this post was submitted on 23 Jan 2026
1288 points (99.6% liked)

Technology

79233 readers
3314 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
1288
Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects' laptops: Reports | TechCrunch (techcrunch.com)
submitted 2 days ago by commander@lemmy.world to c/technology@lemmy.world
211 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] kokesh@lemmy.world 87 points 2 days ago (2 children)

Yes. But this completely invalidates the encryption. If anyone can decrypt your data without you giving the keys to them, it is not really encrypted.

[–] Buelldozer@lemmy.today 22 points 2 days ago (2 children)

The encryption key is data, don't give it to ANYONE. "Two people can keep a secret if one of them is dead."

[–] goferking0 24 points 2 days ago

Which means it's useless if always uploaded to MS

[–] EncryptKeeper@lemmy.world 1 points 1 day ago (1 children)

You’re confusing two different things here, in a really weirdly obtuse way.

[–] Buelldozer@lemmy.today 0 points 1 day ago (1 children)

It may seem that way but I'm really not. An encryption key is just data. It's critical security data to be sure but it's still data and like other data you shouldn't share anything that you wouldn't want made public.

Don't want MS to cough up your data when asked? Then don't give it to them. In regards to your BL key that means storing it another way, such as on a jump drive or printing it out.

In the end if you have data of any type that you absolutely DO NOT want made public then you need to retain that data locally. If that means leaving the Microsoft or any other ecosystem then that's the price that needs paid for keeping your data under your control.

This is the foundation of the entire privacy movement.

[–] EncryptKeeper@lemmy.world 0 points 1 day ago* (last edited 1 day ago)

No, you really are. If you’re in control of an encryption key, then it’s perfectly fine to “give Microsoft your data” that’s encrypted by that key. An encryption key isn’t “just data”, it’s data that’s used to encrypt other data.

The problem here is not that Microsoft has access to your data, it’s that Microsoft has access to your encryption key.

[–] MrScottyTay@sh.itjust.works 3 points 2 days ago (5 children)

Its not anyone though. Not anyone can get a warrant and demand the keys

[–] jumping_redditor@sh.itjust.works 30 points 2 days ago (2 children)

if Microsoft has the power to give the keys to the feds what happens when Microsoft gets hacked?

[–] Tollana1234567@lemmy.today 5 points 2 days ago

or they give the keys or whatever data willingly, and then say they are hacked as an excuse.

[–] Corporal_Punishment@feddit.uk 3 points 1 day ago (1 children)

Wouldn't the hacker then need to track down your physical computer...steal it....use the bitlocker key....look to see if you actually have any data worth taking etc....?

[–] thethunderwolf@lemmy.dbzer0.com 1 points 1 day ago

Actually they'd probably set up a Bitlocker key shop on the dark web

[–] ech@lemmy.ca 16 points 2 days ago

Anyone as in "a single person". They don't mean everyone has access.

[–] EncryptKeeper@lemmy.world 6 points 1 day ago

Anyone included Microsoft. You’re thinking of the word “everyone”

[–] cley_faye@lemmy.world 12 points 2 days ago

Sure. It's not anyone. It's anyone that can get a warrant. Or anyone that have enough power/underhanded influence to ask them nicely. Or any admin that have access to cloud storage at MS (remember they where caught with some exec having full access to that a while ago). Or any big leak that could exfiltrate these data. And probably a handful of other people, like, someone getting access to your MS account for whatever reason (which kinda happen, seeing how people lose their mail account to phishing/scams all the time) suddenly having access to your keys from there.

If your keys are in a DB somewhere, there's a lot of way they could get out. Would these ways coincide with someone actually having your drive at hand? Probably not. Still, the key not existing in plaintext in some third party storage close all these holes.

[–] nutsack@lemmy.dbzer0.com 5 points 2 days ago* (last edited 2 days ago) (2 children)

what happens when fydor monikov the sleeper agent from the kgb working at the fbi gets a copy of these master keys

[–] DeathByBigSad@sh.itjust.works 4 points 1 day ago* (last edited 1 day ago)

KGB is inside the oval office 💀

(I mean they literally deported a Russian dissident back to russia... need say more?)

[–] French75@slrpnk.net 3 points 2 days ago (1 children)

Are they really sleepers any more?

[–] nutsack@lemmy.dbzer0.com 2 points 1 day ago* (last edited 1 day ago) (1 children)

Yes, according to whistleblowers from the CIA. Russia and China are regularly doing this

[–] French75@slrpnk.net 2 points 1 day ago

Just to clarify... my question wasn't "do sleepers exist" it was should we continue to call them sleepers when they have broad access to the administrative branch of the US government.