Posted on 12/29/2015 8:57:57 AM PST by zeugma
One of the excellent features of new Windows devices is that disk encryption is built-in and turned on by default, protecting your data in case your device is lost or stolen. But what is less well-known is that, if you are like most users and login to Windows 10 using your Microsoft account, your computer automatically uploaded a copy of your recovery key - which can be used to unlock your encrypted disk - to Microsoft's servers, probably without your knowledge and without an option to opt-out.
During the "crypto wars" of the nineties, the National Security Agency developed an encryption backdoor technology - endorsed and promoted by the Clinton administration - called the Clipper chip, which they hoped telecom companies would use to sell backdoored crypto phones. Essentially, every phone with a Clipper chip would come with an encryption key, but the government would also get a copy of that key - this is known as key escrow - with the promise to only use it in response to a valid warrant. But due to public outcry and the availability of encryption tools like PGP, which the government didn't control, the Clipper chip program ceased to be relevant by 1996. (Today, most phone calls still aren't encrypted. You can use the free, open source, backdoorless Signal app to make encrypted calls.)
The fact that new Windows devices require users to backup their recovery key on Microsoft's servers is remarkably similar to a key escrow system, but with an important difference. Users can choose to delete recovery keys from their Microsoft accounts (you can skip to the bottom of this article to learn how) - something that people never had the option to do with the Clipper chip system. But they can only delete it after they've already uploaded it to the cloud.
"The gold standard in disk encryption is end-to-end encryption, where only you can unlock your disk. This is what most companies use, and it seems to work well," says Matthew Green, professor of cryptography at Johns Hopkins University. "There are certainly cases where it's helpful to have a backup of your key or password. In those cases you might opt in to have a company store that information. But handing your keys to a company like Microsoft fundamentally changes the security properties of a disk encryption system."
As soon as your recovery key leaves your computer, you have no way of knowing its fate. A hacker could have already hacked your Microsoft account and can make a copy of your recovery key before you have time to delete it. Or Microsoft itself could get hacked, or could have hired a rogue employee with access to user data. Or a law enforcement or spy agency could send Microsoft a request for all data in your account, which would legally compel them to hand over your recovery key, which they could do even if the first thing you do after setting up your computer is delete it.
As Green puts it, "Your computer is now only as secure as that database of keys held by Microsoft, which means it may be vulnerable to hackers, foreign governments, and people who can extort Microsoft employees."
Of course, keeping a backup of your recovery key in your Microsoft account is genuinely useful for probably the majority of Windows users, which is why Microsoft designed the encryption scheme, known as "device encryption," this way. If something goes wrong and your encrypted Windows computer breaks, you're going to need this recovery key to gain access to any of your files. Microsoft would rather give their customers crippled disk encryption than risk their data.
"When a device goes into recovery mode, and the user doesn't have access to the recovery key, the data on the drive will become permanently inaccessible. Based on the possibility of this outcome and a broad survey of customer feedback we chose to automatically backup the user recovery key," a Microsoft spokesperson told me. "The recovery key requires physical access to the user device and is not useful without it."
After you finish setting up your Windows computer, you can login to your Microsoft account and delete the recovery key. Is this secure enough? "If Microsoft doesn't keep backups, maybe," says Green. "But it's hard to guarantee that. And for people who aren't aware of the risk, opt-out seems risky."
This policy is in stark contract to Microsoft's major competitor, Apple. New Macs also ship with built-in and default disk encryption: a technology known as FileVault. Like Microsoft, Apple lets you store a backup of your recovery key in your iCloud account. But in Apple's case, it's an option. When you set up a Mac for the first time, you can uncheck a box if you don't want to send your key to Apple's servers.
This policy is also in contrast to Microsoft's premium disk encryption product called BitLocker, which isn't the same thing as what Microsoft refers to as device encryption. When you turn on BitLocker you're forced to make a backup of your recovery key, but you get three options: Save it in your Microsoft account, save it to a USB stick, or print it.
To fully understand the different disk encryption features that Windows offers, you need to know some Microsoft jargon. Windows comes in different editions: Home (the cheapest), Pro, and Enterprise (more expensive). Windows Home includes device encryption, which started to become available during Windows 8, and requires your computer to have a tamper-resistant chip that stores encryption keys, something all new PCs come with. Pro and Enterprise both include device encryption, and they also include BitLocker, which started to become available during Windows Vista, but only for the premium editions. Under the hood, device encryption and BitLocker are the same thing. The difference is there's only one way to use device encryption, but BitLocker is configurable.
If you're using a recent version of Windows, and your computer has the encryption chip, and if you have a Microsoft account, your disk will automatically get encrypted, and your recovery key will get sent to Microsoft. If you login to Windows using your company's or university's Windows domain, then your recovery key will get sent to a server controlled by your company or university instead of Microsoft - but still, you can't prevent device encryption from sending your recovery key. If you choose to not use a Microsoft or a domain account at all and instead create a "local only" account, then you don't get disk encryption.
BitLocker, on the other hand, gives you more control. When you turn on BitLocker you get the choice to store your recovery key locally, among other options. But if you buy a new Windows device, even if it supports BitLocker, you'll be using device encryption when you first set it up, and you'll automatically send your recovery key to Microsoft.
In short, there is no way to prevent a new Windows device from uploading your recovery key the first time you log in to to your Microsoft account, even if you have a Pro or Enterprise edition of Windows. And this is worse than just Microsoft choosing an insecure default option. Windows Home users don't get the choice to not upload their recovery key at all. And while Windows Pro and Enterprise users do get the choice (because they can use BitLocker), they can't exercise that choice until after they've already uploaded their recovery key to Microsoft's servers.
Go to this website and log in to your Microsoft account - this will be the same username and password that you use to log in to your Windows device. Once you're in, it will show you a list of recovery keys backed up to your account.
If any of your Windows devices are listed, this means that Microsoft, or anyone that manages to access data in your Microsoft account, is technically able to unlock your encrypted disk, without your consent, as long as they physically have your computer. You can go ahead and delete your recovery key on this page - but you may want to back it up locally first, for example by writing it down on a piece of paper that you keep somewhere safe.
If you don't see any recovery keys, then you either don't have an encrypted disk, or Microsoft doesn't have a copy of your recovery key. This might be the case if you're using BitLocker and didn't upload your recovery key when you first turned it on.
When you delete your recovery key from your account on this website, Microsoft promises that it gets deleted immediately, and that copies stored on their backup drives get deleted shortly thereafter as well. "The recovery key password is deleted right away from the customer's online profile. As the drives that are used for failover and backup are sync'd up with the latest data the keys are removed," a Microsoft spokesperson assured me.
If you have sensitive data that's stored on your laptop, in some cases it might be safer to completely stop using your old encryption key and generate a new one that you never send to Microsoft. This way you can be entirely sure that the copy that used to be on Microsoft's server hasn't already been compromised.
In order to generate a new disk encryption key, this time without giving a copy to Microsoft, you need decrypt your whole hard disk and then re-encrypt it, but this time in such a way that you'll actually get asked how you want to backup your recover key.
This is only possible if you have Windows Pro or Enterprise. Unfortunately, the only thing you can do if you have the Home edition is upgrade to a more expensive edition or use non-Microsoft disk encryption software, such as BestCrypt, which you have to pay for. You may also be able to get open source encryption software like VeraCrypt working, but sadly the open source options for full disk encryption in Windows don't currently work well with modern PC hardware (as touched on here).
Go to Start, type "bitlocker", and click "Manage BitLocker" to open BitLocker Drive Encryption settings.
From here, click "Turn off BitLocker." It will warn you that your disk will get decrypted and that it may take some time. Go ahead and continue. You can use your computer while it's decrypting.
After your disk is finished decrypting, you need to turn BitLocker back on. Back in the BitLocker Drive Encryption settings, click "Turn on BitLocker".
It will check to see if your computer supports BitLocker, and then it will ask you how you want to backup your recovery key. It sure would be nice if it asked you this when you first set up your computer.
If you choose to save it to a file, it will make you save it onto a disk that you're not currently encrypting, such as a USB stick. Or you can choose to print it, and keep a hard copy. You must choose one of them to continue, but make sure you don't choose "Save to your Microsoft account."
On the next page it will ask you if you want to encrypt used disk space only (faster) or encrypt your entire disk including empty space (slower). If you want to be on the safe side, choose the latter. Then on the next page it will ask you if you wish to run the BitLocker system check, which you should probably do.
Finally, it will make you reboot your computer.
When you boot back up your hard disk will be encrypting in the background. At this point you can check your Microsoft account again to see if Windows uploaded your recovery key - it shouldn't have.
Now just wait for your disk to finish encrypting. Congratulations: Your disk is encrypted and Microsoft no longer has the ability to unlock it.
The website listed to go to for signing in to your Microsoft account is not a Microsoft site. How do I know that is not a phishing site meant to get info on how to break in to my computer?I realize that my first response was inadequate. You are right to question this.
One way to check the ownership of a web site is to go to:
https://whois.icann.org
and type in the web site name. If you do this with "live.com", you will see that Microsoft owns the domain.
There’s a simple answer, you should have purchased a Mac! People who buy PC’s are like the British continuing to buy British cars. It gives them something to work on every weekend instead of taking a drive!
I was under the impression that you can install Windows 10 without ever logging into Microsoft.
I don’t know how wholly accurate this article’s suppositions are.
Well, I really didn't want to bring that up, so as to not make this a religious discussion, however, there is a clear difference between the way that Microsoft and Apple deal with encryption. If you encrypt your i-device, and lose your password, Apple can't do anything at all to recover your data because they simply do not have the key to do so. They can't 'fix' it for you because they don't have the key. Similarly, when the NSA asks for Joe Public's data, Apple cannot provide them with the ability to decrypt it.This, to me, is a major selling point, not because I'm doing anything wrong or illegal, but simply because what I'm doing on my phone is none of the feral government's freaking business.
There is a sharp contrast here. I think we should act accordingly.
i use this nice little program named 'AxCrypt' to encrypt individual files under Windows. It integrates nicely with Windows Explorer.
Sounds like another reason to NOT load Win 10 or, if you do, another reason to not create a Microsoft account.
If you’re dumb enough to create a Microsoft account when you first install your Windows OS, you deserve what you get.
YOU DO NOT HAVE TO HAVE A MICROSOFT ACCOUNT TO USE WINDOWS!
I believe you do, if you want to use their disk encryption, which is what this is about.
Windows 7 will endure. There will be non-Microsoft updates to it same as there were to Windows 98. That update was ~ 18mb
Windows 8.1 is non toxic and will also endure. I like its flat GUI better than Windows 7. fwiw I have 7 and 8.1 computers and doubt I will move to any “free” Windows 10
Unless you have a reason folks, and a serious competence with the subject, DON’T encrypt your drive.
I’d disagree. Everything should be encrypted.
Absolutely, completely, unequivocally false. BitLocker is built into the OS and does not require a Microsoft account. You should have a trusted platform module (TPM) and save your encryption key to a thumb drive stored somewhere safe, but you do not need to have a Microsoft account to leverage this functionality.
You obviously don’t repair computers for Joe User.
Oh, okay! Thank you for the information!
Nope. I also don't want encrypted bits to stand out.
These days just about everyone with an iPhone has a fully encrypted device that the seem to have no problem using and managing on a daily basis. I guess some companies aren't up to the challenge.
If someone else has control of your keys, your device effectively isn't encrypted.
I've been using crypto since PGP2.1. I don't seem to have issues with it.
Right... because all of their data is automatically pumped up to Apple's servers. Android offers a similar thing. Imagine my surprise when my 'droid tablet needed a reload and all of my crap showed back up on it a couple days later.
If all your data is backed up to someone else's server, that is in fact, no different than giving them the dang keys anyhoo.
Most users do not have a propensity toward backup (part of why it's becoming automatic on phones), and since I kind of specialize in soft recovery of hard drives, I get a whole bunch of desperate people trying to get their crap back from a damaged and failing drive - I can tell you from experience that even with encryption keys, my chances of getting anything off of a damaged and encrypted drive hover on the negative side of 0%.
Again, unless you know what you are doing - DON'T encrypt. Unless you have at least two chains of backup to unencrypted devices, off the primary machine, DON'T encrypt.
You apparently don't understand how that actually works on Apple devices. if you choose to use the cloud, which you don't have to do, by the way, your data is encrypted with the key from your device. Apple doesn't have the key to decrypt it. To them it's just a big blob of data. The feral government is kinda pissed about that and is making quite a bit of noise about it. You see, Apple has implemented the crypto correctly. You control the keys, they just hold the data, if you choose to use their 'cloud'. They can't even recover the keys if they have physical posession of the phone if they don't know your password. There has been a bit of news of late about some android encryption implementations that have not been quite as robust. Crypto done properly is not simple, so Microsoft, and others have had issues with it, as has Apple in the past. With recent releases of their OS, that's not the case.
As has been stated here and elsewhere many, many times, Microsoft simply doesn't do cryptography well at all. I think it comes from the mindset they seem to have where they are a bit confused as to exactly whose data it is in the first place. Seems to me that they believe it is somehow theirs. Google seems be largely the same, but that's just my opinion. I haven't really looked at google's stuff too much. I have an android device that I use as a book reader. I don't keep anything really important on it, but I really like it for the tool that it is.
I'm not really much of an Apple partisan, as I prefer Linux for my main computers, and I don't particularly care for their walled garden approach for my computing needs, but I respect when they do things right. I'll bang them when they screw up, but their implementation of cryptography is not one of those things.
I did mine right, on that last link, it says I have no backed up keys. I did bitlocker with local only. It’s not that hard.
Thank you for the correction - And I do remember articles of this nature, now that you mention it.
It still does not detract from the point - That novices should not be encrypting... That sh*t will indeed happen, that they will come to one like me, and I will get to tell them their drive is bricked and I can't help them.
Even in regard to backup - I would recommend the same thing. Back up raw files. Uncompressed. unencrypted. At least two backup chains. Storage is cheap. Data is priceless.
It's a different story if you have need of higher security - If your data is in fact sensitive - But if that is the case, then you should have the knowledge and discipline necessary to maintain encrypted things properly, before committing to encryption. It surely isn't for Joe User.
I'm not really much of an Apple partisan, as I prefer Linux for my main computers
Same here - Never have liked Apple's ecosystem... I prefer Linux - Though as a Residential/SOHO service tech, it is necessary for me to keep myself in Win/Office, so my main machines tend to be windows... One day I'll hang up my pocket protector, and I won't need samba anymore ; )
but I respect when they do things right. [...] their implementation of cryptography [...]
That's right - Thanks again for the correction.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.