Windows 11 users reportedly losing data due to Microsoft's forced BitLocker encryption
www.neowin.net
Microsoft made a big change regarding BitLocker encryption on Windows 11 24H2 and apparently it is leading to users losing data.
  • Konala Koala@lemmy.worldEnglish
    10·
    6 days ago

    This is already looking like Microsuck is asking for a Windows 11/BitLocker based Class Action Lawsuit against them for this data lose blunder, and hopefully get their currently CEO fired.

  • Monstrosity@lemm.eeEnglish
    10·
    6 days ago

    Yes! This happened to me when I turned off the ‘safe boot’ on a laptop via BIOS. It locked me out but I had never agreed to install Bitlocker in the first place, let alone know what key I was supposed to have. It was a total loss & I had to wipe the drive.

    MS is hot trash.

    • Wispy2891@lemmy.worldEnglish
      3·
      6 days ago

      The decryption key is saved in the Microsoft account, the error message explains that

      I also almost got a panic attack when my Lenovo updated the bios and i was locked out

  • peetabix@sh.itjust.worksEnglish
    6·
    7 days ago

    I had a small Win11 machine that I now have Ubuntu on. Win11 wouldn’t let me use the whole disk because of the BitLocker bullshit. I had to dig through the menus and disable it then wait hours for it to finish decrypting. Fuck Microsoft. I’m proud to say me and my GF dont have a single Microsoft product in our home, and I’m keeping that way.

  • Psythik@lemm.eeEnglish
    4·
    7 days ago

    Since when is Bitlocker required? None of my files are encrypted, and I’ve been using 11 since it came out.

    • Synapse@lemmy.worldEnglish
      7·
      7 days ago

      Bitlocker encrypts your drive, not single files. Once the computer is booted up, it’s completely transparent to the user.

      • Psythik@lemm.eeEnglish
        2·
        6 days ago

        But my PC doesn’t even have a password. So how can my files be encrypted? I thought a password was manditory for file encryption to work.

        • Synapse@lemmy.worldEnglish
          2·
          6 days ago

          You probably haven’t activate Bitlocker. Up until now it was optional with Windows. I would argue it isn’t necessary for a desktop computer at home, but you should seriously consider activating disk encryption for a laptop.

    • WordBox@lemmy.worldEnglish
      6·
      7 days ago

      Every retail PC I’ve seen with win11 has bitlocker enabled. Screwed one over as they forgot their password…

    • Wispy2891@lemmy.worldEnglish
      3·
      6 days ago

      It automatically encrypts the drive only if admin has a Microsoft account (to backup the key on their cloud servers for easier LEO access data recovery) and the PC is a prebuilt

      If one of the condition is not met, the automatic ransomware isn’t enabled

    • j0ester@lemmy.worldEnglish
      2·
      6 days ago

      Did you use Rufus? You can bypass Bitlocker. Or your machine does not have TPM 2.0 (which you can also bypass)…?

  • L3ft_F13ld!@lemmy.dbzer0.comEnglish
    103·
    8 days ago

    Surprise, surprise.

    Forcing security measures onto someone who doesn’t understand them or know how to recover their data if something goes wrong is a bad idea.

  • Landless2029@lemmy.worldEnglish
    752·
    8 days ago

    Fix that title gore please

    Windows 11 users reportedly losing data due to Microsoft’s forcedWindows 11 users reportedly losing data due to Microsoft’s forced BitLocker encryption

    • ogeist@lemmy.worldEnglish
      102·
      8 days ago

      Nailed it, that is how ransomware works.

      in Italian gangster voice “Hey Buddy, give me your information, fair price for security, eh?, What? Do you not trust me? Buddy, you may lose your information, we wouldn’t want that, right?, just make an account I’ll handle the rest”

  • Rooki@lemmy.worldEnglish
    413·
    8 days ago

    Yeah it can happen, when you force people without their consent encrypting their data.

    • cy_narrator@discuss.tchncs.deEnglish
      2·
      4 days ago

      Forcing people is one thing, not telling them its a thing is completely different. Most Windows users dont even know their Windows has bitlocker enabled and those keys are out of their sight

      • Object@sh.itjust.worksEnglish
        231·
        8 days ago

        One major difference is that it is so much easier to lock yourself out of the desktop TPM chip compared to mobile device security chips because they’re not tightly coupled.

        • acosmichippo@lemmy.worldEnglish
          2·
          8 days ago

          and phones make you use your unlock pin often, so people are forced to remember it. on the other hand windows lets you use a short pin instead of your full account password pretty much forever which results in people forgetting the password completely.

          • Rooki@lemmy.worldEnglish
            21·
            8 days ago

            That isnt even the part it is encrypted, the TPM encryption is either “Automatic” or over a password (any length) on startup so far i know it from my work with Bitlocker (tpm 2.0) on windows 10. Idk if this is different on windows 11.

      • surewhynotlem@lemmy.worldEnglish
        101·
        8 days ago

        Huh … I never noticed. Probably because my phone OS never failed to boot, requiring me to pull data off the HDD directly.

      • OfficerBribe@lemm.eeEnglish
        3·
        8 days ago

        Android I think just uses same credentials you use to unlock account, at least I am not aware of any recovery key. And you are prompted for credentials from time to time so it is harder to forget. I use fingerprint as main unlock + pattern and I have to enter pattern roughly once a week I think.

        On Windows if you set up Windows Hello (fingerprint or PIN usually), you are not reminded to enter password afterwards so eventually you can forget it. And if you do not know your password and cannot recover account, you will not be able to retrieve BitLocker recovery key. So fix to this problem could be another annoyance to users if it would be implemented as Android does it.

      • Rooki@lemmy.worldEnglish
        21·
        8 days ago

        The only phone manufacture that does that is Google with pixel. Any other phone is for my knowledge either “weakly” encrypted or not at all.

        Still your Mobile OS isnt just upgrading and encrypting your SD card and main drive. Thats the point.

        • InnerScientist@lemmy.worldEnglish
          2·
          7 days ago

          All devices launching with Android 10 and higher are required to use file-based encryption.

          To use the AOSP implementation of FBE securely, a device needs to meet the following dependencies:

          • Kernel Support for Ext4 encryption or F2FS encryption.
          • Keymaster Support with HAL version 1.0 or higher. There is no support for Keymaster 0.3 as that does not provide the necessary capabilities or assure sufficient protection for encryption keys.   

          • Keymaster/Keystore and Gatekeeper must be implemented in a Trusted Execution Environment (TEE) to provide protection for the DE keys so that an unauthorized OS (custom OS flashed onto the device) cannot simply request the DE keys.
          • Hardware Root of Trust and Verified Boot bound to the Keymaster initialization is required to ensure that DE keys are not accessible by an unauthorized operating system.

          https://source.android.com/docs/security/features/encryption/file-based?hl=en

      • Lembot_0002@lemm.eeEnglish
        424·
        8 days ago

        Most people don’t have anything of importance on their phones. And the tuning options are almost absent on phones, so it is less problematic bug-wise.

      • IMALlama@lemmy.worldEnglish
        101·
        7 days ago

        Clearly you’ve never used a Mac. It wasn’t until 2024 that you could snap windows, they have a built in dark mode but the word processor that ships with their computer requires you to use a dark page template if you want black background/white text, and lord forgive you if you want to take a screenshot.

        • brbposting@sh.itjust.worksEnglish
          2·
          6 days ago

          I think the vibe is kind of “works for grandma out of the box“, “someone in the small-but-mighty dev community made an [open-source] app for that”

          Yeah frustrates me too but seeing it as a kind of culture would probably help me be less frustrated

          Then Apple gets tiny bits of occasional flak for Sherlocking

          • IMALlama@lemmy.worldEnglish
            2·
            6 days ago

            Apple is almost the tale of two companies.

            From the software usability perspective, they have the “it just works” reputation and that might be true if you’re doing really basic stuff. I’ve found both windows and Linux to be much more user friendly if you want to do mildly advanced things.

            Their hardware is generally pretty solid but comes at a premium, especially once you start talking about increasing RAM/SSD capacity. I have both a MacBook pro M3 pro and a Snapdragon X Elite Lenovo Yoga slim 7x. The 7x can give great battery life, but is much more inconsistent in doing so. On the other hand, the 7x has an amszing 3k OLED screen, has a removable m3 SSD, and you can upgrade to 32 GB of RAM for around $100.

            What I find interesting is that a large swath of developers have macs. I get it for some use cases (ARM emulation on ARM vs doing it on x86), but it seems like it’s a bit of a status symbol for others.