Sigh ... your Windows 10 device is probably only as secure as Microsoft's database
Subject: General Tech | December 29, 2015 - 02:13 PM | Jeremy Hellstrom
Tagged: microsoft, windows 10, security
If your Windows 10 machine uses your Microsoft account as the login then your system's recovery key now resides on a Microsoft database in the cloud. That recovery key is used in the file system encryption present on Windows 10 systems. The backup is good news for people who find themselves with computer problems and need access to the key from a different machine, however this is also a huge security concern as your key could be stolen or demanded from Microsoft. Follow the link from the Slashdot article to find out how to delete that back up recovery key and consider using a domain or workgroup style account as opposed to a Microsoft account to log into your machine.
"The fact that new Windows devices require users to backup their recovery key on Microsoft's servers is remarkably similar to a key escrow system, but with an important difference. Users can choose to delete recovery keys from their Microsoft accounts – something that people never had the option to do with the Clipper chip system. But they can only delete it after they've already uploaded it to the cloud.....As soon as your recovery key leaves your computer, you have no way of knowing its fate."
Here is some more Tech News from around the web:
- Oculus Rift is on schedule to see a consumer release in Q1 2016 @ The Inquirer
- 2015: The year storage was rocked to its foundations @ The Register
- Highs and lows of tech in 2015 @ The Inquirer
- Patch now! Flash-exploitin' PC-hijackin' attack spotted in the wild by Huawei bods @ The Register
- Intel completes acquisition of Altera @ DigiTimes
- ASRock G10 Gaming Router Review @ Hardware Canucks