Back in January Microsoft encrypted all my hard drives without saying anything. I was playing around with a dual boot yesterday and somehow aggravated Secureboot. So my C: panicked and required a 40 character key to unlock.

Your key is backed up to the Microsoft account associated with your install. Which is considerate to the hackers. (and saved me from a re-install) But if you’ve got an unactivated copy, local account, or don’t know your M$ account credentials, your boned.

Control Panel > System Security > Bitlocker Encryption.

BTW, I was aware that M$ was doing this and even made fun of the effected users. Karma.

  • DicJacobus@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    4 hours ago

    When I switched to a new CPU I got a bit locker message and it was one of my biggest computer scares ever. I couldn’t remember if the shop that assembled my pc would have enabled it or not. And wasn’t available to contact.

    I had to take a risk. If I continued there was a 50 50 chance my shit would have been bricked. Thankfully. That shop had the foresight to NOT randomly enable features the client didn’t ask for

  • carrion0409@lemm.ee
    link
    fedilink
    arrow-up
    0
    ·
    7 hours ago

    I just leave secure boot/bitlocker off when it comes to my home system. It wasnt something I “needed” when I was dual booting windows 10 and it’s not something I’m gonna enable now that I’m using 11.

    • thomasloven@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      5 hours ago

      It’s not ”leaving bitlocker off”, though. It’s ”be aware about it and turn bitlocker off manually” since it’s enabled by default in the latest updates.

    • lightnsfw@reddthat.com
      link
      fedilink
      arrow-up
      0
      ·
      6 hours ago

      I tried having it on my new laptop for a bit. It took like a week for Windows to kill the secure boot key for my Linux partition. Even after I disabled secure boot I couldn’t get it to boot up so I had to reinstall. Just left it turned off afterwards.

  • Mustakrakish@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    8 hours ago

    This has been happening to people randomly for years. Ysed to get calls about it all the time, and that was pre-covid

  • MangoPenguin@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    0
    ·
    8 hours ago

    Always have backups! Doesnt matter what OS you use, stuff will break eventually.

    I prefer bootable full system images to my NAS for easy restores, and online file backups, both running daily.

  • JackbyDev@programming.dev
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 hours ago

    Regarding your last sentence, something similar happened to me with OneDrive. I mocked people thinking surely they enabled something by mistake. Nope. The defaults and general behavior are just that wacky. Glad I’m off Microsoft now.

  • randomname@sh.itjust.works
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    9 hours ago

    they’ve been doing this for a long time. the issue you are having is the reason I keep bitlocker disabled on my desktop. on devices that can be stolen I still use it.

  • sbird@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    13 hours ago

    This happened to me once and I had to redo my coursework over the weekend…now I use Fedora :D

  • spicehoarder@lemm.ee
    link
    fedilink
    English
    arrow-up
    0
    ·
    17 hours ago

    I just installed Manjaro on my daily driver over the weekend. My entire steam library just works. My dev tools all work(better) on Linux, and free office is nice and familiar. Fuck widows.

  • Dimi Fisher@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    17 hours ago

    I still don’t understand why there is no other mainstream os in competition alongside MS except IOs, I wouldn’t call Linux mainstream of course, don’t you think that’s a bit weird?!

    • superkret@feddit.org
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      9 hours ago

      If you don’t just look at desktop computers, GNU/Linux and Android/Linux are the most used operating systems in the world (not sure which is in the lead).
      If you look only at desktop computers, the most used OS is Minix, which is installed on most Intel CPUs and motherbords.

    • Dragonstaff@leminal.space
      link
      fedilink
      English
      arrow-up
      0
      ·
      12 hours ago

      MS abused its monopoly in the 90s. The Clinton administration was too lenient, then the Bush admin kowtowed completely. Now, there’s largely no chance for another operating system to compete.

      • Dimi Fisher@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        11 hours ago

        Why so! and what Clinton and Bush have to do with an operating system that is used globally!? I think you overestimate MS

        • Dragonstaff@leminal.space
          link
          fedilink
          English
          arrow-up
          0
          ·
          5 hours ago

          I’m not sure how to explain the concept of walled gardens to people who grew up with four websites. In the 90s, most software was “shareware”, you could try it out for as long as you wanted, but businesses were expected to buy licenses.

          MS used it’s dominant operating system to drive web browser competitors out of business. This is illegal. The whole concept of capitalism is built around competition, but MS used it’s power to stifle ’ innovation. The Clinton administration beat MS in court, then the Bush Administration dropped the case before the appeal was heard. If they hadn’t done that, instead had broken up Google, Meta, Apple, and the lot of them, the world would be a lot different now.

        • jnod4@lemmy.ca
          link
          fedilink
          English
          arrow-up
          0
          ·
          11 hours ago

          Right wing politicians will always be in favour of big corporations, they pay good money

    • spicehoarder@lemm.ee
      link
      fedilink
      English
      arrow-up
      0
      ·
      16 hours ago

      Microsoft is almost good as dead. These days, Linux takes just as much maintenance as XP used to. They’ve got maybe 5 years left until laptops start shipping with alternatives to Windows. My bet is it’s going to be SteamOS.

      • superkret@feddit.org
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        9 hours ago

        Microsoft is thriving and will continue to do so, just probably on machines running Linux.
        They get paid $$ per month per employee by most businesses in the developed world.
        There is a mature alternative to desktop Windows now. But there isn’t for AD, Azure, Exchange, Kerberos and M365.

        • spicehoarder@lemm.ee
          link
          fedilink
          English
          arrow-up
          0
          ·
          8 hours ago

          My bad, I meant their consumer grade stuff.

          I would generally agree with you on their cloud/server solutions. However, I do think AWS will get there some day.

      • weissbinder@feddit.org
        link
        fedilink
        arrow-up
        0
        ·
        15 hours ago

        I have way less maintenance to do than on my old XP machine.

        And considering all the shenanigans Microsoft does starting with 10, I guess this still holds up.

  • Ptsf@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    19 hours ago

    I’ve actually had this occur before to a machine I specifically disabled the tpm on so that it wouldn’t happen (it was an account less frozen kiosk). I was fuming the entire time I spent rebuilding it.

  • milicent_bystandr@lemm.ee
    link
    fedilink
    arrow-up
    0
    ·
    23 hours ago

    You know, this is actually one Windows decision I agree with. Encryption should be default, especially on portable devices like laptops. For an OS aimed at people who want to use their computers, rather than understand them, you have to choose an encryption that works by default for most of your non-tech-savvy users.

    If they want their data truly in their own hands, or full control, use Linux.

    If they want to use Windows, but not rely on a Microsoft account for recovery, get the bitlocker recovery key and write it down (which you can do).

    But I think this looks like a sane default.

    (Full disclosure, I don’t use Windows for anything I care about!)

    • highball@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      21 hours ago

      Would be fine. The problem is, Microsoft is encrypting drives and not telling anybody about it. Average users have no clue what any of this is and are completely unaware they need to create a passphrase for safe keeping.

    • acid_falcon@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      21 hours ago

      Respectfully, hard disagree and terrible take. I work in IT, and your stance only makes sense if people have some tech knowledge. Which is never going to happen for the average person.

      I can’t tell you how many older people I’ve had to tell that I can’t save their grandkids first pics because of bitlocker

      • milicent_bystandr@lemm.ee
        link
        fedilink
        arrow-up
        0
        ·
        19 hours ago

        That still happens without bitlocker. Computers are dropped. Facebook passwords are forgotten.

        I acknowledge automatic encryption is going to make some more cases of lost data, but, with respect, I think the benefit of making fewer cases of stolen data is worth it. I agree with the other commenter that users should be made aware of it more clearly.

        Also, as much as I hate the push to Microsoft accounts, I have to admit it helps mitigate this problem: if all ordinary users have an account looking after their master keys, then they can turn to that when they forget their login password etc. but the opportunistic thief on the train can’t (as easily). Not every grandma has a Millennial relative at hand to boot Linux to rescue files off her HDD. And for those who don’t like to trust their master keys to Microsoft/Apple/Google? There’s Linux. And external backups. And saving your password somewhere safe.

        • acid_falcon@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          7 hours ago

          Not nearly as much. If someone breaks their motherboard in half but the hard drive is okay, I can get their data unless they have bitlocker. Microsoft is encrypting drives and storing the keys in the TPM only, and it is insane. My grandma doesn’t have state secrets on her laptop, she doesn’t need encryption.

          • milicent_bystandr@lemm.ee
            link
            fedilink
            arrow-up
            0
            ·
            3 hours ago

            So, your grandma doesn’t need encryption. She might not need a seatbelt either. But it’s not only state secrets that are worth protecting. Does she have internet banking, with cookies stored in her browser? But many people do, and it’s either encryption for everyone, or for (almost) no one.

            • acid_falcon@lemmy.world
              link
              fedilink
              arrow-up
              0
              ·
              3 hours ago

              Hah is there a rash of nursing home break ins that I’m unaware of? I’m in the field, the way that is happening is phishing with fake ads and emails

              Very few people are breaking into a laptop for cookies, it’s tremendous amounts of work, and is usually targeted. Motherboards die all the time, and take the TPM with them

              • milicent_bystandr@lemm.ee
                link
                fedilink
                arrow-up
                0
                ·
                3 hours ago

                Hah is there a rash of nursing home break ins that I’m unaware of?

                I mean, not Windows user lives in a nursing home. I wish! But some lose laptops on the train, and some even throw their computers away!

                Sure, most of the risk is remote through emails etc. Maybe you’re right. Maybe the balance is better the other way round: let all Windows Home users’ computers stay unencryptedv at rest, and keep encryption for Pro users. I grew up with a high focus on security; maybe I’m paranoid.

                But phones are all encrypted these days. Obviously they’re more mobile and at more risk, but that suggests to me that laptops are subject to similar, if smaller, risks.

                • acid_falcon@lemmy.world
                  link
                  fedilink
                  arrow-up
                  0
                  ·
                  3 hours ago

                  I get it, but as someone who has had to tell little old ladies their data is fucked, I am beyond pissed at Microsoft’s implementation. They should not be encrypting data without forcing lay people to have backup codes printed or on a flash drive or something.

                  They’re doing this because they want to force people to her Microsoft accounts, probably just to collect more data.

                  And for the record, I am very pro encryption The half assed way of encrypting even if there isn’t a Microsoft account connected and therefore no way to save keys somewhere is completely unacceptable

  • yaroto98@lemmy.org
    link
    fedilink
    English
    arrow-up
    0
    ·
    24 hours ago

    Just checked my wife’s laptop. Local account, secure boot off, windows 10. It had a message telling me to setup a microsoft account to ‘finish encrypting the device’. I clicked turn off, and it’s currently decrypting the hard drive. Blech.

  • UncleGrandPa@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 day ago

    They desperately wanted to eliminate personal computers and replace them with dumb terminals running over the net.

    When the public rejected this idea

    THIS is their response. They are still insisting on total control of our computers.

    • toastmeister@lemmy.ca
      link
      fedilink
      arrow-up
      0
      ·
      18 hours ago

      Not to mention DRM. They want to own your computer and prevent any kind of modification so that movie producers give them money.

        • DFX4509B@lemmy.org
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          17 hours ago

          Good luck locking loose mainboards sold for the DIY market, which don’t come with anything installed by default, to a given OS, the only way that could maybe work is forcing the OS in ROM.

          Another way would be to discontinue the socketed desktop form factors and replace them all with mini PCs that are as locked down as the current Macs.

          • brbposting@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            0
            ·
            17 hours ago

            Thinking for two seconds:

            MS pays Google to start enforcing some device verification thing so you can only view a good chunk of the Internet if you pass verification? (Assumes Google goes even harder making the web Chrome-focused)

            Ooh Cloudflare could be invited to the party here too. Constant CAPTCHAs if you’re not on an MS AUTHENTI-PC! device. (Think Private Access Token)

            …fill in the gaps friends 😉 you know MS has already debated all your “suggestions” anyway

            • theblips@lemm.ee
              link
              fedilink
              arrow-up
              0
              ·
              10 hours ago

              Google already does precisely that with their “open source” mobile OS. People underestimate how easily these guys can ruin stuff

                • theblips@lemm.ee
                  link
                  fedilink
                  arrow-up
                  0
                  ·
                  6 hours ago

                  First off, Google has made agressive deals with phone manufacturers to ship spyware with their phones by default, and some of the stuff can only get taken out by rooting/jailbreaking the phone. By doing so, they acquired nearly 100% of the app store market share, and then used it to make “useful features” such as integrity checks that are tied to the Play Services app (which is an always on spyware background app).
                  The end result is, even if you manage to root your phone and install a custom ROM (which is not always available to every model), a bunch of apps will refuse to work properly because you fail the Google Play fingerprinting steps and are assumed to be a security vulnerability. If I’m not mistaken there’s also some shady stuff with certificates, too

            • DFX4509B@lemmy.org
              link
              fedilink
              English
              arrow-up
              0
              ·
              edit-2
              17 hours ago

              So you’re suggesting MS will somehow block non-Windows OSes from installing, even on hardware like loose mainboards for building your own PC with, or even on barebones mini PC kits or certain laptop SKUs, which don’t ship with an OS installed to begin with and expect the user to install it themselves? I mean, unless something extreme happens like changing the entire PC platform to be like the current Macs, that won’t be feasible.

              Also, doing that would kill the Steam Deck which I doubt Valve would take sitting down.

              • Something Burger 🍔@jlai.lu
                link
                fedilink
                arrow-up
                0
                ·
                14 hours ago

                SecureBoot pretty much does this. There is nothing preventing motherboard manufacturers from blocking adding non-MS keys if they wanted to.

    • VitoRobles@lemmy.today
      link
      fedilink
      English
      arrow-up
      0
      ·
      23 hours ago

      They desperately wanted to eliminate personal computers and replace them with dumb terminals running over the net.

      I don’t know about that.

      Dumb terminal concept was more what Chromebook was doing.

      Microsoft is doing something even stupider.

      • jim3692@discuss.online
        link
        fedilink
        arrow-up
        0
        ·
        12 hours ago

        I think they want you to only use Windows and pay for cloud storage.

        By enforcing BitLocker and Secure Boot, they are trying to eliminate dual-booting (you don’t need to dual-boot Windows/Linux anyway, as you can just use WSL2 /s).

        By enforcing disk encryption, in general, they try to force the use of cloud storage, by making data recovery nearly impossible. Most people are probably too lazy to buy external storage, and manually copy their files over.

        This guarantees 2 money streams. One from Windows’s tracking/advertising and the other from OneDrive subscriptions.

      • CafecitoHippo@lemm.ee
        link
        fedilink
        English
        arrow-up
        0
        ·
        edit-2
        22 hours ago

        Dumb terminal concept was more what Chromebook was doing.

        I mean, for a lot of people they’re fine especially if they’re priced appropriately. Especially with a lot more software as a service out there. My problem is that all of them have a built in drop dead date on when they’re going to stop getting updates and there’s not really a great option for the devices post ChromeOS.

        ChromeOS certainly can be a good system. I still have my old CR-48 from when I got selected to test the OS and even when it was in its infancy, it was solid. I used it for a lot of my college career because it was better than my Asus eeePC which had Ubuntu on it.