I was wondering when a reporter would uncover this.
Uncategorized
116
Posts
94
Posters
0
Views
-
@GossiTheDog I don’t understand putting your trust in black box proprietary encryption software when TrueCrypt/VeraCrypt exist and are older than BitLocker by 3 years, stupid doesn’t even begin to describe it.
@gsprs @GossiTheDog they also work on ALL hardware, not just ones that Microsoft feels like supporting / have specific TPM features.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/From my knowledge, the following is true: sign in with MS account will store encryption key. It can be deleted. But is anything cloud really deleted?
Setting up computer as a local machine, from what I know, does not sync encryption keys. They change things frequently and I don’t trust MS, so still use caution.
Setting up a machine on Active Directory in an enterprise setting allows bit locker keys to be written to Active Directory, but I don’t believe it is enabled OOB.
-
It's not just the FBI, btw - MS accepts valid law enforcement request internationally. Also it's not just BitLocker.
@GossiTheDog Time to get a Yubikey and see if they can get around that as a last line of defense. That's if you have admin and can install it yourself. No Yubikey? Good Luck with trying to enter that stupid bit -ocker recovery code. Ask me how I know. I FAFO'D
-
@GossiTheDog SO many parts of bitlocker setup just screamed "dark pattern" and "we can access your data, but lol no we won't help you recover it", last time I tried to set it up. and then they locked a ton of the actually-decent stuff away from Home users, because consumers don't deserve safety.
Microsoft is a vile company.
@groxx @GossiTheDog what?? Apple does the same thing which is why nobody should be using cloud accounts on their devices.
-
@groxx @GossiTheDog what?? Apple does the same thing which is why nobody should be using cloud accounts on their devices.
@x41h @GossiTheDog you don't need an Apple account to set up a Mac.
(at least, last I did it, and still true as far as I can find from a brief search)
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog shocking..
-
@GossiTheDog Time to get a Yubikey and see if they can get around that as a last line of defense. That's if you have admin and can install it yourself. No Yubikey? Good Luck with trying to enter that stupid bit -ocker recovery code. Ask me how I know. I FAFO'D
@carpetbomberz @GossiTheDog yubi for what?
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog Isn't bitlocker flawed, though? I remember hackers demonstrating bitlocker bypass when recovering Windows.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog@cyberplace.social Rob Braxman Tech covered this a few months ago.
-
@GossiTheDog You can save Key as a file.
@niknukem @GossiTheDog Which most average users will not. Or if they do, they lose the file before need arises. I mean I hate Microsoft and all the forced cloud stuff, but recovery is a hard problem to solve user-friendly.
-
@niknukem @GossiTheDog Which most average users will not. Or if they do, they lose the file before need arises. I mean I hate Microsoft and all the forced cloud stuff, but recovery is a hard problem to solve user-friendly.
@niknukem @GossiTheDog To put it other way around, having recovery keys automatically stored in Microsoft cloud has probably made A LOT of people happy they could recover their data. A much smaller group is unhappy that Microsoft shared their keys with the spooks.
-
@GossiTheDog
How to cancel bitlocker on Linux?@beastfellow @GossiTheDog remove cryptsetup package
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog Isn't this the default-on-consumer-devices "Device Encryption" branded BitLocker which syncs the recovery key to your MS account and you can view it there if you need it, rather than BitLocker-branded BitLocker that you enable in the legacy control panel and/or with group policies (the latter including options to sync keys to AD and whatever)?
Not that they couldn't grab the key in the latter case too since stealing all the data is totally fine in the AI era, but I think the latter would be somewhat more scandalous than giving the feds the key that you kinda-knowingly already sent to Microsoft.
-
@niknukem @GossiTheDog To put it other way around, having recovery keys automatically stored in Microsoft cloud has probably made A LOT of people happy they could recover their data. A much smaller group is unhappy that Microsoft shared their keys with the spooks.
@suihkulokki @GossiTheDog But this group of people knows how to save their key just on a usb drive and not in the cloud.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog It's one of those things that's kind of done in plain sight, but needs someone to think critically about it and reframe it in a few ways so people really understand. Windows won't enable Bitlocker unless it has a way to escrow the key somewhere (OneDrive or AD I think) to handle the case where the boot process changes so you can manually unlock and reseal the TPM key, eg in dual-boot scenarios, or across a firmware update that wasn't initiated from within Windows. This can be done for user-centric reasons and plain escrow is the simplest solution, but it is vulnerable to MS being compromised or compelled by a government, so it's not something you can rely on to protect yourself against a State, just common thieves or human error.
Maybe given the current political climate bringing light to this risk will cause some people to change their risk calculations
-
It's not just the FBI, btw - MS accepts valid law enforcement request internationally. Also it's not just BitLocker.
it needs to be known that encryption can only do so much. it's not a blank cheque to say whatever you want over the internet. you can be compelled by one means or another to give up your keys or sit in a cage for a long time.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog Microsoft should never have access to the encryption keys in the first place. A very flawed system indeed.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog @shufflecake a bit of shameless self-promotion: it looks like we'll be able to launch a prototype for a fully hidden OS using #Shufflecake somewhere this year. And, no, we don't have an option for uploading encryption keys to "the Cloud" 😂 https://shufflecake.net/
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog nein!, doch!, oh!
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/Could using VeraCrypt or something similar help to protect your data?
-
undefined oblomov@sociale.network shared this topic
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@nopatience @dirkblank yeah, and, i think that everyone will find other platform when they need
(and i am not understand that is there any problem to advertising mastodon ad(or not even an ad) on mastodon?)
-
Rearranging my cats
-
@alsivx adesso funziona. Dev'essere stato temporaneo. Me lo guardo, grazie 💕
-
@lritter there's some great stuff on them hash tags <3
-
Devo ancora metabolizzarlo...
#film #undertheskin #scifi #fantascienza #movies
-
@LaVi Strano... Sono da PC ma ho provato a cercare il canale e il video e lo apre. Hai l'applicazione aggiornata?
-
@alsivx E non dimentichiamoci che Fionna & Cake ha il doppiaggio italiano disponibile solo in America per motivi sconosciuti, con una data ancora incerta. E non si sa perché non hanno deciso di includere Fionna & Cake sul HBO Max italiano mentre su Feisbuk e co non fanno altro che parlare di OHHHHHH IL KAVALIERE E I SETTE REGNI EEEEHH BELLOOOO
E ancora sto attendendo che rifanno il ripping con il doppiaggio italiano. Fanculo a Netflix, Warner Bros, MGM e tutti gli altri servizi.
-
@aeva following hashtags. what a concept. thanks again.
