← Back to context

Comment by jqpabc123

4 hours ago

... does not possess the forensic tools to break into devices encrypted with Microsoft BitLocker

Nice intel to have. Now, all that is needed for reasonable security is to avoid storing the key in the cloud. Duhhh.

Basic rule: Not your hardware (computer/drive), not your data.

Never store anything on someone else's hardware that you need to maintain full control over.

But, but, but encryption? It helps but encryption does not guarantee full access when you don't control the hardware.

2 comments

jqpabc123

Reply
OptionOfT  3 hours ago

They don't have the tools but for 99% of the people who have laptop with device encryption, they mandate Microsoft Accounts, and guess where the keys are uploaded to? Thats right, https://aka.ms/recoverykey.

You don't need to build backdoors when you store a copy of the key.