Comment by Aurornis
1 day ago
> Switch to an OS where this requirement doesn't come into play
I use BitLocker on my Windows box without uploading the keys. I don't even have it connected to a Microsoft account. This isn't a requirement.
1 day ago
> Switch to an OS where this requirement doesn't come into play
I use BitLocker on my Windows box without uploading the keys. I don't even have it connected to a Microsoft account. This isn't a requirement.
Considering Windows's history with user consent I would be worried about the keys eventually being uploaded without asking the user and without linking online accounts.
Probably not now but not something unimaginable in some future.
However, since Windows can still run on user-controlled hardware (non-secure boot or VMs), I guess this kind of behavior could be checked for by intercepting communications before TLS encryption.
except Microsoft probably as a master key
People know the system well enough to write FOSS implementations of it; I think they would have noticed and sounded the alarm if there were a possible master key.
I don't think anybody is interested in reverse-engineering closed-source OS to check if it works as documented; it;s easier to just use Linux which has open-source code.
2 replies →