Comment by dijit

> The vast, vast majority of Windows users don't know their laptops are encrypted, don't understand encryption, and don't know what bitlocker is.

Mate, if 99% of users don't understand encryption, they also don't understand that Microsoft now has their keys. You can't simultaneously argue that users are too thick to manage keys but savvy enough to consent to uploading them.

> If their keys weren't stored in the cloud, these users could easily lose access to their data without understanding how or why.

As opposed to losing access when Microsoft gets breached, or when law enforcement requests their keys, or when Microsoft decides to lock them out? You've traded one risk for several others, except now users have zero control.

The solution to "users might lock themselves out" is better UX for local key backup, not "upload everyone's keys to our servers by default and bury the opt-out". One is a design problem, the other is a business decision masquerading as user protection.

> The only thing I would really fault Microsoft for here is making it overly difficult to disable the cloud storage for users who do understand all the implications.

That's not a bug, it's the entire point. If it were easy to disable, people who understand the implications would disable it. Can't have that, can we?