Kevin BeaumontJan 23

I was wondering when a reporter would uncover this.

So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/

Microsoft Gave FBI BitLocker Encryption Keys, Exposing Privacy Flaw

The tech giant said providing encryption keys was a standard response to a court order. But companies like Apple and Meta set up their systems so such a privacy violation isn’t possible.

Forbes
Show threadNiknukemJan 23
@GossiTheDog You can save Key as a file.
Show threadjesterchen42Jan 23

@niknukem Which doesn't help if the key is additionally and automatically synced to MS. You have a MS account to login, don't you? So it's easy to connect...

And afaik the sync can only be deactivated using GPOs - but perhaps even this is no longer a possibility...

Show threadNiknukemJan 23
@jesterchen So is there peoof they sync the key even if you select sace as file? Yeah no MS account in windows. But guess most do use intune, than key is cloud based. Welcome back veracrypt. Xd
Show thread Dirty AnComJan 23

@niknukem @jesterchen you cannot use bitlocker with a local Windows account, you have to have a linked account. BitLocker automatically uploads your encryption keys to you MS account, whether or not you choose to save it as a file. It is possible to log in and remove your keys from your MS account, but it's not very simple and I don't know if that will prompt Windows to take it upon itself to decrypt your drives.

Edit: apparently this only applies to Windows Home edition, not professional.

Show threadSam StephensJan 23
@DirtyAnCom @niknukem @jesterchen that's not true, I have Windows installs with local accounts and Bitlocker. I think you may have to have Windows Professional to do this.
Show thread Dirty AnCom
@chopsstephens
That's a good point. I hadn't considered that. Gonna have to upgrade my windows install.
@niknukem @jesterchen
Jan 23 at 7:32pmWeb