SoylentNews is people
SoylentNews
You can determine "if you're at risk and take action today:
If you think your Windows computer is safe from prying eyes, think again. A new report reveals that Microsoft has the encryption keys to your hard drive, and it can even give them out to law enforcement, including the FBI. Here's what you need to know and what you can do to stop it from happening to you.
In a stunning breach of personal privacy and security, Microsoft admitted in January that it provided the FBI with the BitLocker recovery keys to three different Windows PCs that were linked to suspected COVID unemployment assistance fraud in Guam. With these keys, the FBI was able to access the files on those devices as part of its investigation.
[...] The Redmond tech giant received its first request from a government official during the Obama administration in 2013. Although the engineer who spoke with the official reportedly declined to build a back door into Windows that would give the government unbridled access to user files, Microsoft still admits to turning over BitLocker recovery keys to law enforcement as recently as 2025. According to the report, Microsoft receives approximately 20 access requests from the FBI per year.
[...] You are not at risk if ...
- You use a Windows PC without a Microsoft account. (You haven't logged into the system with your Outlook email address.)
- You use a Windows PC with a Microsoft account but you chose a local recovery key backup option at activation.
- You disabled BitLocker encryption when you set up your PC.
You are at risk if ...
- You use a Windows PC with a Microsoft Outlook account and you chose to back up your BitLocker recovery key to your account.
- Your PC is a work machine that's managed by your employer.
For those at risk, Microsoft promises that it only gives out encryption keys to lawful requests from the government. That said, if Microsoft can access your encryption keys, what's stopping a hacker from getting them? The problem with storing security keys on cloud servers is that anyone can reach them with the right password, login information, or exploit.
Previously: Microsoft Gave FBI a Set of BitLocker Encryption Keys to Unlock Suspects' Laptops
Related: Over Half a Million Windows Users are Switching to Linux
(Score: 5, Touché) by zocalo on Tuesday February 03, @07:31AM (1 child)
Wouldn't that mean your disk isn't encrypted, making it *much* easier to look at the data once the PC is seized or stolen? The Feds wouldn't even need to get Microsoft to send the keys, with or without a court order, if they didn't need them in the first place. You could presumably have other security/encryption systems in place other the BitLocker, but even so, a low bar is still better than no bar at all as a deterrant and that advice is only making life easier for those who would do you ill.
UNIX? They're not even circumcised! Savages!
(Score: 3, Touché) by Username on Tuesday February 03, @03:31PM
If it's unencrypted and nothing is there, they don't think you're hiding anything and you are not guilty. If it's encrypted, they think you're hiding something and guilty, they will dig further. It's the old, "OY VEY, SHUT IT DOWN AND HIDE EVERYTHING, hope they don't notice," concept.