Recently bought a Windows computer? Microsoft probably has your encryption key

Discussion in 'Technical' started by melbo, Jan 18, 2016.


Tags:
  1. melbo

    melbo Hunter Gatherer Administrator Founding Member

    ONE OF THE EXCELLENT FEATURES of new Windows devices is that disk encryption is built-in and turned on by default, protecting your data in case your device is lost or stolen. But what is less well-known is that, if you are like most users and login to Windows 10 using your Microsoft account, your computer automatically uploaded a copy of your recovery key — which can be used to unlock your encrypted disk — to Microsoft’s servers, probably without your knowledge and without an option to opt out.

    During the “crypto wars” of the ’90s, the National Security Agency developed an encryption backdoor technology — endorsed and promoted by the Clinton administration — called the Clipper chip, which it hoped telecom companies would use to sell backdoored crypto phones. Essentially, every phone with a Clipper chip would come with an encryption key, but the government would also get a copy of that key — this is known as key escrow — with the promise to only use it in response to a valid warrant. But due to public outcry and the availability of encryption tools like PGP, which the government didn’t control, the Clipper chip program ceased to be relevant by 1996. (Today, most phone calls still aren’t encrypted. You can use the free, open source, backdoorless Signal app to make encrypted calls.)

    The fact that new Windows devices require users to backup their recovery key on Microsoft’s servers is remarkably similar to a key escrow system, but with an important difference. Users can choose to delete recovery keys from their Microsoft accounts (you can skip to the bottom of this article to learn how) — something that people never had the option to do with the Clipper chip system. But they can only delete it after they’ve already uploaded it to the cloud.

    -Micah Lee

    Read the rest: Recently Bought a Windows Computer? Microsoft Probably Has Your Encryption Key
     
    melbo, Jan 18, 2016
    #1
  2. runswithdogs

    runswithdogs Monkey+++

    Fat lotta good it would do them... I Killed 6 PC's in 11 years... They hate me.. One even committed suicide a week after I got it and set itself on fire.

    Macs for me now... at least they dont try to burn down the house....
     
    runswithdogs, Jan 18, 2016
    #2
    AD1, chelloveck and Motomom34 like this.
  3. oldawg

    oldawg Monkey+++

    [LMAO] DANG!! That's some SERIOUS overclocking !!
     
    oldawg, Jan 18, 2016
    #3
    Brokor and chelloveck like this.
  4. kellory

    kellory An unemployed Jester, is nobody's fool. Banned

    That's what happens when you use "Tinder" as your home page.....:rolleyes:
     
    kellory, Jan 18, 2016
    #4
    Brokor, AD1 and chelloveck like this.
  5. runswithdogs

    runswithdogs Monkey+++

    Heheh
    I actually got banned from working as a cashier at one place i worked.. Not my department but somebody called in sick & they thought getting me to help out at the tills was a good idea...
    15 minutes in and my till went on strike, transferred to another..... after the 3rd one did the same they decided that may have been a mistake...
    They had to work with 2 tills for the rest of the day until they could get someone in to fix them all....:ROFLMAO::ROFLMAO::ROFLMAO:
     
    runswithdogs, Jan 18, 2016
    #5
    oldawg, kellory and chelloveck like this.
  6. DarkLight

    DarkLight Live Long and Prosper - On Hiatus

    One key here is that it cannot upload your encryption key if you do not use a Microsoft enabled/tied email address as your login. If you use a local account, it doesn't upload any key as the upload is tied to the OneDrive system. I've read a number of articles by folks who also post the "Don't install this update" lists, and they all say that it doesn't just upload to MS, it uploads to your OneDrive.

    That having been said, MS is doing a lot of hinky stuff outside of the encryption key business.

    I wonder if there would be a business model where you "pay" for an association with an entity which then allows you to install the Enterprise version of Windows 10. The "dues" would be the cost of the OS you are running plus a very nominal fee to cover annual bandwidth usage for updates. The reason this would matter is that the Enterprise version of Windows 10 has the ability to completely (so far) turn off all of the telemetry gathering as well as point to a WSUS update server that can further limit which updates get installed.

    It would give you the chance to turn off all the gathering and then update from a trusted source (gotta be able to be trusted) that wouldn't enable/install/push all the crap to your machine.

    @melbo - you think we could get set up to get an ELA with Microsoft? That's the only way to get Enterprise at this time. Bet quite a few people would take you up on it. I've got MSDN and TechNet both so I'm covered but I know a bunch of people aren't, and they aren't happy with being spied on either.
     
    DarkLight, Jan 18, 2016
    #6
  7. kellory

    kellory An unemployed Jester, is nobody's fool. Banned

    I don't like even GPS knowing where I am.....:cautious:
     
    kellory, Jan 18, 2016
    #7
  8. BTPost

    BTPost Stumpy Old Fart,Deadman Walking, Snow Monkey Moderator

    Kell, GPS does NOT know where YOU ARE, It only knows where IT IS.... Now if you chose to keep GPS with YOU, that is A Personal Issue.....
     
    BTPost, Jan 18, 2016
    #8
    AD1 likes this.
  9. kellory

    kellory An unemployed Jester, is nobody's fool. Banned

    Two blonds are walking down the road. One finds a mirror and picks it up. "Looks familiar," she says. The second blond takes a look, and says " it's me silly!" "I thought she looked familiar...."

    For me to know what the GPS reports, it requires observation, therefore, it knows where I am.
     
    Last edited: Jan 18, 2016
    kellory, Jan 18, 2016
    #9
  10. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Not sure. We run Enterprise level at work (and use all of MS one drive stuff too)
     
    melbo, Jan 18, 2016
    #10
  11. ghrit

    ghrit Bad company Administrator Founding Member

    So leave it home. Therefore, it thinks it knows where you are. Or, get a unit that isn't your cell phone.
     
    ghrit, Jan 18, 2016
    #11
    BTPost likes this.
  12. VisuTrac

    VisuTrac Ваша мать носит военные ботинки Site Supporter+++

    Yep, mining BitCoin was a hardware killer!
     
    VisuTrac, Jan 18, 2016
    #12
  13. kellory

    kellory An unemployed Jester, is nobody's fool. Banned

    I do both. I have one (not my cell, I leave at home) and one that is my cell, that comes with me......you think they are in cahoots?o_O:cautious:
     
    kellory, Jan 18, 2016
    #13
  14. ghrit

    ghrit Bad company Administrator Founding Member

    No. However, your usual propensity for complete, highly detailed argumentative answers is notably missing at least half the story from post #9. o_O
     
    ghrit, Jan 18, 2016
    #14
    Brokor, stg58 and BTPost like this.
  15. kellory

    kellory An unemployed Jester, is nobody's fool. Banned

    Really? In what way?....:rolleyes:
     
    kellory, Jan 18, 2016
    #15
  16. BTPost

    BTPost Stumpy Old Fart,Deadman Walking, Snow Monkey Moderator

    I have a GPS that reports where it is... Over my Network... It knows where IT is, to the nearest 10 Centimeter.... When I do Post-Processing of Field GPS Datapoint Work, I use that GPS's Data to correct my Field Data, and I get .25 Meter Resolution... I can access this GPS thru my VPN, from anywhere in the World... Therefore what I stated is true.... GPS only knows where IT IS, and it can only Report those Facts.... It has NO IDEA where I am, and doesn't really Care, either...
     
    BTPost, Jan 18, 2016
    #16
  17. kellory

    kellory An unemployed Jester, is nobody's fool. Banned

    Sometimes, you really have no sense of humor.....:rolleyes::p
     
    kellory, Jan 18, 2016
    #17
  1. sec_monkey
    Thread

    HP laptop battery recall

    HP Recalls 50,000 Lithium-Ion Laptop Batteries Over Fire Risk The recall affects batteries sold with, or as accessories for, the following...
    Thread by: sec_monkey, Jan 5, 2018, 2 replies, in forum: Technical
  2. 3M-TA3
    Thread

    EVERY Wireless Network Vulnerable!

    Fundamental flaw in WPA/WPA2 handshake...:eek::eek::eek::eek::eek: Time to pull the rest on my CAT6 Every Wi-Fi network at risk of unprecedented...
    Thread by: 3M-TA3, Oct 16, 2017, 24 replies, in forum: Technical
  3. Yard Dart
    Thread

    ShotSpotter

    There’s a secret technology in 90 US cities that listens for gunfire 24/7 [IMG] Terrell Ortiz was sitting in the passenger seat of his white...
    Thread by: Yard Dart, Oct 10, 2017, 20 replies, in forum: General Discussion
  4. Motomom34
    Thread

    Tech Q’s on computers/phones plus e-mails and text

    @DarkLight started a thread on tech security but I often see people, posting for help in the shoutbox over my computer is doing XX. We have an...
    Thread by: Motomom34, Aug 11, 2016, 12 replies, in forum: Technical
  5. DarkLight
    Thread

    Security

    Numerous times since I joined the forum we have had questions and resulting threads show up about security in many different forms. While I'm not...
    Thread by: DarkLight, Jul 3, 2016, 34 replies, in forum: Technical
  6. Motomom34
    Thread

    Spying with Apple devices

    I need tech help. I saw this done. Really cool [MEDIA] If you own Apple products or similar products maybe you can help. The reason this would...
    Thread by: Motomom34, Mar 16, 2016, 8 replies, in forum: Technical
  7. sec_monkey
    Thread

    monkeys beware. cross-platform Java malware

    Criminal gangs in Brazil are experimenting with the first malware families that are packaged as JAR files, capable of being deployed to Windows,...
    Thread by: sec_monkey, Mar 8, 2016, 5 replies, in forum: Technical
  8. sec_monkey
    Thread

    Apple users beware

    Apple users were targeted in the first known Mac ransomware campaign. Hackers targeted Transmission, which is one of the most popular Mac...
    Thread by: sec_monkey, Mar 7, 2016, 2 replies, in forum: Technical
  9. sec_monkey
    Thread

    monkeys beware font vulnerabilities in several apps

    monkeys beware font vulnerabilities have been discovered in several apps. please update your apps and software, fix should be available in the...
    Thread by: sec_monkey, Feb 15, 2016, 5 replies, in forum: Technical
  10. melbo
    Thread

    Network cable heat shrink labels

    Anyone have one of these printers? I want to label some things in my network cabinet and only need 10 or so printed. [ATTACH]
    Thread by: melbo, Jan 17, 2016, 22 replies, in forum: Technical
  11. sec_monkey
    Thread

    Monkeys beware Critical vulnerability in XZERES 442SR wind turbines

    A critical vulnerability (score 9.8 out of 10) has been discovered in Internet-enabled XZERES 442SR wind turbines. XZERES 442SR Wind Turbine...
    Thread by: sec_monkey, Dec 9, 2015, 0 replies, in forum: Off Grid Living
  12. sec_monkey
    Thread

    Monkeys beware Millions of Smart TVs, Phones and Routers At Risk

    Adding fuel to the growing concern over how manufacturers of devices such as routers and smart TVs deal with security vulnerabilities that emerge...
    Thread by: sec_monkey, Dec 5, 2015, 12 replies, in forum: Technical
  13. sec_monkey
    Thread

    Monkeys Beware: New zero-day exploit hits fully patched Adobe Flash

    New zero-day exploit hits fully patched Adobe Flash | Ars Technica best solution uninstall Adobe Flash 2nd best solution disable Adobe Flash or...
    Thread by: sec_monkey, Oct 14, 2015, 6 replies, in forum: Technical
  14. Brokor
    Thread

    LOGIN SOUND: Linux/Win (Star Wars) "What if..." MP3

    Linux users: Open in Audacity and export as .OGG file, change extension to .OGA or just use as is. Basically, no problem. Windows users: Pay some...
    Thread by: Brokor, Aug 27, 2015, 6 replies, in forum: Technical
survivalmonkey SSL seal        survivalmonkey.com warrant canary
17282WuJHksJ9798f34razfKbPATqTq9E7