It's not like companies have a choice. If they have a key in their possession and law enforcement gets an order for it, they have to provide it.

That only strengthens the parent point. Switch to an OS where this requirement doesn't come into play if you're worried about any governments having a backdoor into your own machine.

> Switch to an OS where this requirement doesn't come into play

I use BitLocker on my Windows box without uploading the keys. I don't even have it connected to a Microsoft account. This isn't a requirement.

Considering Windows's history with user consent I would be worried about the keys eventually being uploaded without asking the user and without linking online accounts.

Probably not now but not something unimaginable in some future.

However, since Windows can still run on user-controlled hardware (non-secure boot or VMs), I guess this kind of behavior could be checked for by intercepting communications before TLS encryption.

except Microsoft probably as a master key

People know the system well enough to write FOSS implementations of it; I think they would have noticed and sounded the alarm if there were a possible master key.

I don't think anybody is interested in reverse-engineering closed-source OS to check if it works as documented; it;s easier to just use Linux which has open-source code.

> I don't think

Well at least you got that part correct. Do you just not know about security researchers? Or even bug bounty programs?

Why are you even on this forum? Doesn't seem like you know much about technology

Do you know what a private key means in this context?

No, I don't. The bitlocker key is a symmetric key.

Not public.

Check behind your kid's stereo - what's that? Oh, it's a PGP key and gram of meth!

> It's not like companies have a choice.

> If they have a key in their possession [...]

So they do have a choice.

People/users have an option to keep the key themselves. Most wouldn’t bother to manage encryption keys.

put $10 into the pub box for commenting without reading the OP, or at least being reasonably well informed before commenting.

And even if they don't have the key. Case in point: https://medium.com/@tahirbalarabe2/the-encryption-dilemma-wh...

Thanks for the link, interesting article. The UK is among the worst in this regard.

Regarding the article's Apple example:

> The FBI eventually found a third party to break into the phone, but the tension between privacy and security remains unresolved.

This is actually quite resolved.

- Tech companies in the US are free to write secure encryption technologies without backdoors.

- Government is free to try to break it when they have valid legal authority.

- Tech companies are obligated to turn over information in their possession when given a legal warrant signed by a judge based on probable cause that a crime has occurred.

- Tech companies are not required to help hack into systems on the government's behalf.

As far as I'm concerned, in the US things are perfectly resolved, and quite well I think. It's the government and fear-mongers who constantly try to "unresolve" things.

Why take the drastic step of switching to linux (a difficult endeavor) when you can simply turn off key uploading.

Why continue to use an operating system that’s adversarial towards you?

I will never understand this from software engineers/tech people in general. That demographic knows how technology works, and are equipped to see exactly where and how Microsoft is taking advantage of them, and how the relationship is all take and zero give from their end. These people are also in the strongest position to switch to Linux.

The only explanation that makes sense to me is that there's an element of irrationality to it. Apple has a well known cult, but Microsoft might have one that's more subtle? Or maybe it's a reverse thing where they hate Linux for some equally irrational reasons? That one is harder to understand because Linux is just a kernel, not a corporation with a specific identity or spokesperson (except maybe Torvalds, but afaik he's well-regarded by everyone)

It's convenient to attribute the reason to irrationality or cult-like behavior than to actually accept the real reasons.

Who is being irrational?

Or maybe Windows just works better for their use-case? Did you consider that?

Microsoft is known for regularly altering the deal. Just because you configure the OS to not upload keys today, does not mean that setting will be respected in the future.

Pray I don’t alter it further.

Because that gives you a lot more control over your computer than just solving this particular issue. If you care about privacy it's definitely a good idea.

Because Microsoft absolutely will make it mandatory somewhere in the not so distant future.

you've baked in an unfounded assumption that bitlocker is even initially enabled intentionally by someone who knows that's a choice they can make:

> Here's what happens on your Dell computer:

> BitLocker turns on automatically when you first set up Windows 10 or Windows 11

> It works quietly in the background, you won't notice it's there

> Your computer creates a special recovery key (like a backup password) that's saved to your Microsoft account

> You might be reading this article because:

> Your computer is asking for a BitLocker recovery key

...such as after your laptop resets its tpm randomly which is often the first time many people learn their disk is encrypted and that there's a corresponding recovery key in their microsoft account for the data they are now unexpectedly locked out of.

https://www.dell.com/support/kbdoc/el-gr/000124701/automatic...

Yeah, the real question is what comes after the install...

All other governments is a stretch here, but likelihood of at least one another government getting same privileges is extremely high.