Slashdot Mirror
Microsoft Has Your Encryption Key If You Use Windows 10 (theintercept.com)
An anonymous reader writes with this bit of news from the Intercept. If you login to Windows 10 using your Microsoft account, your computer automatically uploads a copy of your recovery key to a Microsoft servers. From the article: "The fact that new Windows devices require users to backup their recovery key on Microsoft's servers is remarkably similar to a key escrow system, but with an important difference. Users can choose to delete recovery keys from their Microsoft accounts – something that people never had the option to do with the Clipper chip system. But they can only delete it after they've already uploaded it to the cloud.....As soon as your recovery key leaves your computer, you have no way of knowing its fate. A hacker could have already hacked your Microsoft account and can make a copy of your recovery key before you have time to delete it. Or Microsoft itself could get hacked, or could have hired a rogue employee with access to user data. Or a law enforcement or spy agency could send Microsoft a request for all data in your account, which would legally compel them to hand over your recovery key, which they could do even if the first thing you do after setting up your computer is delete it. As Matthew Green, professor of cryptography at Johns Hopkins University puts it, 'Your computer is now only as secure as that database of keys held by Microsoft, which means it may be vulnerable to hackers, foreign governments, and people who can extort Microsoft employees.'"
I would like to know the opinion of large public corporations security officer on this feature of windows.
How about you don't login with a Microsoft account? That'll show them!
I dont have an encryption key! HA! Take that Microsoft!
Do not look at laser with remaining good eye.
...pretty unprofessional. Is any corporation going to use it? Why not just put all your files on TPB instead?
Would that let you decrypt anything ruined by cryptolocker?
Get off the interwebs.
Keep using Linux and fuck off with Windows. At least with Linux you can pick and choose which cryptography to use and even have full disk encryption why would anyone that holds customer data would even consider win10 is beyond me.
I'd love to give it a go, but for no good reason other than MS trying to snoop on you, you absolutely cannot use it without switching to MS account log in. Other apps like Feedback let you sign in for just that one app rather than force a take over of your entire system login.
Did you know if you log-in with you online user account they also have your password?! granted it is probaly hashed but those crafty Russian spies have their ways
I am now waiting for
"If privacy is a concern, you don't use Windows." Fixed that for you
and
"Don't use Windows." Fixed that for you.
https://www.reddit.com/r/crypto/comments/3f0j44/windows_10_backs_up_your_bitlocker_recovery_key/
Im pretty sure there was some slashdot article about this too.
So one important thing to remember is that these keys don't give anyone a login or remote access to your box whatsoever. Instead, Windows 10 now turns on disk encryption by default. That's a good thing, but of only limited value since disk encryption really only helps if the disk is physically stolen from you.
So what we have here is a copy of the key that allows recovery of an encrypted disk being stored in the cloud unless you delete it. Not the greatest thing ever but it doesn't panic me all that much when the same people who scream about not upgrading to Windows 10 because OMG NSA are also running old systems without any disk encryption whatsoever.
To put it another way: The vast VAST majority of Linux systems in operation that don't use full disk encryption are actually LESS secure than this setup simply because there's no need to get your hands on a recovery key to decrypt anything. Yes, I'm well aware that Linux systems with full-disk encryption exist. So what, they did (and still do) on Windows too.
AntiFA: An abbreviation for Anti First Amendment.
It seems that this is for microsoft accounts, and I remember reading about this a while ago that it uploads to the onedrive.
If you have a corporate machine it should be domained and not using a microsoft.com account for your work thing.
Good to remember, that Congress just passed new (clearing companies to share any data with the NSA directly without liability) surveillance legislation tucked into the 2015 budget bill:
http://arstechnica.com/tech-po...
The way this (and the data uploading with Windows 10) dovetails with the budget spy bill just passed you'd think it was hatched out in a back room - in D.C.. Obviously don't use Windows 10 if possible (you can still get 7 or 8.1 on most systems) and don't use Microsoft's built in encryption option (which Microsoft kneecapped starting with Windows Version 8 by removing the elephant diffusor making it more vulnerable to brute force attacks), there are other options for Windows Encryption.
When I set up my computer, it stays OFFLINE until I'm finished setting it up. I don't logon with my hotmail account, so technically my key isn't there.
PROXY, upload a FAKE key, simeple
How American of you Microsoft. Pretend that this actually provides any kind of privacy to your users and "delete" their keys when requested.
As soon as your recovery key leaves your computer, you have no way of knowing its fate. A hacker could have already hacked your Microsoft account and can make a copy of your recovery key before you have time to delete it. Or Microsoft itself could get hacked, or could have hired a rogue employee with access to user data. Or a law enforcement or spy agency could send Microsoft a request for all data in your account,
Or dogs and cats start sleeping together, or unicorns could start bombing us with rainbow shit, etc,etc.... ad nauseum.... sheesh....
You're messin' with my Zen Thing, man.....
The article states = 'Your computer is now only as secure as that database of keys held by Microsoft, which means it may be vulnerable to hackers, foreign governments, and people who can extort Microsoft employees.'
Yes, because your everyday user's are so much more capable of protecting their data on their computers.
Silliness...
Sure, you can delete it. Really. Just try it. See it's gone. It really is. Wink wink nudge nudge.
Hey, at least it can't be shortened further to "Windows fixed that for you".
Blank until
:-) You mean "Windows screwed that for you"...
I am 12 and what is this?
Consider the alternative:
1. Encrypt the disk and login with Microsoft account
2. Forget the password, reset it from the web
3. Poof! You data is gone!
Maintaining strong security is not a joke. You have to memorize multiple long passphrases for different domains of protected data and never access stuff on devices that have ever left your custody. Like a laptop that has been left at home for NSA keylogger installation convenience. Be prepared to lose data and toss hardware on regular basis. I don't blame Microsoft for not making that the default setting, there is just no way to explain this to users who don't have specialized training.
But you can setup a windows 10 machine with all local accounts and all updates, traffic disabled.
Good guide here http://www.rockpapershotgun.com/2015/07/30/windows-10-privacy-settings/
Looking at wireshark it does seem to work
this is no joke. the reason why Microsoft is saving the key is to hand to NSA. the key is not safe. encryption has been broken. every bit of data uploaded over the Internet is saved in NSA databases via upstream fiber tapping. the law didn't change that. even metadata is still being saved.
Microsoft is one of NSA's/DOD's biggest contractors. They secretly hand everything over to them. Your data is being hacked and snooped through even if no one tells you about it.
obamasweapon.com
"I am not a number. I am a free man."
Well, I was a free man until I logged in with my Microsoft account on my Windows 10 PC.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Can someone explain what all this actually means? Why should I care about this recovery key? I back up my own data so... if I had to do a recovery, I can certainly do that.
Not really any scenario where I would think of going to Microsoft to recover anything. What am I missing?
Sig for hire.
I can't believe this day and age people are still using windows. You get what you deserve!
Linux distros do the same
or do they?
How do YOU know? Have you audited the distro? Has anybody done a PRIVACY AUDIT on Linux distros?
Or, did you fall for the assumption that Oh it's open source so it must be ok, and misplace your trust in the hope that somebody else says it's ok?
I think it is LONG OVERDUE that Linux Distros have a PRIVACY AUDIT (expecially commercial backed ones and most popular ones - RedHat and Ubuntu (Canonical) and any distros derived from them.
If encryption is turned on by default for normal users, there must be a way for the provider to recover the data.
People lose their passwords all the time, and don't want to lose all their data if that happens. For these people, disk encryption is just a way to prevent regular laptop thieves from accessing their data, not to protect them from the NSA and criminals who can hack Microsoft. They don't want end-to-end encryption.
If you need high level security even against Microsoft, then don't use your MS account, or better yet, don't use Windows.
So , Windows 10 should only be run as a guest where the host machine's hard drive is encrypted, right?
hackerman
He can figure this out with an atari and a laser disc.
While the main point of the article is about a Windows account there is an underlying discussion on overall privacy using Microsoft Windows. This is just the latest article discussing privacy and security concerns. Sure, "some" businesses are always years behind in releasing a new OS. Others are not so far behind, and are very concerned about security so not approving Win10.
For example, as soon as the OS was released we see how the OS will send your keystrokes to Microsoft. Not just what you type into Cortana, IE, or Edge but ALL keystrokes are recorded by the OS. You can disable sending the data to Microsoft, but we have yet to find a way of disabling the keylogger built in to the Kernel. (recorded does not necessarily mean stored long term, but long enough to evaluate in memory.)
Due to that lack of trust, I may have installed Win10 but never created a MS or Azure account. Anything I do on the device is treated as public knowledge because the OS is built to remove privacy from end users. I won't use online banking on the PC with Win10, and logging in to anything is assessed under the assumption that someone from MS and the Government will have full access to the account. When I'm working on sensitive stuff I use Linux.
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
Yours :P
Thank you Dave Raggett
Should be noted, TrueCrypt 7.1a (last full version) works fine with Windows 10 if you're really concerned about someone thieving your data. I highly doubt the OS has your TrueCrypt keys if you use this solution, Microsoft account or not.
Wow, that's some crazy shit you're linking to boss. If you are the author of those websites, no wonder they put you in OSH.
I mean, this should be pretty old news by now, but the moral of the story is the same as the previous N stories where using a Microsoft account uploads your personal information to Microsoft's (and the government's) servers: don't use a Microsoft account. At least this is a relatively easy fix which avoids a lot of the badness of Windows 10. I view it like running an ad blocker: yeah, it's kinda bad for convenience sometimes, but it's a small price to pay to avoid malware I know about, and other malicious things in the future.
The conclusion in the article was that everybody who manages to hack the MS database or extorts an employee there would get access to my data. While i severely doubt that accessing the key is easily possible for an employee (i would not think so) without being noticed, there is another important point: Whoever steals my key, still needs access to my physical access to the HD (an that is the only situation in which stealing the key makes a difference: physical access, but no possibility to manipulate the OS before).
That would be
(1) thieves
(2) anybody who buys the device witout being wiped correctly
(3) anybody who finde the device after being lost
(4) law enforcement (with court orders)
(5) intelligence service (in the gray zone)
1-3 probably wont get access to the key
4 at least will have to show an official document to MS to get the key (and at least make the transgression trackable, and therefore less likely that some stupid cop "just because he does not like your nose" will search the computer)
IMHO 1-4 are much more likely threats than 5.
Lets go to 5. If you are the target of an attack of any stat-level actor nowadays, i would assume that the level of precaution you have to take goes far beyond "not storing you key at MS". Dont get me wrong, i use local encryption and dont upload the key somewhere.
so the choice is
* making encryption unusable to the everyday user (most likely to get victim of accidental loss/theft) since they are afraid to loose theirs keys (imagine the kind of publicity MS would get....)
* accepting that law-enforcement/state-level actors still can transgress on a few selected users under substantially increased effort, but protect the average user from the fall-out of loosing his/her device
I personally thinks it's absolutely sane to choose the latter (and contrary to the statement in the article, most companies actually *do* store recovery keys centrally for Bitlocker.
If you believe that you are under treat by any western state-level actor, then trust nobody and nothing besides your own brain. The majority of the advice/ideas/hints/analysis which are reported in the tech press in respect to security are worthless shit.
Microsoft doesn't give anything away for free without a catch.
In this instance, the catch is your encryption key.
Political correctness is really just herd psychology pushed by insecure people who desperately seek social conformity.
Tbqh, I have entertained the idea of running windows offline for quite some time now. I run a windows 7 pro desktop and a windows 7 pro tablet. On both I use Bleachbit, PrivaZer, & run Yamicsofts Windows7 Mgr, using Tinywall as a windows fw gui. Yamicsoft allows you to see the tasks created that send data back and/or the one that silently sets you up for an unwanted OS update. I delete them all. As for encryption, gpg4win or the like is useful to me. Full disk is not necessary atm and in fact the only thing I encrypt is obviously my password manager. I will be investing in a couple of Yubikeys before spring to get two factor up and running system wide, incl. for my phone. Windows 10 is too full of holes, driver and or sound problems, and clearly cannot be trusted. As well, unless they can claim it is significantly faster than 7, which it isn't, It is absolutely useless to me unfortunately.
Well the poor saps that enable bitlocker and then update the BIOS...
If you don't have the key, i.e. your a home user and rush thru setup screens clicking OK, OK, OK, OK, OK, OK, OK, OK, OK, OK, OK and OK!
Well your screwed and get to revert back to the factory state of 8.1 and re-install your apps! This was huge fun for a customer using a Dell XPS 13 9q33 tablet thingy that they all hate.
I love Microsoft's direction!
I switched back to Linux. At one point in time I actually enjoyed using Windows 7. Tested Windows 8, and 8.1, and was not happy with how the functionality of each began to feel like Windows ME all over again. For gaming purposes I enjoyed using Windows 10 up until Microsoft wanted to dig a little too deep into what I do on my machine.
If Microsoft would consider allowing users to restrict this kind of access for more private, and be more transparent; I'd consider going back to Windows for PC gaming.
Read the fucking EULA; it's in there.
Christmas was good to me. I got an HP Envy computer with Windows 10. I turned it on, but didn't let it on the network, because I knew it would report. I built a linux stick and booted the cheap but safe OS, leaving Wanders on the disk but untouchable.
It says "all your base are belong to us".
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Does MS having a copy of a WIndows 10 Pro bitlocker key for a PC in a small medical office violate HIPPA or is the issue moot?
Plain and simple. You may as well be parading around in public wearing a T-shirt with all your most private information printed on it front and back, along with a link to a filesharing service download for all your other data. Given the choice between Windows 10 and no computer at all, I'd rather have no computer.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
Wait which key is this? My personal key or the backdoor key we all know Microsoft made for the NSA?
I had been enjoying my domain-connected Win10 machine, even riding out the changes in defaults with each major build update. But when I discovered that the photo app had been exploring my domain looking for images and presented me with a couple of folders 'look what I just did, dad...' it was hard not to freak. This is still my copyrighted material and the idea that an application that I do not use had fired up on its own and trolled through my off-machine files was a bit hard to digest. The old picture viewer is gone, so if I want to view a couple of jpgs on a cd I need to sign onto the photo app and then, maybe, it will let me look... A relative keeps finding Edge opening up websites on his machine... guess MS wants to make sure we know who is boss. Too bad, I really liked it. But finding out that the pretty face masked a burglar riffling my drawers was a bit much.
Absolutely NO ONE can be surprised by this. Anyone think NSA wasn't in this up their eyeballs?
like Microsoft developers forums?
European hypocrite.
Bitlocker lets you have the option to save your "recovery key" to USB, or to print it. In both cases, you can destroy the key effectively (note that you'll have to take care to ensure that the USB device is physically destroyed or secured in a manner secure against attackers you are concerned about, and that your printer doesn't keep a recoverable copy somewhere).
So Bitlocker is (in theory) safe and secure. Personally, I wouldn't trust this- it's proprietary, it's Microsoft, and there's every motivation to either make the key recoverable or disclose it for uses Microsoft deems useful (for instance, a future tyrannical government might be able to threaten them in such a way as to produce the keys). But by their claims, it should be.
The article distinguishes this from "device encryption", a gimped form of Bitlocker present in the "Home" edition that they give for free (or cheap or whatever- once I did even the first amount of research into Windows 10 I decided to avoid it entirely). If you pay for Professional, you get access to "Bitlocker", which has configuration options, including the print-out and USB options, which can result in NO recovery key- the generally desired state from a security perspective.
The headline of the article truthfully states that Microsoft "probably" has your recovery key, and the slashdot headline leaves that out totally. Both leave out the important fact that you have to be using the "device encryption" version of Bitlocker in the shit-tier version of Windows 10.
There's other posts talking about the keylogger, or kernel keylogging. I'm not sure the fact that the kernel keeps your keystrokes for awhile is inherently vulnerable, but it is suspicious.
In any event, the fact that you must be an expert user to get anything that MIGHT be security out of Windows 10 is absolutely disgusting. The Home version will be the most common by far, and the average user will not be aware of the default settings where keys are sent (along with a ton of other things) upstream, nor will he be aware of the fact that his supposed device encryption is recoverable by any hacker or bad actor in the future. The level of drama required to do anything in Windows 10 is massive. It's a real nightmare.
Anyone notice how oddly hard it is to set up anything but straight AES in almost all places? There's a shocking lack of user exposed options even in Linux (and Linux can be configured to extremely high levels of redundancy or security). Name a distro that lets you full disk encrypt with AES-Twofish-Serpent from a GUI, for instance (again, you can absolutely configure this, but it seems hard to get anything but straight AES). I know AES is trusted, but I'd trust it more if there were ways more ways to opt out of it and use either another block cipher, or it WITH another block cipher.
To not use Microsoft's products!
I like it better and it took less time to install. My Mighty Mouse works better.
And less hassle than my Hackintosh that my battery never got to work.
It is shaping up to be real nice. By the time it is out of Beta sweetness all around.
I used Microsoft sense Dos 1.1 and never complained about any 95 98 2000 Vista But they refuse to do anything that helps me only them.
Their partition tool in 10 could not delete a EFI partition from OSX had to use a third party tool.
I wanted to partition non destructively with the Windows 10 tool lost everything. Install Linux mint it does it instantly.
I would be ashamed to say I worked on Windows.
So when does linux get this via SystemD and co?
Or is it allready a feature of Intel AMT/VPro
(yes, complete ram upload...)
not to know microsoft has been forced to hand over keys to the NSA?
Your keys are saved by the NSA, maybe the CIA, etc.
You are attempting to conflate a kernel passing device information, with a kernel capturing and analyzing that information. It is not the same thing, and I think people should be insulted reading posts like yours.
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
If you read the post you will see that the memory is still evaluated for particulars which ANY application could grab if it knew the correct system calls. Pass through is NOT what Windows 10 is doing.
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
I'm actually totally fine with the NSA being able to take and read our physical devices. It's mass surveillance over the wire that is bullshit.
This has been the case since Windows 8 if you used BitLocker while logging into your PC using a Microsoft Account. It's not one of the newly deployed 'features' either, I looked into it when I was going to purchase a Surface Pro 2 a couple of years ago. The simplest solution is to log in with a local account.
http://windows.microsoft.com/e...
See "How can I get my BitLocker recovery key".
How else are they going to charge you to reset your password
My question here is, is the recovery key at least encrypted (by whatever method) with your account password on their servers or is it in the clear to MS? If the latter is true, then that's another reason to use some other method of system encryption. If the former then, yes, it's somewhat troubling that this can't be disabled prior to uploading the key but, it's really not the worst problem.
Does it really matter where your key is stored? I think not.
I continue to get spam from an Indian company about it, but, why should I care about their new viruses?
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
When all is said and done, SOMEONE ELSE has your backdoor key. They will deny it. Adjust to that idea. The rest is part of a bigger picture you probably be better off not knowing anyway.