If your Windows 10 machine uses your Microsoft account as the login then your system's recovery key now resides on a Microsoft database in the cloud. That recovery key is used in the file system encryption present on Windows 10 systems. The backup is good news for people who find themselves with computer problems and need access to the key from a different machine, however this is also a huge security concern as your key could be stolen or demanded from Microsoft. Follow the link from the Slashdot article to find out how to delete that back up recovery key and consider using a domain or workgroup style account as opposed to a Microsoft account to log into your machine.
"The fact that new Windows devices require users to backup their recovery key on Microsoft's servers is remarkably similar to a key escrow system, but with an important difference. Users can choose to delete recovery keys from their Microsoft accounts – something that people never had the option to do with the Clipper chip system. But they can only delete it after they've already uploaded it to the cloud…..As soon as your recovery key leaves your computer, you have no way of knowing its fate."
Here is some more Tech News from around the web:
- Oculus Rift is on schedule to see a consumer release in Q1 2016 @ The Inquirer
- 2015: The year storage was rocked to its foundations @ The Register
- Highs and lows of tech in 2015 @ The Inquirer
- Patch now! Flash-exploitin' PC-hijackin' attack spotted in the wild by Huawei bods @ The Register
- Intel completes acquisition of Altera @ DigiTimes
- ASRock G10 Gaming Router Review @ Hardware Canucks
Yeah, people were outraged
Yeah, people were outraged about it in August when a blog figured it out, despite the fact that it’s happened since windows 8. It’s when you encrypt your drive with bitlocker, not if you just have a Microsoft account.
Sure, but since 8.1 devices
Sure, but since 8.1 devices with SSDs that met other security and IO requirements (TPM, Secure Boot) automatically encrypted silently with Bitlocker as a security measure after you logged in with an MS account. The whole point of that Microsoft Account requirement is so the device could be recovered if the user forgot their password or some other event caused the TPM to think some interference had happened (and this can be caused by a lot in Windows, I saw it a half dozen times across Dell tablets deployed in a school district I supported). If you’re 100% certain you can move the key elsewhere and keep it available in case of disaster, fine, delete it. But I worry this freak out means well meaning geeks will delete the keys for friends and relatives and then render their data unrecoverable when something bad happens. A PC isn’t like an iPad or phone, you have to have a method of recovery, or be sure you have a really reliable backup(s).
Misleading title is
Misleading title is misleading.
Garbage sensationalist
Garbage sensationalist article.
Whenever you start a news article with sigh, it is a waste of real estate.
sigh, click here to see 10
sigh, click here to see 10 things you didn't know about garbage article real estate.
The alternative is for you
The alternative is for you device to be totally unencrypted, so this is a net gain. For everyone. You are EXACTLY as vulnerable to Microsoft being coerced by a state actor (or a hack) as with an unencrypted drive, but you are less vulnerable to a regular everyday thief stealing your device.
Remember, this is for encrypted-out-of-the-box devices. If you have one of the Professional Windows variants and are using Bitlocker rather than Device Encryption, storing the recovery key becomes YOUR job unless you select the box to allow Microsoft to store it.
This is indeed true and the
This is indeed true and the spread of encryption for home users is a good thing, however it is valuable to know that there is another copy of your key floating out there. I'm not saying this is good or bad, only that it is another example of the poor communication from Microsoft about the features included in Win10, some will want to delete the key, others will be glad to know they aren't borked if they lose access.
Another week, another rag on
Another week, another rag on Microsoft article. Sure you guys don’t all go home to Apple devices?
This is much ado bout nothing, much like the ‘privacy’ issue in Windows 10. Real Storm in a Teacup stuff.
Abusive Monopolies will
Abusive Monopolies will always be ragged on, and M$ is one Abusive Monopoly! It’s too bad our elected officials are too corrupt to enforce the Abusive Monopoly laws already enacted! Apple is not trying to push its closed OS ecosystem onto any third party OEM produced PC/Laptop hardware like M$ is!