... darkrealms ...

Forums before death by AOL, social media and spammers... "We can't have nice things"

comp.os.linux.advocacy

Torvalds farts & fans know what he ate

164,974 messages

[ << oldest | < older | list | newer > | newest >> ]

Message 163,778 of 164,974

CrudeSausage to All

Microsoft gave FBI a set of Bitlocker ke

24 Jan 26 14:21:44

   XPost: alt.comp.os.windows-11   
   From: crude@sausa.ge   
      
      
      
   What is the point of encryption if Microsoft can unlock any of your   
   computers whenever it feels like it?   
      
   Microsoft provided the FBI with the recovery keys to unlock encrypted data   
   on the hard drives of three laptops as part of a federal investigation,   
   Forbes reported on Friday.   
      
   Many modern Windows computers rely on full-disk encryption, called   
   BitLocker, which is enabled by default. This type of technology should   
   prevent anyone except the device owner from accessing the data if the   
   computer is locked and powered off.   
      
   But, by default, BitLocker recovery keys are uploaded to Microsoft’s   
   cloud, allowing the tech giant — and by extension law enforcement — to   
   access them and use them to decrypt drives encrypted with BitLocker, as   
   with the case reported by Forbes.   
      
   The case involved several people suspected of fraud related to the   
   Pandemic Unemployment Assistance program in Guam, a U.S. island in the   
   Pacific. Local news outlet Pacific Daily News covered the case last year,   
   reporting that a warrant had been served to Microsoft in relation to the   
   suspects’ hard drives. Kandit News, another local Guam news outlet, also   
   reported in October that the FBI requested the warrant six months after   
   seizing the three laptops encrypted with BitLocker.   
      
   A spokesperson for Microsoft did not immediately respond to a request for   
   comment by TechCrunch. Microsoft told Forbes that the company sometimes   
   provides BitLocker recovery keys to authorities, having received an   
   average of 20 such requests per year.   
      
   Apart from the privacy risks of handing recovery keys to a company, Johns   
   Hopkins professor and cryptography expert Matthew Green raised the   
   potential scenario where malicious hackers compromise Microsoft’s cloud   
   infrastructure — something that has happened several times in recent years   
   — and get access to these recovery keys. The hackers would still need   
   physical access to the hard drives to use the stolen recovery keys.   
      
   “It’s 2026 and these concerns have been known for years,” Green wrote in   
   a   
   post on Bluesky. “Microsoft’s inability to secure critical customer keys   
   is starting to make it an outlier from the rest of the industry.”   
      
   --   
   CrudeSausage   
   John 14:6   
   Isaiah 48:16   
   Pop_OS!   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)

[ << oldest | < older | list | newer > | newest >> ]