Daily reminder that verified boot is objectively superior to “secure boot”, once again a common Linux W and another example of Google actually promoting some good security practices
Same thing?
You can add custom keys to secure boot.
That doesn’t make it the same thing
Both are different names for a process that ensures the boot process is loading the correct non-malicious code.
Secure boot verifies the system is booting correct code, verified boot can ensure total system integrity and can protect against tampering. Furthermore the Linux implementation of secure boot is very often in the least secure method.
So, this means Microsoft has copies of every single bitlocker key, meaning that a bad actor could obtain them… Thereby making bitlocker less than worthless, it’s an active threat.
MS really speedrunning worst possible software timelineMicrosoft is already a bad actor and they have them. Or a bad actor could threaten microsoft physically and microsoft will hand them over. Wait, that already happened.
So, this means Microsoft has copies of every single bitlocker key
But, by default, BitLocker recovery keys are uploaded to Microsoft’s cloud
Not everyone follows the default. So no, it doesn’t mean Microsoft has copies of every single BitLocker key.
And people make fun of me for turning off secure boot and tpm. They just cause grief for no benefit.
Well this isn’t directly related to those, so maybe some derision is warranted.
Both are completely unrelated to the discussion. TPM sometimes have issues regarding their security, but you can certainly use Secure Boot with your own signing keys to ensure the kernel you run is one you installed, which improves security. And you can use TPM to either keep your FDE keys, or only part of them combined with a PIN if you don’t fully trust them to be secure, so you keep strong encryption but with a bit of convenience.
Without a (properly configured) Secure Boot startup, anyone could just put a malware between the actual boot and your first kernel. If the first thing that happens when you boot is something asking for a password to be able to decrypt your storage, then an attacker can just put something here, grab your password, and let you proceed while storing in a a place it can be retrieved.
Is this scenario a concern for most people? That’s unlikely. But every computer sold these last five years (at least!) can be setup to reduce this risk, so why not take advantage of it.
As long as you’re doing your own whole disk encryption, you have a valid path to still be secure. However, if you’re running an unencrypted disk, you’re much more likely to lose your data to a non-state actor.
More likely stupid users storing their bitlocker key in the microsoft account instead of printing it out or storing it somewhere not owned by MS lol
Hey copilot, give me the bitlocker key to the nuclear football!
No they do not have copies of every Bitlocker key.
Bitlocker by default creates a 48-bit recovery code that can be used to unlock an encrypted drive. If you run Windows with a personal Microsoft account it offers to backup that code into your Microsoft account in case your system needs recovered. The FBI submitted a supoena to request the code for a person’s encrypted drive. Microsoft provided it, as required by law.
Bitlocker does not require that key be created, and you don’t have to save it to Microsoft’s cloud.
This is just a case of people not knowing how things work and getting surprised when the data they save in someone else’s computer is accessed using the legal processes.
If you sign into a Microsoft account during setup, Microsoft automatically turns on bitlocker and sends the key off to Microsoft for safe keeping. You are right, there are other ways to handle bitlocker, but that’s way beyond most people, and I don’t think Microsoft even tells you this during setup. It’s honestly a lifesaver for when bitlocker breaks(and it does), but it comes at a cost. In the business world, this is seen as a huge benefit, as we aren’t trying to protect from the US government, mostly petty theft and maybe some corporate espionage.
As is often the case, the real solution is Linux, but that, too, is far beyond most people until manufacturers start shipping Linux machines to big box stores and even then they’d probably not enable any encryption.
I question whether we are rapidly approaching the point where Linux is simply easier to use in a safe, secure, and practical way for the average user, because it doesn’t try to actively fuck you over like Microsoft does
It’s easier when you don’t need to jump through hoops to make a local account. It’s easier when you don’t need to turn off a dozen settings you might not know about regarding data collection or advertisements. It’s easier when you don’t have an antagonistic system that treats you like the product, not a user, not pushing you towards confusing things you don’t want
Except that Microsoft basically puts a gun to every users head to login with a Microsoft account which can/does backup the recovery keys.
Rufus: “Am I a joke to you?”
This is why we Jason Bourne style snatch the gun out of their holster before they can draw it and beat them unconcious with it, I mean oobe\bypassnro
Iirc bypassnro no longer works on recent builds of windows
It no longer works as a shortcut, but the actual bypass still works. In practice the command line you have to enter just got a bit longer is all.
At least last time I needed it, to that still worked fine. It’s been a few months.
Could be worse. Could have skeleton keys
You’re assuming there isn’t a master pubkey baked into the software.
They don’t have a copy of every single Bitlocker key. They do have a copy of your Bitlocker key if you are dumb enough to allow it to sync with your Microsoft account, you know, “for convenience.”
Don’t use a Microsoft account with Windows, even if you are forced to use Windows.
Save a copy of your bitlocker keys to a Veracrypt drive with a password no shorter then 15 mixed characters. Then upload that encrypted container to any free service. They wont be able to open it and now you have a remote backup copy.
Why not save a step, fuck bitlocker, and use veracrypt to encrypt your drive in the first place?
Why not save a step and don’t install Windows in the first place.
If you can have two computers one should always be Linux. But gaming and certain software just does not work on Linux yet sadly. Hoping steam can turn that around.
Made the switch about a year ago. Every game i wanted to play worked just fine. I suppose it depends on the games you play, but to say it just does not work is plainly just wrong
If the password is long 15 characters that means you use a password manager. At that point just put the bitlocker password in the password manager
I employed the super secure expedient of never exporting my keys. I have no idea what they are, I never did, and I never will.
There’s really no irreplaceable data on my Windows machine. If I have to reformat it some day A) that’s no big deal, and B) it’s Windows, what else is new.
Are you naive enough to believe the surveillance OS that uploads literally all of your activity along with screenshots of your desktop doesn’t automatically upload you keys no matter what little box you tick on the installer?? 😂 there is absolutely not one single 3rd party auditing that they actually follow any of the options at all that they give.
They do have a copy of your Bitlocker key if you are dumb enough to allow it to sync with your Microsoft account, you know, “for convenience.”
Which I don’t believe is the only way it can leak. It’s well known Microsoft can access anything and everything on an internet connected Windows PC whether there’s a Microsoft account or not. If the nazi’s push for the device of someone on a local account only, you know they’ll magically find a way.
Encryption doesn’t actually complete until you log in with a Microsoft account for Home Edition.
Anyways: Use Veracrypt.
Or just Linux + LUKS
But, by default, BitLocker recovery keys are uploaded to Microsoft’s cloud, allowing the tech giant — and by extension law enforcement — to access them and use them to decrypt drives encrypted with BitLocker, as with the case reported by Forbes.
I mean it’s dumb to sync but at same time it’s not like MS isn’t great at either making it almost impossible to not sync it re-enable syncing for a bit after updates.
You can constantly tell it not to sync but all it takes is MS saying we want it now and they’ll get it
Don’t use
a Microsoft account withWindowsFtfy
Literally fix the anticheat problem and I’ll uninstall.
The anticheat problem already is fixed. It’s called “don’t play games that don’t support your choices”. These days, no game is worth being put through all that AI bullshit.
Not the case for me, definitely worth it for some games
Dualboot, don’t store sensitive files in windows?
(Although I’m having a bit of trouble trying to do dualboot myself so… idk lol)
Don’t use
aMicrosoftaccount with WindowsFFTFY.
Bethesda anything, Azure, Outlook, GitHub, Visual Studio, Office, Bing, XBox, LinkedIn, SharePoint (so disgusting this is a given), fuck it not even Skype (lmao what year is it?)
Still kinda hurts they own Bethesda now, but considering that company has only produced garbage since FO4 which only was kinda mid, I don’t even mind skipping them.
The Elder Scrolls VI with mandatory Microsoft account and Copilot integration 💀
Game gonna be buggier than skyrim at release and only 10% as fun because it’s vibe coded
To use Windows without a Microsoft account requires tech literacy these days, I thought. I would not be suprised if users didn’t choose to sync with a MS account but it’s doing it anyway, if that’s what MS want.
If you sign in with a Microsoft account at all I don’t believe there’s the capability to opt out.
I only use local accounts. I have never had a Microsoft account. I never will.
You can’t do that anymore, at least not with a normal Windows installation. All of the tricks of forcing it offline, clicking cancel 10 times and jumping up and down don’t work anymore, they’ve disabled them all, the only way to install Windows 11 now (using the normal Microsoft installer) is by linking it to a Microsoft account.
Just update a W10 local install. It won’t even try to ask you to add a microsoft account.
Using Rufus still works. I did it as recently as a couple of days ago.
Sorry, but the argument above was for a regular user, who doesn’t know what Rufus is, who doesn’t know the concept of OS, who simply
knowsthinks the files are saved “on the computer” (while they somehow ended up on OneDrive).… and who doesn’t know that you can even install an OS to begin with!
This is not true. There are several tools to create a bootable USB that uses a local account.
They just made it hard for Joe Schmoe to avoid it.
using the normal installer
Joe Schmoe buys new laptop with Windows preinstalled.
Joe Schmoe boots it for the first time.
Greeted by first-log-on.
Goes through steps and is immediately captured.
You can still create a local account by setting the PC up as a “School or Business” PC and then choosing the local account option.
I download win11 from Microsoft last week and the 1st method in the page worked (ms-cxh localonly)
https://learn.microsoft.com/sv-se/answers/questions/5581996/windows-11-local-account-on-installation
Interesting, I haven’t seen that approach before
I’m not even sure if you can install without an MS account if you don’t use Rufus anymore. Rufus requires literacy for sure, and even if you can still do it without it is designed to make it impossible to know you can from within the installer itself.
Main issue with Rufus is secure boot unfortunately, otherwise Rufus is easy enough that I gave a couple “click here, then here, then here and here are some screenshots” to a friend they were able to navigate it just fine. At this point I swear Rufus is easier than using the official installer provided Secure Boot is off.
It’s a bit harsh and unfair to say “you are dumb enough to allow it”. Microsoft makes it damn near impossible to avoid this unless you are extremely particular and savvy about it, and never have an off day where you make a mistake while using your PC.
I wouldn’t be naive enough to believe there’s not a backdoor somewhere in LUKS.
“Naive” doesn’t sit right with me. Anyone can scrutinize LUKS, or BitLocker for that matter (via cryptsetup). Backdoors aren’t the issue here, even for MS Bitlocker. The issue, as stated in the article, is:
by default, BitLocker recovery keys are uploaded to Microsoft’s cloud
No need for a backdoor if you know you can get keys to the front door.
Can’t stop winning.
bonjour!
I was summoned to help eject a CD today.
I’m out.
cupholder.exe
Remember when Truecrypt got suspiciously terminated? That was the goal
Microsoft only has your key if you give it to them for convenience (by syncing to your Microsoft account), and they’re required by law to give anything stored in their servers if asked. There’s no conspiracy here.
Microsoft railroads you into this. Your Bitlocker key will get exfiltrated unless you do a bunch of bullshit to make sure it isn’t.
And that’s the thing with Microsoft, they just keep doing this everywhere in Windows. There is and endless torrent of shit to turn off. No reasonable person will keep on top of it. And if you fuck up a singular time, they just vacuum everything.
Well, you obviously have never used BitLocker. The first thing they ask you when you activate BitLocker is to pick one of 3 options:
-
Link to Microsoft Account.
-
Save to a File
-
Print Recovery Key (so you can write it down on a piece of paper or whatever)
There’s no “railroading”. There’s plenty of real things to not like Microsoft. No need to make them up.
-
I wonder if it’s actually safe or if it’s just a CIA honeypot.
They’ve fixed Truecrypt vulnerabilities uncovered by previous audits, and have themselves been audited at least twice
Edit: some highlights on the latest audits and their response.
Linux. LUKS it yourself or it isn’t really encrypted.
Microslop is openly anti consumer. Why would you hand them your encryption keys?
winds 11 home forces it apparently, when you have to use it.
BitLocker provides for a recovery key. This is to allow someone to regain access to an encrypted device in the event that they lose their PIN, any one of these scenarios happen, OR when suspects do not want to cooperate with LEOs.
Find your BitLocker recovery key
If the target device is part of an enterprise and managed with EntraId/Intune this is the option. Escrowed keys.
This is why I don’t use bit locker, nothing microslop controls secure in any way.
Even if you don’t care that MS and the federal government can decrypt your data, when Bitlocker is enabled your MS account becomes cryptographically linked to your identity and machine, making it a powerful tool for surveillance, identification, and DRM.
Sooo… Is there an alternative to be secure other than switching to another OS? Not that I’m doing anything interesting but I would like to have at least a bit of privacy.
Use Windows LTSC that is stripped of offline requirements, copilot, and the Microsoft store. And use veracrypt. You can set up a container or encrypt a drive such as an external.
Yeah, just don’t enable key upload and this can’t happen. Don’t link your account either if you want to be more sure.
If your account has already been linked, unlink it and change the bitlocker keys, both regular and recovery. (Easiest way is to entirely decrypt and reencrypt the drive.)
Home edition has this “please sign in to microsoft account to ‘finish encryption’” text with a exclamation mark which implies the key is available on the drive unencrypted if you don’t sign in, meaning anyone could just access your drive with physical access.
There is no “turning off” the key upload, once you sign in, the upload happens immediately, you can “delete” it later, but like nobody really knows if they ever delete it once they have it.
I doubt that that’s actually required to finish encryption.
Veracrypt + LTSC
A single bitter, crowing “hah!” at whoever thought there wasn’t at least this much overlap between our corporate and government masters. Welcome to hell kid, shoutout to whatever’s being trained on the last ~30 years of everything that touched the internet in the NSA’s Utah data center. Rose coloured PRISM though, I dream of the day when someone makes those search tools public and I can reminisce through my preteen MSN Messenger convos
Everyone here (exceptions apply) being soo linux friendly and so tech literate that they don’t know jack shit about both sides and jump to assumptions.
Microshit has no access to your key unless you upload it.
Well DUH!
A microsoft accpunt is now mandatory for windows. Your bitlocker keys are automatically uploaded to your account
This is not correct. You can use Windows without a Microsoft account.
Objectively untrue
Objectively true.
We just did it this week with Windows 11 25H2 with the regular OOBE setup.Not everywhere is a corporate hellscape like the US
And btw:
My PC right now with Win11 25H2 runs on a local accountThis is insane. I am using Windows without a Microsoft account regularly. It is 100% possible. I hate Microsoft too but it’s completely ridiculous to go around spreading obvious bullshit like this.
Setup process now officially requires using a Microsoft account
You do understand that official setup requirements is not the same thing? Whatever Microsoft tries to force during a setup process doesn’t change the fact that I am literally using Windows multiple times per week without any Microsoft account so claims it’s impossible are untrue.
Effectively speaking it doesn’t matter, if you cant set up a Windows PC without a Microsoft account that means for most people you cant use Windows without a Microsoft account, you’re being pedantic. Yes someone could type a million shell commands during install and then download a scetchy debloater script but at that point you might as well just install Linux if you’re that comfortable with the terminal.
No, it is not.
At least not in the EU where I live.That has to be version specific. I did run into the issue that the Apple devices app that Apple makes is only made available through the Microsoft Store though. So you can’t just run a standard install for it officially. Which sucks. Also their is no official Apple Devices app for Linux, so anyone who has an iPhone can’t “safely” manage their device without having both an Apple Account and a Microsoft account, or a Mac.
