cybersecurity

5465 readers

42 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks@infosec.pub

tweedge@infosec.pub

Microsoft Gave FBI BitLocker Encryption Keys, Exposing Privacy Flaw (www.forbes.com)

submitted 1 day ago by floofloof@lemmy.ca to c/cybersecurity@infosec.pub

2 comments fedilink hide all child comments

top 2 comments

sorted by: hot top controversial new old

[–] Kissaki@programming.dev 3 points 1 day ago

It’s possible for users to store those keys on a device they own, but Microsoft also recommends BitLocker users store their keys on its servers for convenience.

Pretty obvious that if you hand over the (recovery) keys that they'd follow court orders.

Of course, the criticism about defaults is warranted. At the same time, even outside of control concerns, it's fairly obvious why Microsoft would choose user convenience and ability to recover data over loss of data.

It should be a well informed choice that makes the risks clear when setting it up.

[–] bad_news@lemmy.billiam.net 2 points 1 day ago

It has been known since BitLocker first existed, that Microsoft breaks it for states. This is why TrueCrypt came into being.