Back in January Microsoft encrypted all my hard drives without saying anything. I was playing around with a dual boot yesterday and somehow aggravated Secureboot. So my C: panicked and required a 40 character key to unlock.
Your key is backed up to the Microsoft account associated with your install. Which is considerate to the hackers. (and saved me from a re-install) But if you’ve got an unactivated copy, local account, or don’t know your M$ account credentials, your boned.
Control Panel > System Security > Bitlocker Encryption.
BTW, I was aware that M$ was doing this and even made fun of the effected users. Karma.
Windows is the virus.
Bit late to this thread but I know a few commands that might help if you’re stuck:
manage-bde -off C:(or any other drive) This decrypts the volume and turns off bitlockermanage-bde -lock/unlockmanage-bde -protectors -get C:(or any other drive) This displays your 48-digit key. I suggest you store it somewhere, just to be safe.Get-BitlockerVolumereveals which of your partitions are encrypted with Bitlocker.Disclaimer: I am not a terminal nerd, I just had similar problems years ago and went down the rabbit hole, used these commands and turned off bitlocker permanently. I don’t use windows anymore, but when I did, it didn’t cause any problems with bitlocker after this. If you’re concerned about your un-encrypted hard drives, consider using Veracrypt (carefully!) or similar open source encryption software.
Fuck Microsoft.
I remember back in highschool a buddy encrypted his harddrive, didn’t backup his key. He Lost ALOT when I upgraded his comp
But how is that relevant to your ‘Fuck Microsoft’ if he knowingly encrypted his device, which is how you make it sound?
I’ve enabled FDE on one of my Linux devices, I’ve already had to mount the filesystem in a rescue environment once because a failed update caused the system to be unable to boot. I would also have been hosed if I had lost the encryption key. Ok not really, because that’s what backups are for, but you hopefully get the point.
From what I gather though other memes, It looks like Windows 11 is enabling Bitlocker by default.
I know, and the ‘fuck Microsoft’ is completely warranted for that. But shouting that and then coming up with a story where somebody enabled it themselves and subsequently lost their key, that doesn’t make a lot of sense. Unless it was to illustrate the dangers of FDE, but in that case the point could have been made a bit clearer.
That’s not a Microsoft issue. Loose your key and the door will stay close whatever it is.
I just leave secure boot/bitlocker off when it comes to my home system. It wasnt something I “needed” when I was dual booting windows 10 and it’s not something I’m gonna enable now that I’m using 11.
It’s not ”leaving bitlocker off”, though. It’s ”be aware about it and turn bitlocker off manually” since it’s enabled by default in the latest updates.
That’s false. My Windows partition didn’t magically enable bitlocker and I’m on 24h2. LTSC build and local account tho.
They can’t do that legally without notifying our asking in eu
I tried having it on my new laptop for a bit. It took like a week for Windows to kill the secure boot key for my Linux partition. Even after I disabled secure boot I couldn’t get it to boot up so I had to reinstall. Just left it turned off afterwards.
Its just not worth the trouble for a home pc imo
This has been happening to people randomly for years. Ysed to get calls about it all the time, and that was pre-covid
Always have backups! Doesnt matter what OS you use, stuff will break eventually.
I prefer bootable full system images to my NAS for easy restores, and online file backups, both running daily.
3-2-1 rule : 3 backups 2 different types of storage 1 copy off-site
And don’t forget to actually test your backups once in a while. It doesn’t count if you can’t use it.
Yup, I treat the ‘3’ as 3 copies of data, so the first copy is just my working system, and the other 2 are various backups.
I’ve been preaching about this for a while. Many modern systems are getting bitlocker turned on by default.
If your system gets messed up, or simply won’t start because of some security vendors bad update, goodbye data. You need the recovery key, and if you don’t have it, you’ll never see your bits the the correct order again.
Regarding your last sentence, something similar happened to me with OneDrive. I mocked people thinking surely they enabled something by mistake. Nope. The defaults and general behavior are just that wacky. Glad I’m off Microsoft now.
I mean you can write your Bitlocker key down and store it safely or put it somewhere else safe… Lol
The main problem here is Bitlocker is being turned on by default on fresh 24H2 installs, most people that don’t know how to bypass the online account requirement are making burner Microsoft accounts (Boomers), therefore do not know the credentials in 3-4 years when their computer needs a repair.
I got into coding in the last few days. I have a project. Bumping into this while I’m trying to learn this shit? Fuck me. You know, we could just stop using money
I can’t connect what you are saying into a coherent thread
No, we can’t. Otherwise how would people like Elon and Bezos know that they’re better than us?
/s
Their good looks, obviously
I’m not going to link shame.
You like what you like.
Hahahha
Alright, lol, I’ll be the guy
Hey OP, ever heard of Linux?
When I switched to a new CPU I got a bit locker message and it was one of my biggest computer scares ever. I couldn’t remember if the shop that assembled my pc would have enabled it or not. And wasn’t available to contact.
I had to take a risk. If I continued there was a 50 50 chance my shit would have been bricked. Thankfully. That shop had the foresight to NOT randomly enable features the client didn’t ask for
I ran into a similar problem after a bios update.
Turns out “this update may wipe out your bitlocker key” also means “if you don’t have bitlocker turned on, it’ll just wipe out your windows key.”
All in the name of national security *wink
they’ve been doing this for a long time. the issue you are having is the reason I keep bitlocker disabled on my desktop. on devices that can be stolen I still use it.
They also do spyware. They just renamed it “AI.”
and also Recall
Recall Rec all Record all, their not even being subtle about it anymore
My god it’s all true 🤯
Rectal is what it’s called I believe?
Microsoft Rectal
Can you remind me what that “recall” is?
It logs literally everything you do with screenshots, then sends it to M$ despite their assurances that it would be local only.
Super invasive!
Thanks, it was hard to recall
I’m not aware of them uploading the screenshotted data, not for now anyways.
The data is indexed and parsed somehow. The last report on it that I saw had a picture of a semi-famous person be properly indexed under the person’s name, despite it being a picture that was taken by the person talking about recall, which means the image was not public. Whatever recall was doing, it analyzed the picture, and that’s probably not a local process.
It takes a screenshot every five seconds and runs an LLM over it to extract text. Then there’s a UI where you can query it for what you did in the past.
It came under fire when they wanted to introduce it last year, because it stored all that data on your disk in unencrypted form. Meaning if anyone manages to run malicious code on your system, they don’t need to do the collecting themselves anymore, but can rather just send off any screenshotted passwords or whatever other secret things you might’ve been doing on your PC at any point in time. In particular, Microsoft had claimed that the data would be encrypted and it wasn’t. Didn’t even need special permissions to access it.
No idea, if they fixed the encryption now, or if this is just a case of the shitstorm having died down, so they roll it out now. But yeah, even with encryption, the implications aren’t great. If your parents or boss or law enforcement want to know what you were doing on your PC, they now have an exact history. And Microsoft could still change their mind and decide to upload all your data at any point in the future.
Doesn’t that take a ton of CPU/Memory?
Yeah, good question. I imagine the screenshotting itself is largely negligible, although obviously not free either. I don’t know when the LLM gets to do its job. Theoretically, it could be delayed until some point where there’s not much going on on your PC.
At some point, Microsoft wanted to roll out these AI features only on PCs which have an NPU, which is basically an additional CPU with a different architecture optimized for pattern recognition and such. I don’t know, if they still hold onto that requirement, but it would mean that it wouldn’t hog your CPU at least.
They have been somewhat desperate to roll out Recall, because it was the only semi-useful out of a handful of features that they came up with to somehow integrate AI into Windows. So, that’s why I’m never quite sure, what requirements they’re still holding onto.
https://en.wikipedia.org/wiki/Microsoft_Recall
Basically takes screenshots and stores them, then scans them and makes the text searchable. There’s been a bit of controversy over it lately and how it deals with PII/PHI.
Open your mind!
Did they change it from “telemetry” to AI now?
Unless the “telemetry” has been removed, shouldnt there be “added extra” instead of “renamed”?
Telemetry is exclusively for internal data collection and the inevitable sale of it. Recall is also for data collection but provides a user interface to access a slice of that data under the guise of the whole thing being a “feature”.
Telemetry isnt always collected to be sold. Open source projects often collect crash data to improve the software
Sure, but we’re talking about Microsoft here. When was the last time they actually improved any of their software?
They added windows explorer tabs a couple years ago. Does that count?
I think they renamed everything to copilot
Office365 is now Copilot 365
