Encrypting the data stored locally on your hard drives is generally a good idea, specifically if you have use a laptop and take it with you a lot and thieves might get a hold of it. This issue becomes even more pressing if you carry sensitive data as a dissident or whistleblower and have to deal with law enforcement. Or, you know, if you’re an American citizen fascist paramilitary groups like ICE doesn’t like because your skin colour is too brown or whatever.
Windows offers local disk encryption too, in the form of its BitLocker feature, and Microsoft suggests users store their encryption keys on Microsoft’s servers. However, when you do so, these keys will be stored unencrypted, and it turns out Microsoft will happily hand them over to law enforcement.
“This is private data on a private computer and they made the architectural choice to hold access to that data. They absolutely should be treating it like something that belongs to the user,” said Matt Green, cryptography expert and associate professor at the Johns Hopkins University Information Security Institute.
“If Apple can do it, if Google can do it, then Microsoft can do it. Microsoft is the only company that’s not doing this,” he added. “It’s a little weird… The lesson here is that if you have access to keys, eventually law enforcement is going to come.”
↫ Thomas Brewster
Microsoft is choosing to store these keys in unencrypted fashion, and that of course means law enforcement is going to come knocking. With everything that’s happening in the United States at the moment, the platitude of “I have nothing to hide” has lost even more of its meaning, as people – even toddlers – are being snatched from the streets and out of their homes on a daily basis by fascist paramilitaries.
Even if times were better, though, Microsoft should still refrain from storing these keys unencrypted. It is entirely possible, nay, trivial to address this shortcoming, but the odds of the company fixing this while trying to suck up to the current US regime seem small. Everybody, but especially those living under totalitarian(-esque) regimes, should be taking extra care to make sure their data isn’t just encrypted, but that the keys are safe as well.
the platitude of “I have nothing to hide”
If that is the case then why are the new storm troopers all wearing masks? Them “freedom” loving morons in the Repugnant Party were totally against those mask when it came to saving peoples lives. Now when it comes time to skulk around so they cannot be identified for their crimes they are all in favour of them. Getting back on the topic quite frankly if you are being stupid enough to think Microsoft was not going to hand over the encryption keys then you deserve what they get from being that naive. Anyone even remotely concerned and needing that kind of protection knows you are only secure if you hold the keys, you can only trust yourself. Even then how well you going to stand up to torture if they want the decryption passphrase bad enough, because everything is on the table with them people now, you have no more rights in the new fascist America.
In the unlikely event my cloud storage was ever compromised, the important bits are secured with Cryptomator. You can also use it to encrypt a local folder.
people often forget that you cannot use secure tools securely on an insecure platform like Windows.
ICE is doing great work arresting illegal immigrants. These people, by being in the United States illegally have broken our laws. May har gone on to rob, rape, and murder American citizens from various ethnicities and backgrounds.
If you don’t like ICE, don’t be in the United States illegally.
ugh.
djitanium,
The majority of the population are in favor of enforcing immigration laws. However the fact that you can’t even think of another reason to dislike ICE these days implies that you haven’t been following the news; it goes beyond the pale. Even documented citizens are being arrested by ICE.
https://www.opb.org/article/2025/10/16/immigration-ice-arrests-propublica-white-house-deportation-immigrants-sweep/
Some immigrants who were in the country legally and have no criminal records have gotten rounded up and deported at their own immigration hearings. ICE police have no accountability under this administration’s corrupt DOJ. Just this week two DHS whistleblowers leaked internal guidance for ICE agents to ignore constitutional doctrine that requires judges to sign off on warrants to enter private property. Red-blooded americans who care about the rule of law and democracy should find it abhorrent that due process and other constitutional rights are getting shredded. None should condone federal police warrantlessly breaking into homes, arresting people at legal immigration hearings, spying on social media posts in furtherance of a political which hunt.
While ICE are ostensibly being deployed to deal with illegal immigrants, they are a red herring. ICE’s more nefarious purpose for the administration is the escalation of tensions to ignite civil unrest to send in militias, invoke the insurrection act and perhaps even declare martial law. These levers give the president more power to cancel future elections and plunge the country into totalitarian rule. I don’t know why people are so nonchalant about unchecked executive power under a president who doesn’t believe law applies to himself and openly praises dictatorship. This ends poorly for the democracy our forefathers fought so hard for and unfortunately we’ll have ourselves to blame for it 🙁
thanks for that. I honestly didn’t think they deserved a response because I don’t understand how they could possibly be cheering from the sidelines. Either they are trapped in the worst kind of echo chamber or their humanity is damaged. Either way, I am deeply concerned for them.
in such case all americans should be expelled from USA by native americans, because you guys are there illegally. You stole the land, killed indigineous inhabitants. Apparently, the apple doesn’t fall far from the tree. Also, mind you that america is literally built by immigrants. Fighting immigration is destroying america as you know it.
Just remember that all tyrannical governments come for their own people eventually, sooner or later. The fact that you cannot understand it won’t make you immune to it.
I used to be strong believer in good education system that would allow people to become better equipped with tools that would allow them to understand the world as it is, without any distortions. Then I realized we are not built equally (*although we should all have equal basic human rights). Some people are just incapable intellectually and years of education won’t help them. They cannot understand the issue until it’s too late for them and for the others. They are unable to predict things by observing what happens around them. And then it’s too late for the cries and grief.
Go away, you fascist scum.
Exactly.
It is astonishing how many still fall for the far left propaganda.
You can fuck off too.
First of all – fuck you. You are a fascist piece of shit. Now having stepped in you, let me proceed by scraping you off my shoe:
The level of “crime” they committed is a misdemeanor. Unless you lie to me, and tell me you’ve never ever gone above the speed limit, you can kindly fuck right off, back to whatever hole you crawled out of. An appearance ticket is not worth sending actual jack booted thugs in to the streets of America.
Always remember, friends, the Republican “don’t tread of me” crown, sent troops in to the streets. The thing they feared was always their own shadow. They were always the vile, disgusting filth they’ve see in everyone else. It was always projection.
If some company has the keys to your encrypted data, your data is not encrypted.
“Have nothing to hide” works fine until your government becomes tyrannical and uses anything it can find against you. Affairs? tax issue? some dirty little secret you have that is not a crime, but something you certainly don’t want to share? too bad.
It always baffles me that people don’t see it and cannot predict it, but I guess we aren’t built equally and that’s something we need to accept for better or for worse.
“Encryption” that stores the keys on someone elses servers and allows them to use them to decrypt your encrypted data is completely useless. It’s a condom with a huge hole in it.
The key component to this is really Microsoft and and all other cloud tech we are asked to trust with our alleged best interest at heart.
Stop trusting them. They owe you nothing in return for taking over the data you committed to them and money it cost you.
Since Snowden nobody has any excuses anymore. The suspicions had been confirmed, and nobody took heed.
“Think of the children”; well, how’s that working out for ya?
In an entirely unrelated context, something on this page needs to run some javascript from “azure.com”.
This is the consequence of PHBs and Average Joes wanting to have their security and eat it too (aka sacrifice security in the name of convenience).
If the keys were encrypted using some kind of password (set by the user), then Microsoft would have no way of retrieving the keys, and any court order would be powerless, since Microsoft cannot give what they don’t have (the user-defined password). But then, tech support reps wouldn’t be able to recover the keys for customers when some PHB or Average Joe forgot their password.
It’s so funny that the actual owner can’t get Microsoft to do these sorts of things when needed. (sad funny)
Fear of litigation.
Giving keys because a govt requested is safe for the corporation. The worst that could happen is some bad press if the said govt kill a bunch of people. Due their monopolistic position and due being increasingly less reliant on end user for revenue, they could not care less for a bit of bad press.
Releasing the keys to a third party by mistake after a social engineering trick on other hand can be disastrous at court.
Was great that Ars did an article on how to remove your key from the online account and keep it in your own hands.