I'm going out on a limb and suggest that Micah Lee understands why Windows works this way: because Windows is the most popular operating system in the world, and the overwhelming majority of Windows users don't understand how encryption works, and are shocked and dismayed to discover that losing their key more or less forfeits all the data on their disk.<p>It's straightforward to set Bitlocker up so that Microsoft doesn't hold a backup key.<p>Microsoft is doing what their userbase wants them to do. I'm not sure what's interesting about this story.
> As Green puts it, “Your computer is now only as secure as that database of keys held by Microsoft, which means it may be vulnerable to hackers, foreign governments, and people who can extort Microsoft employees.”<p>One way to think about this: before Win10, my computer was only as secure as the car I sometimes left it in, not to mention that it was only as secure as a bag which I admit I sometimes left out of my sight in coffee shops for seconds at a time.<p>Overall this is a great win. The NSA is not the only actor that FDE secures us from: FDE is more critically protection from anyone who can smash the window of your car or grab your computer in a public place and run. Security is always full of compromises, and MS here is making a compromise to provide protection from the latter group without significantly damaging data availability.<p>Think about this from a C/I/A perspective - that is, Confidentiality/Integrity/Availability as the security industry often discusses. Will-implemented encryption, with as few parties as possible in control of the key (e.g. only the data owner), is excellent for confidentiality and integrity. However, it can have <i>severe</i> impacts on availability if the key is lost. Controlling availability often requires policy and procedure controls (e.g. manually keeping a backup of the key on media stored in a secure place) which cannot simply be automatically enabled like FDE can.<p>Users who are worried about protection from actors like the NSA must take significantly more stringent security measures, including less technical policy and procedural controls, and Windows gives them the capability to do so by re-encrypting without backup to Microsoft and making their own backup which they can manage as they see fit.
One can replace "Windows computer" with "Android device" and "Microsoft" with "Google" and the article is still factually correct. In other words, how is this any different from Google doing the exact same thing when you sign in to an Android device? On another note, the article gives clear instructions on how to generate a new key without giving it to Microsoft, something that (to the best of my knowledge) is impossible to do on Android or Chrome OS.<p>I get it, it's easy to pick on Microsoft and for good reason. But the hyper focus of this article screams bias.
The keys are stored in your individual OneDrive not a centralized database.
OneDrive key integration isn't on by default even if you link a windows live account to your windows ID.<p>Also it's important to note that Microsoft doesn't have your key it has a key recovery element they still need the TPM and your physical drive to recover the full key this is a very very important part as they 1) still need physical access to your machine and 2) cannot arbitrarily encrypt data on your behalf.<p>FDE isn't there to stop government surveillance it's to stop your life from being ruined because you forgot your laptop at a coffee shop or because the guy who you gave your laptop for repairs is a watcher.<p>FDE's biggest problem is that it can fail very easily and very miserably especially when anti-tampering is enabled with external hardware. This solution solves all the usability issues as long as you can get online your laptop will not turn into a paper weight, I can't count the number of times that BitLocker especially 1.0 failed on me when the anti tampering was triggered due to power failure, BIOS update, boot loader reconfiguration and just because it can.
With this you get to keep all the anti tampering while still keeping your key relatively secure, OneDrive is probably more secure than pretty much any location you would normal keep the key recovery element yourself (Mine was both my wallet and a scrambled version under the battery when i still have laptops with removable battery).<p>P.S.
This is like the 10000's time this has been posted every time some one else discovers this and goes for the clickbait.
Hasn't this been discussed multiple times? Microsoft tends to backup your key because the majority base doesn't understand how encryption works. When an average person thinks of passwords, they think there is a way to reset it. Good luck explaining to your grandma why all her favorite photos disappeared when she forgot the password.<p>I think for an average Joe this seems like a good strategy. With the defaults being off if the computer is stolen, all of their data and identity are stolen with it. This atleast acts like a door for an otherwise open house. Advanced users can use another encryption or do what the article suggests to not sent the key to Microsoft.
I agree that this is better than no encryption. And they're likely escrowing (in most but not all cases) the key for valid UX reasons. The tricky part is doing it without asking the user. Apple used to do optional escrowing on OS X with File Vault 2, but they asked the user.<p>The privacy/surveillance concern comes to play now that China has a law (as of Sunday) saying that tech companies need to be able to hand over keys on demand/request (whatever). Since Microsoft escrows them, they'd be capable of complying. Google and Apple who don't escrow them at all anymore, can't actually comply. Uncertain is whether the law requires them to start a key escrow function.<p>EDIT: And then what if/when U.K. wants access on demand to that escrow service? And then what if/when the U.S. does? If the companies have the keys, it doesn't require a law to get access to them, just a subpoena. It'd require a law to compel the companies to create the escrow capability though.
I'm more confused now than ever.<p>Is it true that all Windows 10 SKUs have full-disk encryption turned on by default?<p>And this automatic full-disk encryption is called "device encryption", which is really the same as BitLocker but without any way for the user to control it? And you can't get BitLocker on the Home edition?<p>If you immediately set up BitLocker, it allows you to save or print your key instead of sending it to Microsoft. But does it use the same key as the default "device encryption" that was already sent to Microsoft? BitLocker doesn't create a new key and re-encrypt the drive?<p>And the TPM automatically loads your key into RAM when the device is powered on, so it's still vulnerable when the device is not in your possession?<p>Are you safe if you (1) create a local account instead of a Microsoft account, (2) use BitLocker instead of device encryption, (3) save your key locally instead of sending it to Microsoft, and (4) require a separate PIN or key to boot the computer in addition to the local Windows account??<p>It would be helpful to describe exactly how to create a local account, because the Windows 10 setup procedure hides this pretty well. It looks like the only option is to use an existing Microsoft account or create a new one during setup.<p>And it would be great to explain how to create a secondary PIN or key since that doesn't show up in the BitLocker UI until you edit the local policy[1].<p>[1] <a href="https://weikingteh.wordpress.com/2011/04/18/how-to-enable-bitlocker-to-prompt-for-pin-during-startup/" rel="nofollow">https://weikingteh.wordpress.com/2011/04/18/how-to-enable-bi...</a>
I know that this article is specific to Windows 10.<p>However, it sounds like the same caveats and risks also apply to Apple's iCloud keychain.<p>I'm not trying to excuse one by pointing at the other... I genuinely want to understand any differences in the implementations and the security implications of those differences.
I still wouldn't escrow my disk encryption keys, but I'd be happier if Apple and Microsoft could guarantee that they couldn't access the escrowed keys, kind of like how tarsnap's design means that cpersiva doesn't have access to my backups.
TLDR;
Micah Lee writes an article that takes an in-depth look at how various encryption policies work by default on Windows platforms. No good deed in netsec goes unpunished, so of course Micah is attacked by Ars P.Bright and @SwitftOnSecurity (you know, really reliable people compared to The Intercept :-p).