Microsoft has your Windows 10 encryption key

Topic

New Reply

From Slashdot:

[h=2]Microsoft Has Your Encryption Key If You Use Windows 10[/h]http://tech.slashdot.org/story/15/12/29/0212222/microsoft-has-your-encryption-key-if-you-use-windows-10

From the post:

An anonymous reader writes with this bit of news from the Intercept. If you login to Windows 10 using your Microsoft account, your computer automatically uploads a copy of your recovery key to a Microsoft servers. From the article: “The fact that new Windows devices require users to backup their recovery key on Microsoft’s servers is remarkably similar to a key escrow system, but with an important difference. Users can choose to delete recovery keys from their Microsoft accounts – something that people never had the option to do with the Clipper chip system. But they can only delete it after they’ve already uploaded it to the cloud…..As soon as your recovery key leaves your computer, you have no way of knowing its fate. A hacker could have already hacked your Microsoft account and can make a copy of your recovery key before you have time to delete it. Or Microsoft itself could get hacked, or could have hired a rogue employee with access to user data. Or a law enforcement or spy agency could send Microsoft a request for all data in your account, which would legally compel them to hand over your recovery key, which they could do even if the first thing you do after setting up your computer is delete it. As Matthew Green, professor of cryptography at Johns Hopkins University puts it, ‘Your computer is now only as secure as that database of keys held by Microsoft, which means it may be vulnerable to hackers, foreign governments, and people who can extort Microsoft employees.'”

Well, that’s a fine how-do-you-do!

Reply | Quote

Replies

You beat me to it, but here is the article:
Recently Bought a Windows Computer? Microsoft Probably Has Your Encryption Key
https://theintercept.com/2015/12/28/recently-bought-a-windows-computer-microsoft-probably-has-your-encryption-key/

For most users I don’t think this is a bad thing. I would never want an encryption I didn’t control. But how often have we had a OP post they forgot their Windows password and wanted to break it?

Reply | Quote

As happens from time to time, somebody has spotted a feature in Windows 10 that isn’t actually new and has largely denounced it as a great privacy violation.

If you have Windows 10 Home and want to encrypt your disk, but don’t want the recovery key to be stored in OneDrive, that’s OK; you can do it. Contrary to what The Intercept wrote, this doesn’t require a paid upgrade to Windows 10 Pro or Enterprise; Windows 10 Home can do it, too.

Microsoft may have your encryption key; here’s how to take it back

Reply | Quote

This is not new. I can verify that the encryption key for Surface Pro 3 with Windows 8.1 was stored in your Microsoft account.

Joe

--Joe

Reply | Quote

If you need maximum security (most people don’t, in my opinion), you could set up a local (non-Microsoft) account for your copy of Windows 10. And you could then set up your own encryption.

I wonder, if you set up a local account and your own encryption, would this prevent Microsoft from gathering all of the “telemetry” information?

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

Just one more reason to move on up to Linux.

Reply | Quote

It appears the naysayers outnumber those who post information of interest to Windows users. Just because “they know” doesn’t mean the rest of us aren’t interested.

Did the naysayers also go to Slashdot and TheIntercept and tell them about their “old news”? Probably not.

But that’s okay, the more you put it down, the more others want to know about it.

Reply | Quote

It appears the naysayers outnumber those who post information of interest to Windows users. Just because “they know” doesn’t mean the rest of us aren’t interested.

Did the naysayers also go to Slashdot and TheIntercept and tell them about their “old news”? Probably not.

But that’s okay, the more you put it down, the more others want to know about it.

You can believe what you want, no one stops you.

In what concerns me, I have a tendency to be demanding when evaluating the credibility of any given source. Now let’s consider this analysis from Paul Thurrott about the issue at hand:

”Inexplicably making news this week is a report in The Intercept which dredges up years-old information about Microsoft storing encryption keys in the cloud and presents it as something new. “ONE OF THE EXCELLENT FEATURES of new Windows devices is that disk encryption is built-in and turned on by default, protecting your data in case your device is lost or stolen,” Mr. Lee reports, incorrectly. (Disk encryption is not on by default, and is only available in Windows Pro or higher.) “

Hmmm… not being aware of what is available or not in the addressed Windows version, doesn’t give a lot of credibility to your source, does it? I would think it makes the source look like a fool, more interested in making headlines, than addressing actual issues…

“Less well-known is that, if you are like most users and login to Windows 10 using your Microsoft account, your computer automatically uploaded a copy of your recovery key–which can be used to unlock your encrypted disk–to Microsoft’s servers.” Frankly, I’m kind of embarrassed for this guy, so I’ll just leave it at this: The very notion that a hacker would both break into your Microsoft account (potentially bypassing the two-factor authentication Microsoft offers) and gain physical access to your PC is about as ludicrous as anything I’ve read on the Internet this year. And, yes, I’ve heard of the Kardashians.”

I think Paul has a point here, although I disagree a bit with his last statement. Anyone who would gain physical access to your computer and gain access to your account, could probably gain access to your Microsoft account, as well. It’s not that easy, and if you protect the account properly, highly unlikely, but I wouldn’t classify it as ludicrous. It would require a few harebrained moves, but it would be possible.

In any case, this is not only specific to Windows 10, as it was stated, but it can be avoided and even if not, successful exploits would require the confluence of multiple circumstances, not at all easy to achieve, especially if you are security conscious – as you probably are if you decided to use device encryption, which also requires specific hardware components.

Now, you can pay all the attention you want o TheIntercept, but if you are really interested in getting a full view, you will consider other reputed sources on Windows. That may be Thurrott himself, but also Peter Bright, from ArsTechnica, which wrote about it in 2013, and wrote about it again, commenting on TheIntercept report.

Now, you have enough information to make an informed decision, as others have. Please respect our own abilities to look up for correct, up to date, technically rigorous information, if you don’t mind. It’s really not about putting anything down, but showing it for what it really means.

Personally I doubt most regular users buy hardware that support TPM 2.0. Of those who do, how many are aware of what it allows? How many will use device encryption? How many advanced users will use it instead of resorting to BitLocker?

That report was meant to disseminate FUD, nothing else, IMHO.

Reply | Quote

“ONE OF THE EXCELLENT FEATURES of new Windows devices is that disk encryption is built-in and turned on by default, protecting your data in case your device is lost or stolen,” Mr. Lee reports, incorrectly. (Disk encryption is not on by default, and is only available in Windows Pro or higher.) “

I think Paul Thurrott is wrong on both these counts though, and therefore Mr. Lee reports this aspect correctly:

Device encryption is enabled by default in all editions including Home, on newer computers with Secure Boot, Trusted Platform Module and Connected Standby. This has been the case for more than two years since Windows 8.1, as confirmed by both those Ars Technica articles. Comments on Paul Thurrott’s article confirm that it applies to Surface 3 which comes with Home edition.

In my opinion, the only thing the original Interceptor article got wrong was saying that the only way for Home users to avoid the situation, if necessary, is to upgrade to Pro. But that has now been corrected with an addition: “Update: After this article was published, Ars Technica wrote about a method for preventing the recovery key you sent to Microsoft from being able to unlock your disk that doesn’t require upgrading from Windows Home to Pro or Enterprise.“

Reply | Quote

I think Paul Thurrott is wrong on both these counts though, and therefore Mr. Lee reports this aspect correctly:

Device encryption is enabled by default in all editions including Home, on newer computers with Secure Boot, Trusted Platform Module and Connected Standby. This has been the case for more than two years since Windows 8.1, as confirmed by both those Ars Technica articles. Comments on Paul Thurrott’s article confirm that it applies to Surface 3 which comes with Home edition.

In my opinion, the only thing the original Interceptor article got wrong was saying that the only way for Home users to avoid the situation, if necessary, is to upgrade to Pro. But that has now been corrected with an addition: “Update: After this article was published, Ars Technica wrote about a method for preventing the recovery key you sent to Microsoft from being able to unlock your disk that doesn’t require upgrading from Windows Home to Pro or Enterprise.“

Actually, the implication that this happens with Windows 10 (and is thus a new thing) is also wrong. His article is two years late.

Reply | Quote

Actually, the implication that this happens with Windows 10 (and is thus a new thing) is also wrong. His article is two years late.

And the “fix” is more than five years old: How to regenerate the BitLocker Numerical Recovery Password

It was more the anonymous SlashDot post which put the emphasis on Windows 10. The Intercept article did include, “Windows Home includes device encryption, which started to become available during Windows 8, …” and, “If you’re using a recent version of Windows, …”.

That original article still seems to be wrong though, where it says; “In order to generate a new disk encryption key, this time without giving a copy to Microsoft, you need decrypt your whole hard disk and then re-encrypt it, …”. The steps recommended by Ars Technica (the five-year-old fix above, minus step 4 if not on a domain) appear to be much quicker.

Reply | Quote

And the “fix” is more than five years old: How to regenerate the BitLocker Numerical Recovery Password

It was more the anonymous SlashDot post which put the emphasis on Windows 10. The Intercept article did include, “Windows Home includes device encryption, which started to become available during Windows 8, …” and, “If you’re using a recent version of Windows, …”.

That original article still seems to be wrong though, where it says; “In order to generate a new disk encryption key, this time without giving a copy to Microsoft, you need decrypt your whole hard disk and then re-encrypt it, …”. The steps recommended by Ars Technica (the five-year-old fix above, minus step 4 if not on a domain) appear to be much quicker.

I think it’s FUD spreading, to be honest, even with some facts undoubtedly true. I would also like to know how many tablets and laptops support the required TPM 2.0. I think I have had two, but they were both business class Toshiba tablet PC devices!

Reply | Quote

I think Paul Thurrott is wrong on both these counts though, and therefore Mr. Lee reports this aspect correctly:

Device encryption is enabled by default in all editions including Home, on newer computers with Secure Boot, Trusted Platform Module and Connected Standby. This has been the case for more than two years since Windows 8.1, as confirmed by both those Ars Technica articles. .[/I]“

And that implies M/B soldered Ram >> Likely not too many desk tops that would meet those requirements.
:cheers:

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

Update from ArsTechnica:

http://arstechnica.com/information-technology/2015/12/microsoft-may-have-your-encryption-key-heres-how-to-take-it-back/

Reply | Quote

Update from ArsTechnica:

http://arstechnica.com/information-technology/2015/12/microsoft-may-have-your-encryption-key-heres-how-to-take-it-back/

Posted here in post #3
:cheers:

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

My bad.

I only saw it today for the 1st time.

Reply | Quote

Bruce Schneier is also covering this…

Windows 10 Whole-Disk Encryption without Key Escrow

https://www.schneier.com/blog/archives/2016/01/windows_10_whol.html

Just because some folks think this is “old news” doesn’t mean it is not important.

Reply | Quote

Bruce Schneier is also covering this…

Windows 10 Whole-Disk Encryption without Key Escrow

https://www.schneier.com/blog/archives/2016/01/windows_10_whol.html

Just because some folks think this is “old news” doesn’t mean it is not important.

It’s actually interesting to read the comments, where there are many sensible opinions.

I would still like to know how many devices have hardware that supports TPM 2.0 (phones, tablets). I would be surprised if that number would even be relevant…

Reply | Quote

Bruce Schneier is also covering this…

Windows 10 Whole-Disk Encryption without Key Escrow

https://www.schneier.com/blog/archives/2016/01/windows_10_whol.html

Just because some folks think this is “old news” doesn’t mean it is not important.

Well, he provided a link to the original article, but hasn’t weighed in with an opinion as far as I can see.

In my opinion, the most pertinent comment there is:

“People like to get mad a Microsoft for some of the wrong reasons–when there are good reasons to get mad at them that get ignored. This feature improves security for the vast majority of people while protecting them from data loss. The average person’s “adversary” is a lost device. There are multiple ways for a person who does not want Microsoft to have their keys to work around the escrow, but they have to know to do it, just like they did before when they encrypted their drives manually.”

Reply | Quote

This was my favorite:
It is impossible to strike the chains from a slave
who admires the glitter and shine of decoration
added to their life. Once it becomes modish to
wear chains even the gullible among the free will
wish to have them.

You can gloss over this by calls to the convenience
of a corporate control over your life with a load
of rubbish about how wonderful it is but he fact
you surrendered your own ownership and control is
still plainly evident.

I hear that Google decided to censor an election
by eliminating matters of public record. That is a
clear sign of what surrender to a corporate entity
means.

Microsoft thinks you are too dumb to be allowed to
control your own property. You need to ponder that
for awhile before you start agreeing with them.

Reply | Quote