hours ago
Hey copilot, give me the bitlocker key to the nuclear football!
x0x7@piefed.social 16 hours ago
Microsoft is already a bad actor and they have them. Or a bad actor could threaten microsoft physically and microsoft will hand them over. Wait, that already happened.
Kongar@lemmy.dbzer0.com 15 hours ago
And people make fun of me for turning off secure boot and tpm. They just cause grief for no benefit.
frongt@lemmy.zip 13 hours ago
Well this isn’t directly related to those, so maybe some derision is warranted.
partial_accumen@lemmy.world 15 hours ago
As long as you’re doing your own whole disk encryption, you have a valid path to still be secure. However, if you’re running an unencrypted disk, you’re much more likely to lose your data to a non-state actor.
cley_faye@lemmy.world 10 hours ago
Both are completely unrelated to the discussion. TPM sometimes have issues regarding their security, but you can certainly use Secure Boot with your own signing keys to ensure the kernel you run is one you installed, which improves security. And you can use TPM to either keep your FDE keys, or only part of them combined with a PIN if you don’t fully trust them to be secure, so you keep strong encryption but with a bit of convenience.
Without a (properly configured) Secure Boot startup, anyone could just put a malware between the actual boot and your first kernel. If the first thing that happens when you boot is something asking for a password to be able to decrypt your storage, then an attacker can just put something here, grab your password, and let you proceed while storing in a a place it can be retrieved.
Is this scenario a concern for most people? That’s unlikely. But every computer sold these last five years (at least!) can be setup to reduce this risk, so why not take advantage of it.
Appoxo@lemmy.dbzer0.com 13 hours ago
More likely stupid users storing their bitlocker key in the microsoft account instead of printing it out or storing it somewhere not owned by MS lol
Arcane2077@sh.itjust.works 16 hours ago
Could be worse. Could have skeleton keys
corsicanguppy@lemmy.ca 16 hours ago
You’re assuming there isn’t a master pubkey baked into the software.
termaxima@slrpnk.net 1 hour ago
Not your keys ? Not your data !
Buelldozer@lemmy.today 11 hours ago
The word “Gave” is really doing some heavy lifting in that title. Microsoft produced the keys in response to a warrant as required by law.
If you don’t want a company, any company, to produce your data when given a warrant then you can’t give the company that data. At all. Ever.
Not fast food joints, not Uber, not YouTube, not even the grocery store.
ColeSloth@discuss.tchncs.de 8 hours ago
If you can’t possess the keys, you can’t give them when there’s a warrant. Microsoft designed a system that could obtain and decrypt those keys on purpose.
kokesh@lemmy.world 11 hours ago
Yes. But this completely invalidates the encryption. If anyone can decrypt your data without you giving the keys to them, it is not really encrypted.
Buelldozer@lemmy.today 11 hours ago
The encryption key is data, don’t give it to ANYONE. “Two people can keep a secret if one of them is dead.”
MrScottyTay@sh.itjust.works 11 hours ago
Its not anyone though. Not anyone can get a warrant and demand the keys
deczzz@lemmy.dbzer0.com 11 hours ago
I’m stupid. How do thet even produce the keys?
cley_faye@lemmy.world 10 hours ago
Your computer generate a random key using (hopefully) a trusted PRNG with good enough sources. This key is then used to encrypt your data. This key is stored in your computer’s TPM module, and provided to the OS only if the chip approves all the checks in places. In addition, you get that key displayed to you, so you can write it down (or alternatively save the key file somewhere of your convenience). This is relatively good as far as security goes (unless the TPM is broken, which can happen).
And then, unless you jumped through hoops to disable it, your PC sends the key to Microsoft so they can just keep it linked to your account. That’s the part that sucks, because then, they have the key, can unlock your drive on your behalf, and have to produce it if asked by a judge or something.
Note that there are relatively safe way to protect these keys even if they are backed up in “the cloud”, by encrypting them beforehand using your actual password. It’s not absolutely perfect, but can make it very hard/costly/impossible to retrieve, depending on the resources of the attacker/government agency. But MS didn’t chose this way. I don’t know if it’s because of sheer incompetence, inattention, or because this feature is claimed to be here to “help” people that lose their key, and as such are likely to lose their password too, but it is what it is.
Wispy2891@lemmy.world 6 hours ago
In Windows 11, if the main user logs in with a Microsoft account (which is mandatory unless you do some hacks during the install), it automatically encrypts the main drive by default without asking the user consent and uploads the decryption key to Microsoft servers (again, without user consent, but usually this is appreciated because sometimes automatic BIOS updates via windows update wipe the tpm and keep all your data at ransom.)
Dlayknee@lemmy.world 10 hours ago
Microsoft built the encryption in Windows so know how to get around it. In theory that remains a closely guarded secret but there are the warrants and the NSA and…
quips@slrpnk.net 8 hours ago
Not true with E2EE, they can’t give over shit when they don’t have the keys
MSids@lemmy.world 7 hours ago
Bitlocker is computer drive encryption. On W11 it’s supposed to be tied to the motherboards TPM. End to end encryption is not really applicable in this scenario. That phrase is more applicable to cloud services or storage where a telecom or CSP hosts or transports your data but can’t see what the data is.
kittenzrulz123@lemmy.dbzer0.com 4 hours ago
Daily reminder that verified boot is objectively superior to “secure boot”, once again a common Linux W and another example of Google actually promoting some good security practices
DeathByBigSad@sh.itjust.works 2 hours ago
Same thing?
You can add custom keys to secure boot.
cyberpunk007@lemmy.ca 7 hours ago
Just use Linux.
vacuumflower@lemmy.sdf.org 6 hours ago
I’ve read someone blabbering how BitLocker is better than FDE on Linux or BSDs just recently. I didn’t do fact checking, but honestly just uploading keys to MS wasn’t something I expected even from them.
cyberpunk007@lemmy.ca 5 hours ago
Not even from the company that tried to provide you with windows recall? 🤣
JoMiran@lemmy.ml 16 hours ago
PabloSexcrowbar@piefed.social 5 hours ago
I wouldn’t be naive enough to believe there’s not a backdoor somewhere in LUKS.
pemptago@lemmy.ml 3 hours ago
Feel free to share any evidence or indication, otherwise I don’t think “naive” is the right word. Backdoors aren’t the issue here, even for MS Bitlocker. The issue, as stated in the article, is:
by default, BitLocker recovery keys are uploaded to Microsoft’s cloud
No need for a backdoor if you know you can get keys to the front door.
bdonvr@thelemmy.club 11 hours ago
bonjour!
Wispy2891@lemmy.world 6 hours ago
Wasn’t this by design? Otherwise why keeping the decryption keys on servers located in the united states’?
db2@lemmy.world 17 hours ago
x0x7@piefed.social 16 hours ago
Linux. LUKS it yourself or it isn’t really encrypted.
moonshadow@slrpnk.net 14 hours ago
A single bitter, crowing “hah!” at whoever thought there wasn’t at least this much overlap between our corporate and government masters. Welcome to hell kid, shoutout to whatever’s being trained on the last ~30 years of everything that touched the internet in the NSA’s Utah data center. Rose coloured PRISM though, I dream of the day when someone makes those search tools public and I can reminisce through my preteen MSN Messenger convos
melfie@lemy.lol 13 hours ago
Bitlocker? More like Shitlocker. Thanks, but I’ll stick with LUKS.
Mwa@thelemmy.club 13 hours ago
IIRC am pretty sure they have been doing this for years(since Windows 8).
Ugurcan@lemmy.world 7 hours ago
There was an MS tool named COFEE for forensic of Windows machines that’s exclusive to national security agencies, which eventually leaked to What.CD like back in 2009. So I’m pretty sure this predates even Windows 8.
Mwa@thelemmy.club 1 hour ago
So Windows 7/Vista era they have been doing jt
ItsMeForRealNow@lemmy.world 5 hours ago
Can I have those please? I think I need it to unlock an old hardrive.
user28282912@piefed.social 16 hours ago
BitLocker provides for a recovery key. This is to allow someone to regain access to an encrypted device in the event that they lose their PIN, any one of these scenarios happen, OR when suspects do not want to cooperate with LEOs.
Find your BitLocker recovery key
If the target device is part of an enterprise and managed with EntraId/Intune this is the option. Escrowed keys.
notannpc@lemmy.world 15 hours ago
Microslop is openly anti consumer. Why would you hand them your encryption keys?
Tollana1234567@lemmy.today 5 hours ago
winds 11 home forces it apparently, when you have to use it.
BlackLaZoR@fedia.io 16 hours ago
Remember when Truecrypt got suspiciously terminated? That was the goal
RamRabbit@lemmy.world 16 hours ago
Scrollone@feddit.it 16 hours ago
I wonder if it’s actually safe or if it’s just a CIA honeypot.
tekato@lemmy.world 8 hours ago
Microsoft only has your key if you give it to them for convenience (by syncing to your Microsoft account), and they’re required by law to give anything stored in their servers if asked. There’s no conspiracy here.
RamRabbit@lemmy.world 5 hours ago
Microsoft railroads you into this though. This isn’t some checkbox you have to go turn on. Your Bitlocker key will get exfiltrated unless you do a bunch of bullshit to make sure it isn’t.
And that is the thing with Microsoft, they just keep doing this. There is and endless torrent of shit to turn off. No reasonable person will keep on top of it. And if you fuck up a singular time, they just vacuum everything.
wuffah@lemmy.world 15 hours ago
Even if you don’t care that MS and the federal government can decrypt your data, when Bitlocker is enabled your MS account becomes cryptographically linked to your identity and machine, making it a powerful tool for surveillance, identification, and DRM.
xorollo@leminal.space 9 hours ago
So how did Microsoft have the keys in the first place? The article says they are automatically uploaded to the cloud. What does that mean? They’re uploaded to the user’s on drive or something else? Because whatever that user account is shouldn’t be accessible by Microsoft, even if they run the service. I’m not saying aim surprised they do have it, but would be nice to be a little clearer about what features of Bitlocker to avoid. Is it the Microsoft account associated with the windows key? Probably.
Wispy2891@lemmy.world 6 hours ago
theuniqueone@lemmy.dbzer0.com 12 hours ago
Expect nothing else from any corporation for your own safety.
the_riviera_kid@lemmy.world 15 hours ago
This is why I don’t use bit locker, nothing microslop controls secure in any way.
homesweethomeMrL@lemmy.world 16 hours ago
I was summoned to help eject a CD today.
I’m out.
user224@lemmy.sdf.org 13 hours ago
cupholder.exe
SabinStargem@lemmy.today 10 hours ago
All the more reason to use Linux. I will be swapping to Cachy or SteamOS Desktop, depending on when and how things play out.
svullo56@feddit.nu 14 hours ago
Sooo… Is there an alternative to be secure other than switching to another OS? Not that I’m doing anything interesting but o would like to have at least a bit of privacy.
Lfrith@lemmy.ca 3 hours ago
Use Windows LTSC that is stripped of offline requirements, copilot, and the Microsoft store. And use veracrypt. You can set up a container or encrypt a drive such as an external.
DeathByBigSad@sh.itjust.works 14 hours ago
Veracrypt + LTSC
frongt@lemmy.zip 13 hours ago
Yeah, just don’t enable key upload and this can’t happen. Don’t link your account either if you want to be more sure.
If your account has already been linked, unlink it and change the bitlocker keys, both regular and recovery. (Easiest way is to entirely decrypt and reencrypt the drive.)
DeathByBigSad@sh.itjust.works 13 hours ago
Home edition has this “please sign in to microsoft account to ‘finish encryption’” text with a exclamation mark which implies the key is available on the drive unencrypted if you don’t sign in, meaning anyone could just access your drive.
There is no “turning off” the key upload, once you sign in, the upload happens immediately, you can “delete” it later, but like nobody really knows if they ever delete it once they have it.
Appoxo@lemmy.dbzer0.com 13 hours ago
Everyone here (exceptions apply) being soo linux friendly and so tech literate that they don’t know jack shit about both sides and jump to assumptions.
Microshit has no access to your key unless you upload it.
Well DUH!
UltraBlack@lemmy.world 12 hours ago
A microsoft accpunt is now mandatory for windows. Your bitlocker keys are automatically uploaded to your account
Appoxo@lemmy.dbzer0.com 3 hours ago
No, it is not.
At least not in the EU where I live.ultranaut@lemmy.world 11 hours ago
This is not correct. You can use Windows without a Microsoft account.
LifeInMultipleChoice@lemmy.world 12 hours ago
That has to be version specific. I did run into the issue that the Apple devices app that Apple makes is only made available through the Microsoft Store though. So you can’t just run a standard install for it officially. Which sucks. Also their is no official Apple Devices app for Linux, so anyone who has an iPhone can’t “safely” manage their device without having both an Apple Account and a Microsoft account, or a Mac.
brooke592@sh.itjust.works 1 minute ago
Damn, they weren’t even doing this to go after pedos.
I’m curious where in the economic ladder this person fell. Rich enough to get a significant amount of money from the system, but still too poor to make the government look the other way.