Comment by Spivak
1 day ago
There is no other way for this to work that won't result in an absolutely massive number of people losing their data permanently who had no idea their drive was encrypted. Well there is, leave BitLocker disabled by default and the drive unencrypted. Now the police don't even have to ask!
With this scheme the drive is recoverable by the user and unreadable to everyone except you, Microsoft, and the police. Surely that's a massive improvement over sitting in plaintext readable by the world. The people who are prepared to do proper key management will know how to do it themselves.
Apple does the same thing with FileVault when you set up with your iCloud account where, again, previously your disk was just left unencrypted.
> who had no idea their drive was encrypted
I think you just identified the problem clearly.
> Now the police don't even have to ask!
Security is not a switch you can turn on and forget about. Plus the police have extraordinary real world powers to compel you to disclose the necessary information anyways. Unless you're holding state secrets, which, c'mon, you're almost certainly going to give in and cooperate at some point. It wouldn't make for a great Hollywood movie but it would accurately reflect day to day reality.
> unreadable to everyone except you, Microsoft, and the police.
That's two too many. It should either be unreadable to everyone but me or readable by anyone with physical access. Does it not occur to people that you can still rely on physical security even in computing?
> Apple does the same thing
The two corporate computing giants do the same thing? I am not surprised but I also don't see it as a worthwhile data point.
"Apple does the same thing with FileVault when you set up with your iCloud account where, again, previously your disk was just left unencrypted"
Nah, the FileVault key is stored in your iCloud Keychain when you choose to backup the key to iCloud. And the keychain is end-to-end encrypted. Only the user has access.