1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Microsoft criticised over Windows 10 encryption key upload

Discussion in 'Article Discussion' started by Gareth Halfacree, 30 Dec 2015.

  1. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    10,301
    Likes Received:
    686
  2. Dave Lister

    Dave Lister Member

    Joined:
    1 Sep 2009
    Posts:
    848
    Likes Received:
    6
    So it's not a back door exactly, more like somebody leaving the front door key under the mat ? I really hope that developers switch to Vulkan over DX12 so I can game in full modern glory on either my current win7 system or switch to linux.

    With all MS' wealth why is it so difficult for them to say no to western governments requests for easy access to data?? It is now becoming clearer why MS is giving away win10 for free for anyone with a PC capable of running a modern OS.
     
  3. GoodBytes

    GoodBytes How many wifi's does it have?

    Joined:
    20 Jan 2007
    Posts:
    12,300
    Likes Received:
    709
    This is a no issue. You need to have the computer to decrypt the data. That is like finding a key on the street. It's worthless, you don't know which doors it is for.

    Click-bait article
     
  4. GoodBytes

    GoodBytes How many wifi's does it have?

    Joined:
    20 Jan 2007
    Posts:
    12,300
    Likes Received:
    709
    In the recent years, Microsoft has been fighting against the government. If the government has a warrant, Microsoft is super fast at delivering the information requested. However, no warrant, and Microsoft is fighting the government. And I mean complete with full data transfer to another country, making U.S government life not only a pain to get (not to mention that Microsoft can also move it again), but sometimes impossible.

    Since then, Azure platform has been booming with companies switching over to Microsoft offering over Amazon.
     
  5. Dave Lister

    Dave Lister Member

    Joined:
    1 Sep 2009
    Posts:
    848
    Likes Received:
    6
    GoodBytes = Fair enough, it just seems like I have never seen anything positive about windows since windows 7 especially regarding user security.
    I'd still prefer to use Linux as my everyday OS though, perhaps dual booting with windows 7. So my fingers are crossed that Vulkan really twists the knife into Windows and DX12.
     
  6. Anfield

    Anfield Well-Known Member

    Joined:
    15 Jan 2010
    Posts:
    3,519
    Likes Received:
    143
    Windows is used by over a billion people, if even just 1% of them would be idiots (and the percentage is obviously far higher) that equals millions of potential lawsuits if people can't access their data any more as they didn't realize they needed to keep the key somewhere...

    So the only options where:

    No encryption by default
    Microsoft keeps a backup of the key
     
  7. Corky42

    Corky42 What did walle eat for breakfast?

    Joined:
    30 Oct 2012
    Posts:
    8,300
    Likes Received:
    174
    I'm not sure anyone's said it's an issue, although the potential for it becoming one is huge, and putting my tin foil hat on you could be giving governments the key to unlock your device.

    Your analogy of finding a key on the street is a rubbish one, the key Microsoft stores without your consent is linked to the device, it's like a company storing the spare key for every lock in case the person who owns the lock loses the original.

    Maybe you need to read the linked article on the Intercept that Gareth provided, either that or read up on what key escrow is.
     
  8. edzieba

    edzieba Virtual Realist

    Joined:
    14 Jan 2009
    Posts:
    2,340
    Likes Received:
    109
    As explained on Ars, this will only be affecting those who would otherwise have an unencrypted drive (i.e. in the 'key under the doormat' analogy, the previous state would be 'user does not have a door'), and can be disabled fairly easily.
    In this case, someone has discovered a two-year-old feature, and misconstrued it rather dramatically. This reflects very poorly on The Intercept.
     
  9. Jimbob

    Jimbob New Member

    Joined:
    2 Jul 2009
    Posts:
    189
    Likes Received:
    1
    I found this out months ago and glad I did, bit locker on my Asus tablet went nuts (every time I rebooted the tablet it said it needed the unlock key) without being able to log on to my account to retrieve I'd have lost all my stuff.

    Don't forget you also need the users MS account username and password plus physical access to the device, plus it asks a security question.

    This is really a very non issue.
     
  10. Corky42

    Corky42 What did walle eat for breakfast?

    Joined:
    30 Oct 2012
    Posts:
    8,300
    Likes Received:
    174
    As with most analogies they only provide a very rough idea of what's going on, they don't provide a detailed explanation and on this i feel Ars has done its readers a disservice.

    The problem (IMO) is that it may provide people with a false sense of security, when enabling devices encryption you would expect to be asked if you wanted to store you decryption key on the Microsoft servers, the problem is, like most of Microsoft's decisions of late, is that they actively opt user into features that put their privacy and security at a potential risk.

    I'm not saying features like automatic device encryption and backing up the key to Microsoft servers is a bad thing, but that should be an active choice made by the user and not something that Microsoft assumes everyone wants.

    I could be wrong but didn't the hardware requirements change for Windows 10? in effect forcing some, if not all hardware required to automatically enabled the feature.
     
  11. Isitari

    Isitari Member

    Joined:
    6 May 2009
    Posts:
    319
    Likes Received:
    15
  12. Corky42

    Corky42 What did walle eat for breakfast?

    Joined:
    30 Oct 2012
    Posts:
    8,300
    Likes Received:
    174
    This line in the register article that Isitari posted sums it up for me..

    From my understanding it seems like a clash of cultures as i believe Americans are used to automatically being opted into everything and having to opt out afterwards if they choose to, whereas the rest of the world, particularly European countries, have a culture of automatically assuming an opted out default and letting people choose to opt into something should they wish, or at least actively asking the user.
     
  13. Nexxo

    Nexxo Bargaining chip

    Joined:
    23 Oct 2001
    Posts:
    32,791
    Likes Received:
    1,092
    Not just that: most people are muggles. Their experience of an OS on their PC is like the wheels on their car: they understand it's essential to making the contraption go, but they wouldn't know how to change one.

    So muggles want an OS install and upgrade to be one-click easy. They certainly don't want to be confronted with a lot of technical questions on whether they want to opt in on certain features or opt out on them, only to find out much later in a state of crisis of their PC having gone down in flames with all their stuff on it, that they possibly made a wrong choice because they didn't really understand the technical question.

    Nope, muggles want Microsoft to know on their behalf what features they need. They want Microsoft to answer the hard technical questions for them, like they expect their car to come with a service plan and a roadside assistance scheme that will change the tire for them.

    This annoys geeks like us, who buy cars knowing how to change the oil, gap the spark plugs and change the tires, and buy PCs (or rather, their constituent components) knowing how to do a fine-grained OS install. We worry about security features because we understand their limitations. But muggles just want stuff to work, and don't care about the technology. Ownership means a very different thing to them than to us.
     
  14. Corky42

    Corky42 What did walle eat for breakfast?

    Joined:
    30 Oct 2012
    Posts:
    8,300
    Likes Received:
    174
    That's all well and good but as the author of the register article put it "if Microsoft was a little more upfront with people, and made it a clear option during installation or during the first boot, this wouldn't be such a shock"

    If Apple users are given that option what so different with Windows users (re:Encrypting the drive), automatically enrolling people into things they may not want or puts them at risk is a very questionable tactic, so much so that banks have been paying out millions because they automatically enrolled people into PPI, I've got nothing against presenting people with a default option and letting them choose to either keep it or not, but to do it automatically for them is plain wrong.

    EDIT: We all know most people just click next, next, next, and for those people the default options would be chosen, if they didn't like what was chosen for them then they only have themselves to blame and not Microsoft as it was a choice they made, we don't like it if when some software installs all sorts of toolbars and other PUP's without any warning so what make Microsoft think we would like it when they do a *similar thing?

    Similar in that it's making a choice on our behalf.
     
    Last edited: 30 Dec 2015
  15. Phil Rhodes

    Phil Rhodes Hypernobber

    Joined:
    27 Jul 2006
    Posts:
    1,415
    Likes Received:
    10
    I'm more worried about the encryption being on by default. In my experience, it's much more likely that some fault with it will render the drive unreadable, rather than some shadowy government organisation wanting your data. The last thing I want is another reason why I might not be able to get at my files.
     
  16. David

    David RIP Tel

    Joined:
    7 Apr 2009
    Posts:
    12,304
    Likes Received:
    1,619
    Uninstall / disable Onedrive.

    clicky
     
  17. David

    David RIP Tel

    Joined:
    7 Apr 2009
    Posts:
    12,304
    Likes Received:
    1,619
    Lovely. Another reason to dislike Win10.
     
  18. creative

    creative 500rwhp

    Joined:
    23 May 2014
    Posts:
    394
    Likes Received:
    13
    I did not know this. Why on earth is MS putting something back on that I have removed? (just checked, its there) I was almost ready to put W10 on my gaming rig but this will not be happening 100% now.
     
  19. Big_malc

    Big_malc Well-Known Member

    Joined:
    7 Sep 2010
    Posts:
    1,597
    Likes Received:
    77
    Anyone else been using Spybot anti-Beacon to block services and some group policies ?
     
  20. creative

    creative 500rwhp

    Joined:
    23 May 2014
    Posts:
    394
    Likes Received:
    13
    yep. works as it should for me.
     

Share This Page