Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

No, bitlocker explicitly send the key to MS for non-domain systems - as such, I would guess it potentially still does for those on a domain too, it'd just be kept quieter.

http://windows.microsoft.com/en-us/windows-8/bitlocker-recov...

Bitlocker is not trustworthy as an overall method of FDE.



That's an optional feature -- it asks you if you want to backup your key to your online account.


So you know that if you click 'no', it definitely isn't sent anyway (perhaps with some "MS/NSA use only" bit set to distinguish it from user-accessible ones)?

Thought not.


You previously said it "definitely sends your recovery key to MS." Sounds like you don't actually mean that.

It's fine and perfectly reasonable not to trust closed-source code, but no reason to spread half-truths about it.


The very ability to send it to MS is worrying; doing it automatically is more so. If they were honest about the key, it'd say "put this on a flash drive/hardcopy in a safe deposit box".


Lift with your knees, not your back. Those goalposts are heavy.


You'd make an amazing PM.

"Hey, how should we deal with resetting people's passwords and keys when they forget them?"

"Tell them to get a safe deposit box"

"And when they're traveling or really need a report and the bank's closed?

"They shouldn't have lost their keys. Stupid lusers."


"We could just make it upload all the secret goodies to us for safe keeping."

"Hey, who are you and how did you get in this meeting?"

"I'm the new intern. From the CIA."

"Oh, okay, yeah, let's do that."


Your link says "There are several locations in which your BitLocker recovery key might have been saved." and then mentions "Your Microsoft account online.". Do you know under which conditions this happens?


At least when it is enabled in Windows 8 with a computer linked to a hotmail account, but I would never rule out other conditions too.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: