Show threadsleepfreeparent1d ago
I disabled secure boot, booted a live Linux USB stick, and took a look at tpm2_eventlog. Took a long while, using the tpm2-tools repo for reference, before I could check the hashed for myself. Sure enough - PCR7 had a bunch of updates to its state, and the output of the 3rd one didn't match what #bitlocker was expecting.
Ok actually it diverged right from the start now, because I'd turned secure boot off. But I flipped a 00 to a 01, and ended up with the same wrong hash that bitlocker was complaining about.
Well, so now what?
Show threadsleepfreeparent1d ago
The #bitlocker recovery screen was actually informative. It told me that the drive key had been sealed to an environment the previous night, and platform configuration register 7 did not match up on its 3rd update.
So right away I knew that windoze had performed an update, resealed the drive in a way that didn't match the current reality, and rebooted, locking away any record of what that update had been supposed to be
sleepfreeparent1d ago
The other day I fixed a laptop with a #bitlocker unlock failure. No recovery key, no #microslop account, no hope of ever getting it back, at first.
But I figured I should at least try. I've done other impossible things, so why not?
El Proxy4d ago
📰 «Desactivar Bitlocker es MUY fácil»
🔗 https://proxy.jesusysustics.com/2026/03/30045/
Puedes desactivar Bitlocker en Windows 11 muy fácil: descubre cómo hacerlo paso a paso y sus riesgos https://www.softzone.es/noticias/windows/desactivar-bitlocker-windows-11-precauciones/

Bitlocker es un sistema de cifrado del almacenamiento que ofrece seguridad a cambio de una pérdida de rendimiento bastante notable. No vengo yo a recomendar desactivarlo sin más, pero esta pequeña guía puede ser útil para quien lo necesite.

Siendo sincero, solamente he necesitado asegurarme de su desactivación al actualizar la BIOS de mi equipo… y si alguien se atreve a llegar hasta ahí, está claro que encontrar la ocpión para desactivar el cifrado es totalmente trivial.

#️⃣ #Bitlocker #encriptación #guía #privacidad #SistemaOperativo #tutorial #Windows
Desactivar Bitlocker es MUY fácil

Bitlocker es un sistema de cifrado del almacenamiento que ofrece seguridad a cambio de una pérdida de rendimiento bastante notable. No vengo yo a recomendar desactivarlo sin más, pero esta pequeña guía puede ser útil para quien lo necesite.

El Proxy
eldiepMar 26
Ich glaub ich muss jetzt entgültig in #Windows verabschieden. Deren toller #Bitlocker hat sich heute selbst zerstört. Alle Dateien verschlüsselt und ich komm nicht mehr dran. Muss ich das Erpressungsgeld für diese #ransomware jetzt an #Microsoft überweisen? Oder wo soll das hin. Danke für nichts. Morgen kommt wieder #Linux drauf. #FOSS #digitalesouveränität
NERDS.xyz – Real Tech News for Real NerdsMar 24

HP debuts TPM Guard at Imagine 2026 to block BitLocker attacks on business PCs

https://fed.brid.gy/r/https://nerds.xyz/2026/03/hp-tpm-guard-bitlocker-security/

Simon ZerafaMar 22

Regular warning regarding backups and data recovery with Windows 11 25H2 and Bitlocker encryption.

By default, new installations of Windows 11 25H2 have BitLocker automatically enabled, on laptops and desktops.

In theory, the BitLocker recovery keys are transferred to the online Microsoft Account settings when you login that way on Windows 11.

If you use a Windows local account only then it's not backed up. Nor are you prompted to do so. This is very obviously a potentially dangerous state.

If you're going with a local account only Windows 11 OS installation then:

  • Backup the recovery keys safely offline,

AND

  • Keep unencrypted backups of important data off the system (ideally several copies stored separately)

OR

  • Disable BitLocker

Unless you have a very specific use case or "interesting" threat model then disabling BitLocker is my suggestion.

Once BitLocker it's disabled then ensure you are taking regular backups of import data off the PC, ideally multiple copies in separate places for redundancy.

Hardware and storage media do fail. Motherboards and their TPM / UEFI Firmware data do get damaged. That's where the BitLocker encryption keys are stored.

If the BitLocker recovery information on the motherboard is damaged or unrecoverable, your BitLocker encrypted data will be unrecoverable without the recovery keys.

#Windows #BitLocker #MicrosoftAccount #25H2 #DataRecovery

Show threadErik van StratenMar 22

@SpaceLifeForm : a spare motherbord won't help just like that.

The actual encryption key is stored in a TPM chip (the rescue code is used to allow the system to access to the actual encryption key).

So even if you have a spare mobo, you'll have to transplant the TPM chip from the old to the new mobo.

The best advice: have a backup, as recent as possible. My backups are on VeraCrypt encrypted external (USB) HDD's.

#BitLocker #Veracrypt #FDE #FullDriveEncryption #TPM

SpaceLifeFormMar 22

Fried motherboard? Have a spare.

https://www.youtube.com/watch?v=J_HfZoQucGM

#Bitlocker

Their Company Data Is Trapped On This BitLocker-Encrypted SSD

YouTube
Sass, DavidMar 20

I just deleted the wrong partition during a #Windows re-install and it was #bitlocker protected.

I might need tech support...

How is your day going?