You can determine "if you're at risk and take action today:
If you think your Windows computer is safe from prying eyes, think again. A new report reveals that Microsoft has the encryption keys to your hard drive, and it can even give them out to law enforcement, including the FBI. Here's what you need to know and what you can do to stop it from happening to you.
In a stunning breach of personal privacy and security, Microsoft admitted in January that it provided the FBI with the BitLocker recovery keys to three different Windows PCs that were linked to suspected COVID unemployment assistance fraud in Guam. With these keys, the FBI was able to access the files on those devices as part of its investigation.
[...] The Redmond tech giant received its first request from a government official during the Obama administration in 2013. Although the engineer who spoke with the official reportedly declined to build a back door into Windows that would give the government unbridled access to user files, Microsoft still admits to turning over BitLocker recovery keys to law enforcement as recently as 2025. According to the report, Microsoft receives approximately 20 access requests from the FBI per year.
[...] You are not at risk if ...
- You use a Windows PC without a Microsoft account. (You haven't logged into the system with your Outlook email address.)
- You use a Windows PC with a Microsoft account but you chose a local recovery key backup option at activation.
- You disabled BitLocker encryption when you set up your PC.
You are at risk if ...
- You use a Windows PC with a Microsoft Outlook account and you chose to back up your BitLocker recovery key to your account.
- Your PC is a work machine that's managed by your employer.
For those at risk, Microsoft promises that it only gives out encryption keys to lawful requests from the government. That said, if Microsoft can access your encryption keys, what's stopping a hacker from getting them? The problem with storing security keys on cloud servers is that anyone can reach them with the right password, login information, or exploit.
Previously: Microsoft Gave FBI a Set of BitLocker Encryption Keys to Unlock Suspects' Laptops
Related: Over Half a Million Windows Users are Switching to Linux
« Tim Berners-Lee Wants to Save the Web | $100 Billion Mega Deal Between OpenAI and Nvidia is on Ice »
Related Stories
Over Half A Million Windows Users Are Switching To Linux - Here's Why - BGR:
Over Half A Million Windows Users Are Switching To Linux - Here's Why
Windows 10 is on its last legs: The predecessor to Windows 11 has already reached its official end of support in October 2025, and will continue to limp along with free Extended Security Updates (ESU) until October 13th, 2026 (paid ESU lasts until 2028). In other words, Microsoft is looking to responsibly end support for Windows 10 as soon as it can, despite the fact that Windows 10 was supposed to be "the last version of Windows" ever made.
Clearly, this has not held true. Microsoft has also made it difficult to move old hardware to Windows 11, thanks to its rigid TPM 2.0 security chip requirement, which many older desktops and laptops lack. This has left quite a few Windows 10 users without an upgrade path to Microsoft's latest OS on their hardware, and Linux is picking up the slack, with distros like Zorin showing the numbers to prove it.
Microsoft's loss is Linux's gain
Among the many Linux distributions, from Fedora to Ubuntu, Zorin (based on Ubuntu) very much aims to be a replacement for Windows, and has been for many, many years. From its Windows 11-like taskbar to its very familiar-looking start menu, Zorin is built to make the transition from Windows to Linux as painless as possible.
In a world where many Windows 10 users are looking to jump ship to an OS that respects their privacy, not to mention their hardware (no matter its age), Zorin is likely one of the first distros a Linux-curious Windows user will look at. Given that Zorin has already crossed a million downloads, with 78% of those on Windows machines, one can assume that a good portion of those are users who have permanently switched from Microsoft to Linux. It would appear that the year of the mainstream Linux desktop may be upon us, and poetically, it's Microsoft's doing.
Some users argue that Microsoft limited Windows 11 by requiring TPM 2.0 to make more hardware sales, rather than for user safety. Sure, the security benefits of TPM, like Secure Boot, are good for preventing malicious software from loading at startup. However, when the choice is to either replace your perfectly functioning hardware so you can run Windows 11, or switch to a Linux distro; for many, the choice was seemingly pretty easy. This is especially true when no OS is truly secure to begin with.
Thank Valve for improving gaming on Linux machines
Thanks to Valve's push with the Steam Deck, a handheld gaming device that runs on Linux rather than Windows, Linux has become that much more viable. Not only has GPU driver support come a long way, thanks to Valve's push into Linux gaming (just look at AMD as a perfect example), but even AAA games like "Cyberpunk 2077" and "Baldur's Gate 3" have been developed with the Steam Deck and Linux in mind. Gaming on Linux is now that much more comparable to gaming on Windows, rounding out the OS as a full-time alternative. No longer can one claim there is a lack of games on Linux to hold them back from switching.
This is all thanks to WINE, a Windows emulator Valve forked into Proton, which is the meat of how Windows games run so well on Linux. Of course, WINE has its own usefulness, especially in distros like Zorin that aim to close the gap between Linux and Windows. So, for the same reason games work so well on Linux these days, it's also why you can run many of your favorite Windows apps directly in Linux. Zorin even takes this to the extreme with a user-friendly app called "Windows App Support" that can easily install .exe or .msi files as if they are native applications.
Web apps have closed the gap
Linux distros like Zorin have grown exponentially in popularity by targeting Windows users, and web apps have easily filled the gaps where native and WINE apps fall short. Linux is famous for not offering native applications like Photoshop, which comes down to Adobe refusing to make a Linux version, likely thanks to its low user count. The same goes for apps like Microsoft Office. The good news is that a lot of these job-dependent applications now offer web apps, which is why distros like Zorin include the ability to install progressive web apps out of the box, rather than relying on Chrome's built-in functionality.
This way, you can run Zorin, which looks a lot like Windows, and add apps like Microsoft Office, Google Drive, Grammarly, and any other online services as a web app. That's the beauty of Linux (thanks to a feature from ChromeOS, which is built on top of Linux), rather than a corporation and its software controlling you. You instead control the OS, from what apps it uses, to what games it can play, all while mimicking a familiar user interface.
At the end of the day, it's easy to see why so many Windows users are checking out Linux distros like Zorin. When the choice is between spending a bunch of money to replace perfectly functional hardware, or simply moving to a new OS, many will opt for the latter. Now that Linux has finally caught up to the big boys in terms of drivers, games, and apps, there is little reason not to make the switch.
[Source]: Microsoft Gave FBI a Set of BitLocker Encryption Keys to Unlock Suspects' Laptops
Microsoft provided the FBI with the recovery keys to unlock encrypted data on the hard drives of three laptops as part of a federal investigation, Forbes reported on Friday.
Many modern Windows computers rely on full-disk encryption, called BitLocker, which is enabled by default. This type of technology should prevent anyone except the device owner from accessing the data if the computer is locked and powered off.
But, by default, BitLocker recovery keys are uploaded to Microsoft's cloud, allowing the tech giant — and by extension law enforcement — to access them and use them to decrypt drives encrypted with BitLocker, as with the case reported by Forbes.
[...] Microsoft told Forbes that the company sometimes provides BitLocker recovery keys to authorities, having received an average of 20 such requests per year.
[Also Covered By]: TechCrunch
(Score: 1, Informative) by Anonymous Coward on Tuesday February 03, @05:09AM (2 children)
Odd domain name for a "patriotic" website..
Anyway,
> WARNING: There isn’t a way to restore your recovery key once it is deleted.
Uhm.
https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/manage-bde-protectors [microsoft.com]
Don't believe everything you read on the internet.
(Score: 5, Touché) by zocalo on Tuesday February 03, @07:31AM (1 child)
Wouldn't that mean your disk isn't encrypted, making it *much* easier to look at the data once the PC is seized or stolen? The Feds wouldn't even need to get Microsoft to send the keys, with or without a court order, if they didn't need them in the first place. You could presumably have other security/encryption systems in place other the BitLocker, but even so, a low bar is still better than no bar at all as a deterrant and that advice is only making life easier for those who would do you ill.
UNIX? They're not even circumcised! Savages!
(Score: 3, Touché) by Username on Tuesday February 03, @03:31PM
If it's unencrypted and nothing is there, they don't think you're hiding anything and you are not guilty. If it's encrypted, they think you're hiding something and guilty, they will dig further. It's the old, "OY VEY, SHUT IT DOWN AND HIDE EVERYTHING, hope they don't notice," concept.
(Score: 5, Insightful) by jb on Tuesday February 03, @07:14AM (9 children)
Don't run Windows in the first place.
As an added bonus, not only does it help stop prying government eyes (which you may or may not care about, depending on how you feel about your particular government at any point in time), it also stops Microsoft from seeing everything on your computer (which you absolutely should care about, all the time).
Note that whilst some countries sometimes do have benevolent governments, in its entire history Microsoft has never given a damn about anyone but itself.
(Score: 5, Funny) by aafcac on Tuesday February 03, @07:37AM (8 children)
I personally upgraded to FreeBSD and I'm noticing that I have to actually turn the heat on in my office room. Previously, the computer generated enough heat during the winter to not require the heater to be turned on.
(Score: 2) by JoeMerchant on Tuesday February 03, @02:42PM (7 children)
1988 I interviewed with an operation in Aiken, SC (which should tell you what operation it is, there is really only one there... anyway...) they had fairly extensive IT help for a diverse set of hardware and OSs, so the IT help guy had a sort of one-of-each collection in his office, it definitely kept the room warm.
🌻🌻🌻🌻 [google.com]
(Score: 2) by aafcac on Tuesday February 03, @07:06PM (6 children)
Definitely, I think the big difference is that modern desktops use very little power when idling and Windows does far more unnecessary work than it should. I've been migrating microservices to my BSD box from my Pi so that I can dedicate it to firewall, dhcp and adblocking.
(Score: 4, Interesting) by JoeMerchant on Tuesday February 03, @08:08PM (5 children)
>Windows does far more unnecessary work than it should.
I bought a new? Core i7-12something NUC sized thing. It has P cores and E cores, and Win 11... it will spin the fans, hard, at random times while 'doze does... things; random things I'm not asking it to do. Where is my "only use E cores for your stupid stuff" switch?
🌻🌻🌻🌻 [google.com]
(Score: 2) by aafcac on Tuesday February 03, @08:47PM (4 children)
While I don't think we need to go back to the way things were when I got into computing in the late '80s and early '90s, I do think that taking a few steps "backwards" towards asking more of the people using the computers as a ticket to entry wouldn't be the worst thing in the world. Way too much these days is automated, even stuff that would be better not done at all. And a lot of the stuff that does get automated would be better automated on purpose by the end users, even if that involves dragging and dropping a few fixed steps.
So much of the lock in and lack of progress towards meaningful results comes from the fact that hardly anybody on the net is computer literate.
(Score: 3, Insightful) by JoeMerchant on Tuesday February 03, @09:25PM (3 children)
I swear, the world of viruses and worms and all such things would be 90% less dangerous if only manufacturers would implement a single pushbutton switch on "all the things" - and the function of that pushbutton switch is: software updates shall not initiate unless the button is pressed. Add whatever user interface you want to go with it, but don't let the thing auto-update without an actual human pushing the button (sure, home automation nerds will add these: https://www.walmart.com/ip/Fingerbot-Plus-Smart-Button-Pusher-No-Wiring-Switch-zigb-ee-with-touch-control/2304307741 [walmart.com] that's their problem.) Let the button push "allow" the current update(s) to self install anytime in the (user selectable) next 7 days, let the device refuse to function until the software is updated (PS3 style), but for doG's sake don't just let billions of devices completely reprogram themselves based on remotely transmitted network messages.
🌻🌻🌻🌻 [google.com]
(Score: 3, Interesting) by aafcac on Tuesday February 03, @10:29PM
I've said it before and I'll say it again, there really should be some chip in a computer where you can store a few files related to verifying the integrity of key installed software that can only be written to if you've pushed a button or temporarily flipped a switch. Even just the kernel and a few other key pieces of software related to the firewall and drivers could make a significant difference in terms of how hard it is to break in and do damage.
(Score: 1, Interesting) by Anonymous Coward on Wednesday February 04, @12:24AM (1 child)
> sure, home automation nerds will add these: [remote button pusher]
Cool, had no idea that this existed. Does anyone know if it can pull (lift) as hard as it can push down?
My potential application is for a gas hot water heater. It came with a very wide deadband on the thermostat. Haven't measured it, but perhaps more than 20 deg F (some bureaucrat thought this was a good idea?) The result is I get up and it's been cooling off all night...but not quite enough to trip the burner on. So I get a short shower before the warm water runs out.
Setting the dial any higher gives scalding temps at the top end of the dead band.
I'd attach a small lever somehow to the temp dial and have the button pusher turn it to a hotter setting (which trips the burner on), and then pull the dial back to my desired setting.
(Score: 2) by canopic jug on Wednesday February 04, @11:48AM
I'd attach a small lever somehow to the temp dial and have the button pusher turn it to a hotter setting (which trips the burner on), and then pull the dial back to my desired setting.
You could go as simple as an Arduino for that but escalating to a Raspberry Pi will give you a full, general purpose server with all the flexibility that entails. There are no shortage of servos and stepper motors for either. The Raspberry Pi also supports a variety of cameras and machine learning modules so that is one way of several that you could confirm what the stepper motor has set.
Money is not free speech. Elections should not be auctions.
(Score: 5, Insightful) by ledow on Tuesday February 03, @08:22AM (5 children)
Are we only now learning that 3rd-party controlled encryption is worthless?
Especially if that 3rd-party is legally compelled to comply?
There's a reason that cloud, etc. is a really, really, really dumb idea and one day it will come home to roost.
(Score: 5, Insightful) by Thexalon on Tuesday February 03, @12:23PM (3 children)
Cloud isn't "worthless" as long as you understand it's somebody else's computer, and that somebody else can do whatever they want with your data including give it away.
"Think of how stupid the average person is. Then realize half of 'em are stupider than that." - George Carlin
(Score: 5, Insightful) by JoeMerchant on Tuesday February 03, @02:14PM (2 children)
Cloud is a great place to store end-to-end encrypted data. Otherwise, consider it like a bulletin board at a laundrymat - anyone and everyone can see it, potentially mess with stuff you put there, most often delete things when you didn't want them to.
The illusion of privacy in the cloud is just that: empty promises from greedy vendors.
While cloud vendors, in practice, are probably better at backups than you are - when they screw up, what's your recourse? I doubt that payback of real damages is a common contract element.
🌻🌻🌻🌻 [google.com]
(Score: 3, Funny) by Thexalon on Tuesday February 03, @03:37PM (1 child)
It's also probably fine for data nobody really cares about, e.g. your slash fiction collection.
"Think of how stupid the average person is. Then realize half of 'em are stupider than that." - George Carlin
(Score: 3, Insightful) by JoeMerchant on Tuesday February 03, @04:03PM
Of course I'm overstating the actual situation, a little.
The cloud has been fine for my website for 30 years now - I want all that data publicly available anyway, I'm not keeping any secrets there.
Bigger corporate (non-secure) websites can reasonably use it too, and just monitor for unauthorized changes - and like backups, the cloud web presence providers are probably better at consistently applying security updates and running secure configurations than your in-house staff (except when they aren't: https://notepad-plus-plus.org/news/hijacked-incident-info-update/ [notepad-plus-plus.org] )
Control? The microsecond that data leaves your building, it's no longer in your control.
🌻🌻🌻🌻 [google.com]
(Score: 2) by Username on Tuesday February 03, @03:22PM
Yeah, it's nothing new. I assume the article is either clickbait for gen z or just some kind of propaganda.