linuxmemes @lemmy.world yesman @lemmy.world 2mo ago

Microsoft secured my files!

Back in January Microsoft encrypted all my hard drives without saying anything. I was playing around with a dual boot yesterday and somehow aggravated Secureboot. So my C: panicked and required a 40 character key to unlock.

Your key is backed up to the Microsoft account associated with your install. Which is considerate to the hackers. (and saved me from a re-install) But if you've got an unactivated copy, local account, or don't know your M$ account credentials, your boned.

Control Panel > System Security > Bitlocker Encryption.

BTW, I was aware that M$ was doing this and even made fun of the effected users. Karma.

177

177 comments

They also do spyware. They just renamed it "AI."
Holy shit, they automatically activate it on computers without an account to back the key up to?

That's just malicious
They desperately wanted to eliminate personal computers and replace them with dumb terminals running over the net.

When the public rejected this idea

THIS is their response. They are still insisting on total control of our computers.
Just checked my wife's laptop. Local account, secure boot off, windows 10. It had a message telling me to setup a microsoft account to 'finish encrypting the device'. I clicked turn off, and it's currently decrypting the hard drive. Blech.
Not that it helps now, but you can also dump your bitlocker recovery key through powershell and save it independently.

(Get-BitLockerVolume -MountPoint "C").KeyProtector
This happened to me once and I had to redo my coursework over the weekend...now I use Fedora :D
I just installed Manjaro on my daily driver over the weekend. My entire steam library just works. My dev tools all work(better) on Linux, and free office is nice and familiar. Fuck widows.
Windows is the virus.
I've actually had this occur before to a machine I specifically disabled the tpm on so that it wouldn't happen (it was an account less frozen kiosk). I was fuming the entire time I spent rebuilding it.
Thank you for the word of warning. Does this affect Windows 10 as well?
Why cant windows copy luks and let you choose your own password
Bit late to this thread but I know a few commands that might help if you're stuck:

manage-bde -off C: (or any other drive) This decrypts the volume and turns off bitlocker

manage-bde -lock/unlock

manage-bde -protectors -get C: (or any other drive) This displays your 48-digit key. I suggest you store it somewhere, just to be safe.

Get-BitlockerVolume reveals which of your partitions are encrypted with Bitlocker.

Disclaimer: I am not a terminal nerd, I just had similar problems years ago and went down the rabbit hole, used these commands and turned off bitlocker permanently. I don't use windows anymore, but when I did, it didn't cause any problems with bitlocker after this. If you're concerned about your un-encrypted hard drives, consider using Veracrypt (carefully!) or similar open source encryption software.
Fuck Microsoft.

I remember back in highschool a buddy encrypted his harddrive, didn't backup his key. He Lost ALOT when I upgraded his comp
Always have backups! Doesnt matter what OS you use, stuff will break eventually.

I prefer bootable full system images to my NAS for easy restores, and online file backups, both running daily.
I can't even adjust bitlocker settings on my laptop's windows 11 home Installation...
This has been happening to people randomly for years. Ysed to get calls about it all the time, and that was pre-covid
Windows is still around?????
Regarding your last sentence, something similar happened to me with OneDrive. I mocked people thinking surely they enabled something by mistake. Nope. The defaults and general behavior are just that wacky. Glad I'm off Microsoft now.
Upvote for a acknowledging karma
"do not redeem!" - microsoft, probably
Holy shit. This happened to me last week.

Turned off Safe Boot when going back over to Win on a dualboot after 6 months. Wanted to avoid updates nuking my dualboot option. (Edit: As was a Win issue 6 months ago)

...enter Bitlocker recovery for Every. Single. Logon.

Just need to do one thing that needs genuine Win11 fingerprint and then I'm doing a 22.1 fresh install.
I mean you can write your Bitlocker key down and store it safely or put it somewhere else safe.. Lol
I've been preaching about this for a while. Many modern systems are getting bitlocker turned on by default.

If your system gets messed up, or simply won't start because of some security vendors bad update, goodbye data. You need the recovery key, and if you don't have it, you'll never see your bits the the correct order again.
I got into coding in the last few days. I have a project. Bumping into this while I'm trying to learn this shit? Fuck me. You know, we could just stop using money
When I switched to a new CPU I got a bit locker message and it was one of my biggest computer scares ever. I couldn't remember if the shop that assembled my pc would have enabled it or not. And wasn't available to contact.

I had to take a risk. If I continued there was a 50 50 chance my shit would have been bricked. Thankfully. That shop had the foresight to NOT randomly enable features the client didn't ask for
*You’re

You’re boned
Alright, lol, I'll be the guy

Hey OP, ever heard of Linux?
All in the name of national security *wink
This was the exact same situation I experienced with my old Surface 6. Started to look into Linux firmware on Surface devices and deactivated secure boot because it wouldn't boot Ventoy at all and do nothing, so I figured to try again with no secure boot. It still didn't work so I turned it on again, but was then greeted with this Bitlocker screen which I didn't even know it had activated up until this point. I set up a local account so I had no key to reset or something and was literally not able to do anything besides reinstalling the entire system.

Luckily I had nothing important on it lol

Weirdly the activation was saved on the MS servers so I didn't need to do that again at least (was a preinstalled system so I wouldn't have known the activation key anyways, I thought "When it doesn't work I'll switch to Linux fully because I'm not paying for that garbage system").

After I updated Ventoy I was able to boot again even with secure boot on, there seems to have been an issue with that specific version.

I had Windows on my device since I bought it (around 2018) only upgraded to W11. It never mentioned anything about Bitlocker before this incident so if I had important stuff on it it would have been so over. Well, never save important files on Windows without backup is what I got out of it

This caused me literally bigger problems than my switch to Arch Linux after having only used Windows the entire time xD
I thought bitlocker had a maximum of 20 digits for the pin and only numbers were allowed.
they've been doing this for a long time. the issue you are having is the reason I keep bitlocker disabled on my desktop. on devices that can be stolen I still use it.
This is gonna happen to a lot more people with their password change.

Why do you have to use there? Nothing a cater. You can't use Google or open source. I don't get it. They suck.

Like I need more spyware on my phone.

What about people with landlines? Older people.

So they're going to lose a huge market share when they force everybody to throw away their computer to run Windows 11.

177 comments