Mastodawn

Ich glaub ich muss jetzt entgültig in #Windows verabschieden. Deren toller #Bitlocker hat sich heute selbst zerstört. Alle Dateien verschlüsselt und ich komm nicht mehr dran. Muss ich das Erpressungsgeld für diese #ransomware jetzt an #Microsoft überweisen? Oder wo soll das hin. Danke für nichts. Morgen kommt wieder #Linux drauf. #FOSS #digitalesouveränität

NERDS.xyz – Real Tech News for Real Nerds 4d ago

HP debuts TPM Guard at Imagine 2026 to block BitLocker attacks on business PCs

https://fed.brid.gy/r/https://nerds.xyz/2026/03/hp-tpm-guard-bitlocker-security/

Simon Zerafa 6d ago

Regular warning regarding backups and data recovery with Windows 11 25H2 and Bitlocker encryption.

By default, new installations of Windows 11 25H2 have BitLocker automatically enabled, on laptops and desktops.

In theory, the BitLocker recovery keys are transferred to the online Microsoft Account settings when you login that way on Windows 11.

If you use a Windows local account only then it's not backed up. Nor are you prompted to do so. This is very obviously a potentially dangerous state.

If you're going with a local account only Windows 11 OS installation then:

Backup the recovery keys safely offline,

AND

Keep unencrypted backups of important data off the system (ideally several copies stored separately)

Disable BitLocker

Unless you have a very specific use case or "interesting" threat model then disabling BitLocker is my suggestion.

Once BitLocker it's disabled then ensure you are taking regular backups of import data off the PC, ideally multiple copies in separate places for redundancy.

Hardware and storage media do fail. Motherboards and their TPM / UEFI Firmware data do get damaged. That's where the BitLocker encryption keys are stored.

If the BitLocker recovery information on the motherboard is damaged or unrecoverable, your BitLocker encrypted data will be unrecoverable without the recovery keys.

#Windows #BitLocker #MicrosoftAccount #25H2 #DataRecovery

Show thread

Erik van Straten Mar 22

@SpaceLifeForm : a spare motherbord won't help just like that.

The actual encryption key is stored in a TPM chip (the rescue code is used to allow the system to access to the actual encryption key).

So even if you have a spare mobo, you'll have to transplant the TPM chip from the old to the new mobo.

The best advice: have a backup, as recent as possible. My backups are on VeraCrypt encrypted external (USB) HDD's.

#BitLocker #Veracrypt #FDE #FullDriveEncryption #TPM

SpaceLifeForm Mar 22

Fried motherboard? Have a spare.

https://www.youtube.com/watch?v=J_HfZoQucGM

#Bitlocker

Their Company Data Is Trapped On This BitLocker-Encrypted SSD

YouTube

Sass, David Mar 20

I just deleted the wrong partition during a #Windows re-install and it was #bitlocker protected.

I might need tech support...

How is your day going?

Jörg 🇩🇪🇬🇧🇪🇺Mar 19

Boah ey, nächstes Thema mit Linux Mint. Es fordert mich bei der Installation auf vor der Installation in Windows den BitLocker zu deaktivieren. Wozu? Musste ich bei Fedora doch auch nicht. Da müsste ich nur nach der Installation einmal den BitLocker Key bei eingeben und gut war.
Da ich das Passwort der Windows Installation nicht habe ist hier dann heute Schluss.
Und wahrscheinlich ist das dann auch das Ende des Versuchs mit Linux, da selbst die Anforderung sich einmal anzumelden damit ich weiter machen kann wahrscheinlich bei der Besitzerin sofort zu einem Mental Meltdown führen wird.

#Linux #LinuxMint #Windows #BitLocker #Fedora

Dag Mar 15

#Microsoft utleverte #bitlocker nøkler til #FBI fordi den var lagret i skyen. Hvordan nøkkelen er lagret må bli tydeligere https://www.digi.no/artikler/debatt-nar-noklene-ikke-er-dine-er-heller-ikke-dataene-det/569447

#sikkerhet

Når nøklene ikke er dine, er heller ikke dataene det

Bitlocker-saken har skapt uro om kryptering og bakdører. Men problemet ligger ikke i selve krypteringen – det ligger i hvordan nøklene håndteres og forklares.

Digi.no

Show thread

Kevin Karhan

Mar 12

@ct_Magazin #BitLocker idt backdoored und damit.inhärent unsicher!

Orca 🌻 | 🎀 | 🪁 | 🏴🏳️‍⚧️Mar 12

If you installed Windows 11 on officially supported hardware, it will automatically encrypt your disk, so no other people than you can access your data. But if you login to a Microsoft account during first setup (or "OOBE" as Microsoft name it), Windows 11 will upload your disk encryption recovery key to your Microsoft account, and now Microsoft can assist others (like law enforcement agencies) in decrypting your disk... Now what?

Windows Device Encryption introduction, and how to reset recovery keys
https://writee.org/orca/bitlocker-reset-recovery-key

#Microsoft #Windows #Windows11 #BitLocker

Windows Device Encryption introduction, and how to reset recovery keys

Windows 11 automatically uploaded your disk encryption recovery key to Microsoft... now what? Note This article includes introduction to several concepts in disk encryption. Because the implementations of...

Orca's rambling