this post was submitted on 08 May 2024
135 points (96.6% liked)

Technology

34894 readers
844 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 29 points 6 months ago (2 children)

Took them long enough. Most Linux distros have a simple toggle for Disk encryption for years. And as far as i am aware Apple has it too. And basically every mobile OS is encrypted by default as well. iOS and Android

[–] [email protected] 54 points 6 months ago* (last edited 6 months ago) (6 children)

the thing is: it means that your hard drive gets encrypted. However, when that gets encrypted, besides creating a key to decrypt it, everything works perfectly. You then use that computer for 5 years and again, works great. But then the fan on the CPU gets clogged with dust and the CPU overheats and dies. No big deal, you just grab the hard drive and move it into your new computer, or you hook it up with USB to copy everything over to the new one. And that is the moment you find out it was encrypted 5 years ago. You didn’t store the key anywhere but on that disk. You can only read it with that original computer hardware because the key was made to lock that drive to that exact computer that died. And you slowly figure out that every photo, every document, everything critical to you is now protected from you and you can’t get it back.

Just as fun is making configuration changes just to upgrade your PC. Because Bitlocker uses the hardware in your computer to generate that key, some hardware changes will trigger it to need that key. Same situation where you need to revert the change to get your data.

Finally, now we need to actually bring home the issue. Drop that change into the lap of someone you know that uses a computer, but doesn’t understand the inner working of them. Maybe that’s your grandma, parent, or siblings. All of a sudden they upgrade and now have a Windows 11 time-bomb that could randomly lock them out of every file on their computer… that’s the real issue here.

Also a headache for the repair industry. If during repair the bios gets reset or the motherboard swapped, you’ll need the key to be able to boot in to windows again. And your customer is probably NOT aware.

Bitlocker is important for companies. They can have hundreds or thousands of laptops that contain files with intellectual property that could really damage the company. Laptops get stolen all the time and should be protected at the highest levels. But for normal people’s computers, the higher risk for losing data will be Bitlocker. That’s what makes this such a bad idea.

[–] [email protected] 20 points 6 months ago (1 children)

Hi, repair shop owner here.

Automatic Bitlocker encryption has been a thing since TPM 2.0 devices hit the market in 2018.

If a device is UEFI, Secure Boot is enabled, TPM 2.0 is present, and the user signs in with a Microsoft Account , then the disk is encrypted and the recovery key is saved to that Microsoft Account.

If those conditions aren’t met, automatic encryption doesn’t happen.

As long as they know their Microsoft Account Identifier, users can easily get to that key through the first search engine result for “bitlocker recovery key”: https://support.microsoft.com/en-us/windows/finding-your-bitlocker-recovery-key-in-windows-6b71ad27-0b89-ea08-f143-056f5ab347d6

We don’t really have a hard time with it - if a user provides their login PIN, a short terminal command will let us grab a copy of their key before BIOS updates or battery disconnects.

I have had very few cases where folks suffered data loss because of Bitlocker. Most of them were HP Laptops that used Intel Optane accelerated SSDs - encrypting what is effectively a software RAID0 is a recipe for disaster.

The other few had an unhealthy paranoia where they were reluctant to share anything about themselves with Microsoft, yet still decided to use a Microsoft operating system. While setting up the computer, they created a new Outlook.com email (instead of using their primary email), made up a random birthday, and did not fill in any recovery options like a phone number or secondary email. With the password (and sometimes even email) forgotten, they created a situation where they could not prove the online account was theirs and therefore could not get to the recovery key that had been backed up.

I do think that Microsoft should have this as an opt-in feature during the out of box experience, which is how Apple has it set up for Filevault and how most Linux distributions are set up. Ultimately, most users will still mash “next’ through the process and later blame the computer.

I have had quite a few clients have their laptops stolen after car breakins. Their biggest stressor was the possibility of thieves having access to the data on those machines, and the fact that we knew their systems were encrypted with Bitlocker brought them a lot of relief.

[–] [email protected] -1 points 6 months ago* (last edited 6 months ago) (1 children)

well, the thing is not everyone want to have their PC connected to MS account for privacy reason

[–] [email protected] 4 points 6 months ago* (last edited 6 months ago) (1 children)

Then don’t?

If you still want to use Windows and use their encryption solution, manually enable Bitlocker and store the recovery key yourself.

There are also third party encryption options.

[–] [email protected] 5 points 6 months ago* (last edited 6 months ago) (1 children)

Or if you don't trust Microsoft to begin with, just use Veracrypt, it won't upload your recovery key anywhere, but will help to make a recovery usb stick.

Additionally, the problem above was not some kind of "unhealthy paranoia", but disliking Microsoft and then still creating an account for some reason, one that they deemed to be a throwaway account. Question is why did they do that (oh, because Microsoft made it hard* to skip registering an account? That can't be! Microsoft is trustworthy and anyone thinking else is just unhealthily paranoid, right?), but also how should have the user known that this was a dangerous thing to do? Don't tell me they should have read the dozens of pages of dry legal text.

*Yes, it's hard if it's not an option in the installer. How the fuck you look it up when you don't have your computer?

[–] [email protected] 0 points 6 months ago* (last edited 6 months ago) (1 children)

If you’re at that point of not trusting a company, the best practice would be to avoid using their devices or connecting them to your network.

There are plenty of other ways to track and identify users, a company could conceivably bake whatever the hell they want into the operating system and doesn’t need to rely on you creating an account with them to achieve that objective.

I used the term “unhealthy paranoia” due to the logical fallacy that is at play.

[–] [email protected] 2 points 6 months ago

If you’re at that point of not trusting a company, the best practice would be to avoid using their devices or connecting them to your network.

Yes, that would be the best practice. However there are a lot of best practices that cannot be followed for one reason or another.

[–] [email protected] 13 points 6 months ago (2 children)

You didn’t store the key anywhere but on that disk.

Windows does not let you store the recovery key on an encrypted drive.

The rest only means, we need to deal better with our data. All the above basically also applies when you HDD or SSD dies, which can happen any time.

Backups is what you need, not an unencrypted drive.

[–] [email protected] 10 points 6 months ago (1 children)

not everyone is tech-savvy like folks on Lemmy. you can tell that to your grandma or your parents to do that to do regular backup. That is why it could cause a headache for repair business

[–] [email protected] 6 points 6 months ago* (last edited 6 months ago) (3 children)

Non tech-savvy folks aren't transplanting their hard drives in the first place.

[–] [email protected] 3 points 6 months ago (1 children)

No, but when their computer dies they'll take it to someone who does (Paid or not) to "Get their precious grandbaby photos back"

That person will inevitably ask for the key and Grandma is gonna go "What key?!?" And then when she's told all those photos are lost she's going to get pissed at the wrong person guaranteed.

These are also the same people that never change defaults soo yea this is stupid, just leave it as an easily accessible toggle for anyone who wants or needs it, but the default should be off.

[–] [email protected] -2 points 6 months ago (1 children)

They could add some kind of message that warns about this, but I think it's a better idea to encrypt by default (warning or not) rather than not... at least for privacy reasons.

[–] [email protected] 3 points 6 months ago (1 children)

It really doesn't matter what message they show during setup, you haven't worked tech support or computer repair have you?

The non-savvy users rarely pay attention to shit, a message during setup will be nothing but a blip at best in their memory by the time something happens to the computer 2-4 years later.

We've been telling non-savvy users to make sure they backup their shit for literally decades now, they still don't. Not even macOS encrypts the user data partition by default, this is gonna be a shit show and hell desks and computer repair shops everywhere are on the front line.

[–] [email protected] 0 points 6 months ago (1 children)

I consider that a separate issue.

IMO OS vendors pushing for full disk encryption is light years better than simply shrugging and saying "well people might be dumb so we shouldn't do it at all".

[–] [email protected] 2 points 6 months ago (1 children)

Just turning it on for everyone like they're planning is what I have issues with.

macOS does prompt the user to enable FileVault during initial setup, but it defaults to disabled. The other thing users do, is default to the default when they don't understand something.

So by defaulting to disabled, not many people enable FileVault without actually knowing what it's talking about. If they do know what it's talking about then all's good because they'll probably actually write down the recovery key.

MS's plan so far is "On the next update we'll just turn it on for everyone everywhere and (maybe) display a fast message with a recovery key, YOLO"

[–] [email protected] -1 points 6 months ago (1 children)

Maybe educating people about backups (in general) is a better approach than being averse to increasing security/privacy.

I still prefer MS pushing updates to people that never update vs the alternative of them getting viruses and such all the time. I just wish there was an easier way for advanced users to turn it off permanently, but it's still not impossible so I still prefer this to people not updating at all.

[–] [email protected] 1 points 6 months ago (1 children)

Maybe educating people about backups (in general) is a better approach than being averse to increasing security/privacy.

Like I said, there's been various backup your shit campaigns for decades now, why do you think the next time is going to be different? One of my windows PCs literally just sent a notification about backing things up (it's what reminded me of this lmao), I wonder how many non-savvy users got that and completely ignored it?

I still prefer MS pushing updates to people that never update vs the alternative of them getting viruses and such all the time. I just wish there was an easier way for advanced users to turn it off permanently, but it's still not impossible so I still prefer this to people not updating at all.

Agreed, but this is not a matter of updates, it's a matter of how they're handling this specific update. I personally just don't see the benefits of forcing FDE on for everyone outweighing the risks.

Your average home user is going to primarily get their data stolen via malware or social engineering, both of which FDE does nothing to protect against.

[–] [email protected] -1 points 6 months ago* (last edited 6 months ago)

All we can do is try. If we warned them and they still don't do it, well you just can't fix stupid and it's not our problem anymore, plus they have bigger issues if they can't read. That's still better than doing nothing. And still better than not having device encryption IMO.

[–] [email protected] 1 points 6 months ago

No but they’re taking it to repair shops who then find that they can’t recover their customers data because it’s encrypted and then they lose al their photos and data they never backed up, because they’re not tech-savvy.

[–] [email protected] 1 points 6 months ago

I don't see what that has to do with the drive dying. Every drive dies at some point, even if left in it's place

[–] [email protected] 3 points 6 months ago (1 children)

Well, it kinda does. If you choose to print your keys, you can use print to file and safe them to the encrypted drive, if you really want to for some reason.

[–] [email protected] 0 points 6 months ago

Yep but at this point it is obvious to the user that this is not the way it is supposed to be. When you want to shoot yourself in the foot...

[–] [email protected] 3 points 6 months ago

I wouldn't fault a casual user for not backing up their encryption key because they wouldn't be swapping hard drives in the first place. And the tech savvy people already know to backup keys.

[–] [email protected] 3 points 6 months ago

This is 100% to try to force more OneDrive subs..

[–] [email protected] 2 points 6 months ago

And you slowly figure out that every photo, every document, everything critical to you is now protected from you and you can’t get it back.

How fortunate that onedrive auto uploads those to Microsoft. That is, until you run out of your quota..

[–] [email protected] 1 points 6 months ago

Microsoft lets you look up your bitlocker key, this is not the catastrophic problem you've laid it out to be.

[–] [email protected] 2 points 6 months ago* (last edited 6 months ago) (1 children)

Windows has had a simple toggle for this for years. Forcing it on by default is the only new thing here. As far as I'm aware it's been the same toggle to turn it on since Vista too.

https://louisville.edu/dentistry/informatics/di-docs/Desktop-Server-Support/EnablingBitLockerDriveEncryptiononWindows7.pdf

[–] [email protected] 4 points 6 months ago* (last edited 6 months ago)

You can not find that Option via the default Settings menu, you have to search for it or use the outdated control panel.

Also Windows Home edition does not have this option.

Edit: you can find it actually under Windows security.

Still, it never pops up during installation.