Most problems caused by the introduction of new(ish) and modern protections (like 2FA in services, encryption for the layperson's computer, etc) is a matter of BAD UI and badly thought out processes.
"You have the choice of making a backup when the system is set up" is NOT a solution. Do you know how many steps, things to care about, and dialogs are there to click through, when one is setting up a system? yes, we all do know. Crucial stuff is mixed with irrelevant cruft and the whole experience naturally drives the person to activate a mindless clicking mode.
All these security things should be accompanies with proper UX. See WhatsApp as an example: you set an account unlocking code? Ok you'll have to re-enter it every other month, to ensure you still have access to it.
In case of Windows, I wouldn't require entering a recovery key. But I would think a nagging screen every few months would be a good choice unless either a OneDrive backup can be verified to exist, or the user goes out of their way to enter some kind of Advanced Settings to disabe the nagging.
watermelon0 7 hours ago [-]
I think the main issue with the default BitLocker configuration is that you must have recovery key saved somewhere (either on OneDrive, printed out, or on some other storage).
If something changes with the hardware/software configuration, and TPM unlock doesn't work, your data is lost, unless you have access to the recovery key.
This is completely different compared to other platforms, where you use a separate password (Linux LUKS), account password (macOS), or PIN (iOS, Android) to unlock the drive.
bigfatkitten 5 hours ago [-]
It’s no different at all to LUKS if you use TPM unlock.
TowerTall 6 hours ago [-]
How is a recovery key different from a a password or pin? They are both just a string you need to enter during the recovery process and if you have lost that string you cannot unlock the drive
nly 5 hours ago [-]
They are randomly generated and therefore high entropy.
7bit 3 hours ago [-]
Your understanding of BitLocker is off.
1. There always is a recovery key, not only in the default configuration. And you should always have a copy of it stored somewhere else than on the same computer.
2. Your software configuration does not influence BitLocker, unless of course you manually wipe TPM or reset your BitLocker PIN. Your hardware configuration also does not influence BitLocker, unless you swap the TPM chip, of course. I'm also not counting changes to the boot order etc that could break TPM mode (no PIN) because messing with the PC on that level can cause damage to any Computer, not only BitLocker protected ones.
3. BitLocker also can use a separate password (or PIN) to unlock the drive, which also protects against certain attacks that are possible with TPM mode (no PIN)
p_ing 11 hours ago [-]
Next comes the post of "All my data was stolen and my SSN is being used to order CC in my name because my laptop was stolen and unencrypted".
Damned if you do...
But it would be helpful for Microsoft to provide a notice on first login about how to get to your backed up key in your MSFT account as well as how to make a print out of the recovery key.
mubou 11 hours ago [-]
If you haven't already:
1. Win+R
2. control /name Microsoft.BitLockerDriveEncryption
3. "Back up your recovery key"
Rzor 11 hours ago [-]
I'm not a Windows user anymore, but these days it feels like either Microsoft is fucking shit up every week or the tech media is just out to get them. Possibly a combination of both, to be fair.
grg0 10 hours ago [-]
I have suffered Windows at work until recently. It's not just media coverage; MS is simultaneously pouring billions into AI and, for some strange reason, also "modernizing" and pushing frequent updates to their office tools, but in a completely botched way. Kind of how they fucked XP with SP3 to make you buy Vista, except that the end game is not even clear this time around.
fithisux 8 hours ago [-]
I haven't used their office tools since 2002, except a case of a paper some brain...ed colleague forced me to contribute in 2015.
not_a_bot_4sho 8 hours ago [-]
This is a case of media out to get them. The premise is: if you lose your local backup recovery keys, and you lose access to the account you used to login and create your recovery keys, you cannot get a recovery key.
I dare say this is expected behavior. Any mitigation requires a backdoor.
That's not to say MS isn't fucking other shit up though ..
josephcsible 6 hours ago [-]
> if you lose your local backup recovery keys
It sounds to me like with this change, Microsoft is automatically turning on BitLocker without giving the user local backup recovery keys first.
numpad0 8 hours ago [-]
BitLocker keys should be automatically backed up to OneDrive. I don't remember this mentioned in the scary "Enter BitLocker key to continue" screen that appear when TPM auto-unlock didn't work, though.
tl;dr: if you ever lose access to the Microsoft account you use to sign in to Windows 11 24H2, you have no way to recover any of your locally-stored data.
TowerTall 10 hours ago [-]
Should be: If you ever loose your decryption key to your encryptet data, regardless of OS, you have no way to recover any of your encryptet data.
When installing windows and configure bitlocker you do get presented with the option to create an offline backup of said key eg to a USB drive. The same dialog also give you an option to back it up to OneDrive in addition to an offline backup.
This is a non-story
josephcsible 6 hours ago [-]
This is a story because Microsoft is automatically enabling encryption for everyone without making sure they're aware of that first.
whatevaa 6 hours ago [-]
Except this is being forced everybody, including non-techies.
TowerTall 3 hours ago [-]
The first version of Windows that started to encrypt the drive by default using Bitlocker was Windows RT 8 for ARM (Release 2012). The first x86/x64 version that did same was windows 8.1 (Release 2013)
Terr_ 10 hours ago [-]
My desktop has been on Windows for a long time due to games. I think this is going to be the last straw, as Microsoft continues to harass users into sharing all their secrets into the cloud in a way that also causes painful lock-in.
I literally bought another SSD a couple weeks ago to start the "never boot to Windows unless I really need to" process.
TowerTall 7 hours ago [-]
Backing up the Bitlocker encryption key to OneDrive* has been the default since bitlocker was introduced in Windows Vista in 2007.
The dialog has for this has always offered the option to back it up to a USB drive and the dialogs function is largely unchanged the past 18 years providing access to backup up the decryption key to a local target or online.
*Back then OneDrive was called Windows Live Folders
"You have the choice of making a backup when the system is set up" is NOT a solution. Do you know how many steps, things to care about, and dialogs are there to click through, when one is setting up a system? yes, we all do know. Crucial stuff is mixed with irrelevant cruft and the whole experience naturally drives the person to activate a mindless clicking mode.
All these security things should be accompanies with proper UX. See WhatsApp as an example: you set an account unlocking code? Ok you'll have to re-enter it every other month, to ensure you still have access to it.
In case of Windows, I wouldn't require entering a recovery key. But I would think a nagging screen every few months would be a good choice unless either a OneDrive backup can be verified to exist, or the user goes out of their way to enter some kind of Advanced Settings to disabe the nagging.
If something changes with the hardware/software configuration, and TPM unlock doesn't work, your data is lost, unless you have access to the recovery key.
This is completely different compared to other platforms, where you use a separate password (Linux LUKS), account password (macOS), or PIN (iOS, Android) to unlock the drive.
1. There always is a recovery key, not only in the default configuration. And you should always have a copy of it stored somewhere else than on the same computer.
2. Your software configuration does not influence BitLocker, unless of course you manually wipe TPM or reset your BitLocker PIN. Your hardware configuration also does not influence BitLocker, unless you swap the TPM chip, of course. I'm also not counting changes to the boot order etc that could break TPM mode (no PIN) because messing with the PC on that level can cause damage to any Computer, not only BitLocker protected ones.
3. BitLocker also can use a separate password (or PIN) to unlock the drive, which also protects against certain attacks that are possible with TPM mode (no PIN)
Damned if you do...
But it would be helpful for Microsoft to provide a notice on first login about how to get to your backed up key in your MSFT account as well as how to make a print out of the recovery key.
1. Win+R
2. control /name Microsoft.BitLockerDriveEncryption
3. "Back up your recovery key"
I dare say this is expected behavior. Any mitigation requires a backdoor.
That's not to say MS isn't fucking other shit up though ..
It sounds to me like with this change, Microsoft is automatically turning on BitLocker without giving the user local backup recovery keys first.
When installing windows and configure bitlocker you do get presented with the option to create an offline backup of said key eg to a USB drive. The same dialog also give you an option to back it up to OneDrive in addition to an offline backup.
This is a non-story
I literally bought another SSD a couple weeks ago to start the "never boot to Windows unless I really need to" process.
The dialog has for this has always offered the option to back it up to a USB drive and the dialogs function is largely unchanged the past 18 years providing access to backup up the decryption key to a local target or online.
*Back then OneDrive was called Windows Live Folders