Comment by jqpabc123

8 hours ago

... does not possess the forensic tools to break into devices encrypted with Microsoft BitLocker

Nice intel to have. Now, all that is needed for reasonable security is to avoid storing the key in the cloud. Duhhh.

Basic rule: Not your hardware (computer/drive), not your data.

Never store anything on someone else's hardware that you need to maintain full control over.

But, but, but encryption? It helps but encryption does not guarantee full access when you don't control the hardware.

3 comments

jqpabc123

OptionOfT 7 hours ago

They don't have the tools but for 99% of the people who have laptop with device encryption, they mandate Microsoft Accounts, and guess where the keys are uploaded to? Thats right, https://aka.ms/recoverykey.

You don't need to build backdoors when you store a copy of the key.

jqpabc123 5 hours ago

they mandate Microsoft Accounts
I don't use these. See post below.

general1465 4 hours ago

> Nice intel to have. Now, all that is needed for reasonable security is to avoid storing the key in the cloud. Duhhh.

You can go one step further. Encrypt your computer, store keys on the cloud, then encrypt your computer again but store keys into a file. You can see key ID on Microsoft Live account. Now you won't even look suspicious.