> Any power users who prefer their own key management should follow the steps to enable Bitlocker without uploading keys to a connected Microsoft account.

Except the steps to to that are disable bitlocker, create a local user account (assuming you initially signed in with a Microsoft account because Ms now forces it on you for home editions of windows), delete your existing keys from OneDrive, then re-encrypt using your local account and make sure not to sign into your Microsoft account or link it to Windows again.

A much more sensible default would be to give the user a choice right from the beginning much like how Apple does it. When you go through set up assistant on mac, it doesn't assume you are an idiot and literally asks you up front "Do you want to store your recovery key in iCloud or not?"

> Any power users who prefer their own key management should follow the steps to enable Bitlocker without uploading keys to a connected Microsoft account.

Once the feature exists, it's much easier to use it by accident. A finger slip, a bug in a Windows update, or even a cosmic ray flipping the "do not upload" bit in memory, could all lead to the key being accidentally uploaded. And it's a silent failure: the security properties of the system have changed without any visible indication that it happened.

You can always count on someone coming along and defending the multi-trillion dollar corporation that just so happens to take a screenshot of your screen every few seconds (among many, many - too many other things)

> If your company has data that the police want and they can get a warrant, you have no choice but to give it to them.

Yes. The thing is: Microsoft made the design decision to copy the keys to the cloud, in plaintext. And they made this decision with the full knowledge that the cops could ask for the data.

You can encrypt secrets end-to-end - just look at how password managers work - and it means the cops can only subpoena the useless ciphertext. But Microsoft decided not to do that.

I dread to think how their passkeys implementation works.

> Any power users who prefer their own key management should follow the steps to enable Bitlocker without uploading keys to a connected Microsoft account.

The real issue is that you can't be sure that the keys aren't uploaded even if you opt out.

At this point, the only thing that can restore trust in Microsoft is open sourcing Windows.

Power users should stop bothering with Windows nonsense and install Linux instead so that they can actually have control over their system.

It's 2026. The abuses of corporations are well documented. Anyone who still chooses Windows of their own volition is quite literally asking for it and they deserve everything that happens to them.

I'm not sure how to do this on Windows, but to disable FileVault cloud key backup on Mac, go to `Settings > Users & Groups > click on the (i) tooltip next to your account` and uncheck "Allow user to reset password using Apple Account".

This is a part of Settings that you will never see at a passing glance, so it's easy to forget that you may have it on.

I'd also like to gently push back against the cynicism expressed about having a feature like this. There are more people who benefit from a feature like this than not. They're more likely thinking "I forgot my password and I want to get the pictures of my family back" than fully internalizing the principles and practices of self custody - one of which is that if you lose your keys, you lose everything.

> It protects their data in the event that someone steals the laptop, but still allows them to recover their own data later from the hard drive.

False. If you only put the keys on the Microsoft account, and Microsoft closes your account for whatever reason, you are done.

>Any power users who prefer their own key management should follow the steps to enable Bitlocker without uploading keys to a connected Microsoft account.

I have W11 w a local account and no bitlocker on my desktop computer, but the sheer amount of nonsense MS has been doing these days has really made me question if 'easy modding*' is really enough of a benefit for me to not just nuke it and install linux yet again

* You can get the MO2 mod manager running under linux, but it's a pain, much like you can also supposedly run executable mods (downgraders, engine patches, etc) in the game's context, but again, pain

Exactly. And any halfway decent corporate IT setup would be managing the keys themselves as well (although I would imagine many third party tools could also be compelled to do this with a proper warrant)

Bitlocker on by default (even if Microsoft does have the keys and complies with warrants) is still a hell if a lot better than the old default of no encryption. At least some rando can't steal your laptop, pop out the HDD, and take whatever data they want.

There needs to be more awareness into setting up W11 install ISO's which can be modified to disable bitlocker by default, disable the online account requirement.

I recently needed to make a bootable key and found that Rufus out of the box allows you to modify the installer, game changer.

The "reasonable default" is to force the user to actually make the choice, probably after forcing the user to prove they understand the implications.

It’s definitely better than no encryption at all, which would be what most people would have otherwise.

The reasonable default is transparency about it and 2FA for recovery scenarios. MS does not have to have the keys in the clear, as it is reasonable for any secrets you store.

> If your company has data that the police want and they can get a warrant, you have no choice but to give it to them.

They can fight the warrant, if you don't at least object to it then "giving the keys away" is not an incorrect characterization.

If you are super concerned about their privacy, should you be using Windows anyway? Or any commercial OS for that matter?

> Journalists love the "Microsoft gave" framing because it makes Microsoft sound like they're handing these out because they like the cops, but that's not how it works. If your company has data that the police want and they can get a warrant, you have no choice but to give it to them.

These two statements are in no way mutually exclusive. Microsoft is gobbling up your supposedly private encryption keys because they love cops and want an excuse to give your supposedly private data to cops.

Microsoft could simply not collect your keys and then would have no reason or excuse to hand them to cops.

Microsoft chose to do this.

Do not be charitable to fascists.

Correct me if I'm wrong, but isn't forcing you to divulge your encryption password compelled speech? So the police can crack my phone but they can't force me to tell them my PIN.

To be fair, if they didn't have BitLocker enabled at all, the FBI would have just scanned the hard-drive as-is. The only usefulness of BitLocker is if a stranger steals your laptop, assuming Microsoft doesn't hand out the keys to just anybody, your files should be safe, in theory.

That would be all well and good if any of this was communicated to the user.

It would make me a lot less angry if Microsoft didn't go out of their way to force people to use a Microsoft account of course.

I think this is a fair position and believe you're making it in good faith, but I can't help but disagree.

I think the reasonable default here would be to not upload to MS severs without explicit consent about what that means in practise. I suspect if you actually asked the average person if they're okay with MS having access to all of the data on their device (including browser history, emails, photos) they'd probably say no if they could.

Maybe I'm wrong though... I admit I have a bad theory of mind when it comes to this stuff because I struggle to understand why people don't value privacy more.

Doesn’t windows 11 force you to use a Microsoft account

> you have no choice but to give it to them

Will they shoot me in head?

What if I truly forgot the password to my encrypted drive? Will they also shoot me in the head?

Any power users should avoid Windows entirely.

Yeah guys, if it's encrypted by default, it's not a violation of user security or privacy expectations to have a set of master keys that you hold onto and give to third parties to decrypt user devices. I mean it was just encrypted by default... by default...

> you have no choice but to give it to them

There is always a choice.

VeraCrypt exists for this reason or other open source programs. Why would you ever trust encryption to closed source?

[flagged]