Encrypting the data stored locally on your hard drives is generally a good idea, specifically if you have use a laptop and take it with you a lot and thieves might get a hold of it. This issue becomes even more pressing if you carry sensitive data as a dissident or whistleblower and have to deal with law enforcement. Or, you know, if you’re an American citizen fascist paramilitary groups like ICE doesn’t like because your skin colour is too brown or whatever.
Windows offers local disk encryption too, in the form of its BitLocker feature, and Microsoft suggests users store their encryption keys on Microsoft’s servers. However, when you do so, these keys will be stored unencrypted, and it turns out Microsoft will happily hand them over to law enforcement.
“This is private data on a private computer and they made the architectural choice to hold access to that data. They absolutely should be treating it like something that belongs to the user,” said Matt Green, cryptography expert and associate professor at the Johns Hopkins University Information Security Institute.
“If Apple can do it, if Google can do it, then Microsoft can do it. Microsoft is the only company that’s not doing this,” he added. “It’s a little weird… The lesson here is that if you have access to keys, eventually law enforcement is going to come.”
↫ Thomas Brewster
Microsoft is choosing to store these keys in unencrypted fashion, and that of course means law enforcement is going to come knocking. With everything that’s happening in the United States at the moment, the platitude of “I have nothing to hide” has lost even more of its meaning, as people – even toddlers – are being snatched from the streets and out of their homes on a daily basis by fascist paramilitaries.
Even if times were better, though, Microsoft should still refrain from storing these keys unencrypted. It is entirely possible, nay, trivial to address this shortcoming, but the odds of the company fixing this while trying to suck up to the current US regime seem small. Everybody, but especially those living under totalitarian(-esque) regimes, should be taking extra care to make sure their data isn’t just encrypted, but that the keys are safe as well.
the platitude of “I have nothing to hide”
If that is the case then why are the new storm troopers all wearing masks? Them “freedom” loving morons in the Repugnant Party were totally against those mask when it came to saving peoples lives. Now when it comes time to skulk around so they cannot be identified for their crimes they are all in favour of them. Getting back on the topic quite frankly if you are being stupid enough to think Microsoft was not going to hand over the encryption keys then you deserve what they get from being that naive. Anyone even remotely concerned and needing that kind of protection knows you are only secure if you hold the keys, you can only trust yourself. Even then how well you going to stand up to torture if they want the decryption passphrase bad enough, because everything is on the table with them people now, you have no more rights in the new fascist America.
In the unlikely event my cloud storage was ever compromised, the important bits are secured with Cryptomator. You can also use it to encrypt a local folder.
ICE is doing great work arresting illegal immigrants. These people, by being in the United States illegally have broken our laws. May har gone on to rob, rape, and murder American citizens from various ethnicities and backgrounds.
If you don’t like ICE, don’t be in the United States illegally.
ugh.