I was wondering when a reporter would uncover this.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog Never, ever trust any company to secure your secrets. Use local storage like Proton to keep it on your own devices, under your own control
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog That's not encryption, that's just a password with extra steps.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog I was already in the process of getting everything Microsoft dragged up to its cloud out. Dropbox is finally killed off, and as much of Google as I can, but they don't make it easy.
-
@GossiTheDog I donβt understand putting your trust in black box proprietary encryption software when TrueCrypt/VeraCrypt exist and are older than BitLocker by 3 years, stupid doesnβt even begin to describe it.
@gsprs @GossiTheDog last time I set up a Win11 machine a year and a half ago, it was obligatory to use an account (they had blocked all the workarounds at the time) - and BitLocker was automatically activated. Not sure it's even easy to deactivate that and use VeraCrypt instead, now.
On my previous Win11 machine, I was able to bypass using an account and BitLocker was not provided. In that case I found I could put a firmware lock on the drive - good enough for my purposes.
-
@GossiTheDog Yep. Which is why I don't have a Microsoft account, don't back up recovery keys to the cloud, or use BitLocker in the first place.
@bontchev @GossiTheDog which is why I don't have a Microsoft operating system
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog "so bitlocker is super secure, right?"
yeah, that's what i thought too, until a few years ago, when most of windows boot environment bugs i found came with bitlocker key dumping or derivation as a side effect
there's more default settings than just that that leads to a less secure configuration -
@GossiTheDog Never, ever trust any company to secure your secrets. Use local storage like Proton to keep it on your own devices, under your own control
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog jfc
> Federal investigators in Guam believed the devices held evidence that would help prove individuals handling the islandβs Covid unemployment assistance program were part of a plot to steal funds.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog
So, wo auch das Thema dann mal durch ist.Gut das wir im Bereich der kritischen Infrastruktur auf unabhΓ€ngige #Software setzen.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog I'm happy with my LUKS encryption
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog PIRACY flaw.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog for me, Bitlocker is basically Microsoft saying "for your safety, we will encrypt your device, don't you worry, I keep the key". Personally, I prefer to choose and keep the key myself when I want something locked
And now it is even better to learn that the key is not given to the user by default, but provided to the FBI
-
@GossiTheDog bitlocker in all enterprise implementations I have seen always felt more like security theatre than actual security. Sure it was gonna keep a thief of opportunity out of your files, but anyone with more resources could get around it
@Killertomato @GossiTheDog when reading about privacy violation enforcement actions by the FTC there were a lot that would have been resolved by this. Laptops full of patient data stolen from a car, etc.
Honestly it probably mitigates most crimes where an encrypted hard drive avoids the risk. Not all. And not all the non-crime related reasons people care about privacy
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog Another reason I do not use Microsoft. I am forced at work to use it but i try as many work around to avoid it as much as possible. Only another 450 days left of being forced to use it.
-
@squillace well, it's part of how Windows works with Microsoft (online) accounts at least since Windows 8.1 (I had to recover an encryption key to help someone reset their Surface device and I got it through their user account, a Microslop support rep back then told me that they couldn't help if there wasn't a cloud backup, the key wasn't accessible to the user without it). So users don't really have a choice in the matter (no access to key at all, or have it on Microslop's cloud).
@Infoseepage @GossiTheDog@jt_rebelo @Infoseepage @GossiTheDog that is precisely the point. you CAN possess and NOT backup your keys in a cloud. But sure, it makes it easy for msft to help you out in a pinch. But MSFT could upload an encrypted version -- they do not offer that. Unfortunately.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog Bloody Nora!
-
@GossiTheDog What's amazing to me is how many people have sleepwalked into having their user profile synced to Microsoft's servers. Super bad idea for any number of reasons.
@Infoseepage @GossiTheDog Corporations can't be trusted.They prove that over and over.
-
@jt_rebelo @Infoseepage @GossiTheDog that is precisely the point. you CAN possess and NOT backup your keys in a cloud. But sure, it makes it easy for msft to help you out in a pinch. But MSFT could upload an encrypted version -- they do not offer that. Unfortunately.
@jt_rebelo @Infoseepage @GossiTheDog altneratively, they could store it in the TEE encrypted drive now, but again, they don't offer that. MSFT can't touch that one. But you have to know; normal users obviously do not.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog uploading the BitLocker recovery keys to the MS cloud is not default behavior, is it? Even the Forbes article states that you can opt-out of it (or do you even have to opt-in?).
-
@GossiTheDog uploading the BitLocker recovery keys to the MS cloud is not default behavior, is it? Even the Forbes article states that you can opt-out of it (or do you even have to opt-in?).
@christopherkunz @GossiTheDog if you have to to opt out, that makes it default behaviour by definition.
