The evolution of Windows: useful -> spyware -> adware -> ransomware

Chill Microsoft, I'm already staying on Windows 10. You don't need to convince me any more.

You lose data cause your operating system breaks. I lose data because i run rm -rf * in the wrong directory and delete my home folder. We are not the same.

I looked at this in full screen and almost shat myself when the bitlocker screen appeared

Saving your recovery key into your drive is like having a spare car key in the glove box when you're locked out of the car.

We are living in a world where companies can slowly decide that you don’t own your OWN data ON your OWN drive. I hope this sparks big outrage when this update comes out.

Bitlocker horrors: -migrating hyper-v machines. you WILL be lockout out of your machine once you import that vm elsewhere. -password rejected for old drive with previous bitlocker versions -motherboard died, password and recovery key refused on the new MB because TPM mismatch

Windows 95/98/2000 - useful Windows XP/Vista/7 - useful and beautiful Windows 8/8.1/10 - spyware Windows 11 (mid) - adware Windows 11 (now) - ransomware

Microsoft yet again being an amazing advertiser for Linux

Windows has fallen. Thousands will lose data.

the NSA has a backdoor key to bitlocker, 120% guaranteed

Meanwhile, my computer apparently 'doesn't meet the hardware requirements' to update to Windows 11.

Millions of people have it turned on unnecessarily. So yes, saying thousands will lose data is an understatement. Thanks Microsoft...

Windows technical support are outsourced overseas. In their training, they told the agents Bitlocker is basically not from Windows but from the Motherboard. Yes, the damn mf motherboard. I don't know whether to laugh or frightened. ☠️

The real thing nobody's talking about is: If Microsoft is enabling Bitlocker by default for everyone … you can bet your left nut that Bitlocker has been systematically broken.

Imagine being able to rescue the data of family members. Good thing Microsoft protects us against old photos we might be embarrassed about.

7:48 had a girl come in at the office, her computer got stuck on an update and started bootlooping, she had an important document on her desktop that she couldn't access and had to send later in the afternoon to her experts for her final exams she was sitting next to me crying while i was doing stuff trying to access the drive and recover her document, ive never felt so stressed ever before took us like 3h but we found the decryption key and could recover the data, never seen a more relieved person in my life

"But if you move all of your (private) data to OUR online servers it will be 'safe'." (Insert eyeroll here.) Seems like a sales tactic to me.

If you think this is bad, just imagine my face when I discovered that Windows lterally uploads the Bitlock decryption key to your Microsoft account in the cloud by default in case you lock yourself out of your computer... which completely defeats the point of full disk encryption.

Me: -disables secure boot in bios - bitlocker wipes ssd - format it and installs linux - profit

The biggest reason I noticed bitlocker is such an common issue on the more recent Windows 10/11 builds is if you EVEN sign in with a Microsoft account on Edge or Chrome it will automatically turn on bitlocker and not tell you a damn thing about it. I tested this theory on my personal machines and yep it explained why all our college student customers didn’t know they had a Microsoft account because the college doesn’t disclose their University email is Microsoft based (Common sense to a tech savvy person). So they would sign in on a browser and it’d migrate that machine’s bitlocker key to that University account. Even worse when they’re no longer a student and the email account is deleted after a set amount of time by the University so you can’t recover the Key. Microsoft is great…

"Your disk is encrypted, great, let me just upload all your files to onedrive to bypass it"

Glad to know they're making Windows Vista look user friendly in comparison.

If someone stole my laptop, they'd get my meme folder and think the bad guy is a real cool guy instead of me. 😭

This article is not entirely correct. Windows has two versions of encryption: - Device Encryption - BitLocker Device Encryption is available on any version of Windows as long as the device supports it. Most laptops support Device Encryption, most desktops do not. BitLocker is only available on Windows Pro and above. The vast majority of Windows users do NOT support BitLocker. Going forward, let's not confuse Device Encryption and BitLocker. Device Encryption is automatically initialized on all eligible devices, at least for all Windows 10 builds from the last 4 years. If you setup a local account then Device Encryption will never encrypt the drive: Device Encryption is initialized but will not encrypt the drive unless you sign into a Microsoft Account. Because the encryption key is stored in your Microsoft Account, there is always a way to recover the key. To enable BitLocker, you have to go through a setup wizard that gives you multiple options to backup your key in addition to backing it up to your Microsoft account. Also recall that Windows Home does not have BitLocker so most users can't even use BitLocker. I'm not sure why this is an article now...Device Encryption has been pre-inititialized for at least the last 4 years. I think the issue is that people are confusing BitLocker and Device Encryption. Lots of misinformation is being spread about encryption because of these articles.

And you better believe that they'll provide law enforcement with a backdoor to gain access to the encrypted data when they need it.

Microsoft, chill. I already decided I'm staying on Windows 10! You didn't need to give me more reasons to avoid 11 entirely 😂

As an IT tech I can already tell you Microsoft is gonna walk this back after the hundreds of calls from Grandma and Grandpa asking “WHY MY GOSH DARN PICTURE BOX ASKING FOR A KEY TO A BIT OF A LOCKER?!?!?”

Do yourself a solid right now if you're running windows: 1. Open an administrator command prompt 2. Run the following: "manage-bde -protectors C: -get" 3. document that shit (on paper) so you don't get got by windows 11 As long as you aren't signed into your microsoft account, and are using a local account on the PC, your recovery key ***shouldn't*** be in microsoft's possession Love your content, Mr. Outlaw. Keep it coming.

You think that Linux would have a hard time advertising themselves, being open source and all, but Microsoft is doing a good job of it for them 😂

Remember, the corporation knows what's best for you!

When I bought my laptop, it had Windows 11 installed by default. First thing I did, was I switched it to Windows 10. I am validated on that decision every day.

I love when they Force "Features" on me, I never asked for nor wanted. Its giving me the Ransomware Vibe tbh.

Ugh Microsoft WHY!? As someone that used to work on repair computers as a job, Recovering data was one of the things I did most. People are going to lose data over this, and there's going to be tears over this. Its wasn't unusual I'll get people who just want to recover photos from a family members computer that has recently died! I'm seriously thinking about going over to my family's house and stealth installed Linux on their computers and put a skin over it to make it look like windows, then just setup the router to let me ssh into those computers so I can maintain them. I doubt they would ever know, as only thing they ever do pretty much is open a web browser and print.

This happened to my sister. The hard drive broke, and we had to use the bitlocker key to unlock it,even though we NEVER activated it! Turns out it was on by default. But because I installed her windows without a Microsoft account, it was NEVER said to me that bitlocker was on and that I should save the key ANYWHERE, and it didn't get saved in the Microsoft account, well because there wasn't one. She lost every file on there at a a point where it was really really needed...

"We're so sorry, your PC will not be able to run windows 11 :(" -Microsoft Oh.. oh no.. How awful. What ever shall I do?

Windows is now officially less novice friendly than many Linux distros.

Imagine allowing a company as malicious as Microsoft to have full access to encrypt YOUR data. Always encrypt your own data, that way any and all security breaches are on YOU.

If Microsoft really wanted to do encryption by default - honestly not the worst idea - it should ideally only encrypt the user directory, so that a tech support person can still resolve OS issues without the key.

If you don't have backups, you are playing with fire.

As someone who works in IT, bitlocker sucks to deal with. Atleast for my job, stuff it automated where we have these keys in a database... except when it isnt there. When I hear bitlocker, I always bring the key and a fresh cmos battery since 9 out of 10 times, its an issue with TPM being disabled from a dead battery.

It already does this by default. We usually get at least one bitlocked system a week. Most users end up needing to reset their forgotten MS account password, but we can eventually recover the key. But every few times we get people that only had a local account and had device encryption added anyway. It’s never fun to realize that and tell them there’s no way to recover the data

10ys ago my friend lost 500GB of personal data stored on the encrypted D: partition because the C: partition (where bitlocker stored the key file) was endamaged, he had to reinstall Windows and found no solution to recover the data from encrypted partition. Now when I create a bootable USB with rufus, I always enable the option to disable bitlocker, it can be enabled later if needed.

If Windows honestly just gave people an encryption key with their Win11 install, it'd be seen as a "physical key to unlock your copy of windows". It's what I did back in win7 and I actually enjoyed Bitlocker. But to make it mandatory, basically holding people's pcs like ransomware is dystopian as hell. I hate that I'm on Win11, but I don't like linux's interface even with distros like Ubuntu and Mint. I just want Windows 7 but with modern applications and without the dystopian stuff that comes with it.

Oh boy, I can't wait to not be able to recover a thing when Grandma manages to render her PC unbootable again.

When I was working with an MSP we had bit locker on all devices. Some smart cookie who setup our remote management solution made the remote management service capture the bit locker key every time it was setup. Saved our asses hundreds of times

Don't you just love when corporations give an illusion of pretending to care about privacy? I haven't commented in months btw

The easy thing for Microsoft to do would be to make the default recovery key the same password that you use to log in to your computer. Since this Password is needed every time you boot the Computer every user should have remembered it. And for professionals just offer the option to generate a random safe password like the one shown in the video.

I jumped through the hoops required to set up a Windows 11 laptop without a Microsoft account for a relative only for them to get that blasted Bitlocker screen months later out of nowhere. Had to reset the PC, losing all data and learned how to manually get the goddamned recovery because it was never volunteered by the system. Thankfully they didn't have anything important on the device, but damn that was a chilling experience. Fuck Microsoft.

I found that when people by new PCs, Encryption is already active on the installed system-and Windows is not: “Oh, you've just created your account, so you should save your recovery key“, no, many people don't even know that it’s active already. They just want to push a lot harder for people to have this Microsoft Account. (Had also a colleague, where the recovery key WASN’T saved in the microsoft account.)

I'm still 19 and was just at a PC repair store for 2 weeks. In that time, I helped multiple people discover they have a Microsoft account :D

The whole idea is to force you to use a Microsoft account so that your data is "backed up" to onedrive - This way they can charge you for the service and make more money!

Tip for Beginner Linux users. Almost every distro (Ubuntu, Zorin, Fedora) has almost every desktop environment (KDE, Gnome, XFCE). If you don't like how it looks, you can change without changing distro. I personally recommend Linux Mint (Cinnamon) or Kubuntu (similar to Steam Deck OS) for newbies. For games, Steam can play almost everything. Istall Steam using terminal or your distro's store app. Change compatibility to proton to play Window games. And you can add non-Steam games (eg. Blizzard, EA) to your library, Steam will also try to use proton to run it too.

I did 10+ years of technical support for a major ISP and we occasionally got someone calling, usually elderly or particularly non-tech-savvy, whose computer had some sort of problem causing it to come to the infamous enter Bitlocker Pin screen. There were a few of them who said they had even called their PC's tech support and been told to go online to find the pin and when the PC tech support person deemed that the poor soul couldn't get online they determined it was not their issue and was instead our companies issue lmao

It's far worse than it seems. In case of the home version, drive gets automatically encrypted, but you can't finish the encryption process without logging into the MS account. Without the MS account you can't, by any means possible, export the generated recovery key, even with the CLI tool. So your drive is encrypted, but there's no way to decrypt it with key. You can - fortunately - decrypt the drive without it if you can boot into Windows.

I’ve been using Windows 10 for half a decade now, and it’s worked great, but if this is how they’re gonna treat Windows 11 I might as well switch to Linux when they stop updating 10.

It's baffling that microsoft avertises this as secure in any way when I not even a week ago saw a video of a guy using a raspberry pi pico with spring contacts to rip bitlocker keys while they were being moved from the TPM to the CPU at boot. It took him forty seconds to bypass this feature, let that sink in. Video here for those who want to watch it: kzbin.info/www/bejne/rYXPZal7msmhobM

I had an internship at a small data recovery company and a lot of devices we had coming in, were because people spilled coffee over their laptops. Generally no biggie, just pop the drive out, dock it, clone it and then start recovery on the clone. Most people didn't run encryption, so recovering their holiday pictures and what not, was generally a breeze. This change, however, will make things quite a lot more difficult...

Lost my entire family photo collection and whole dj music library. Haven't been the same since.

Full disk encryption isnt safe either. It at times does not even take a month for a new encryption model to be broken and distributed on the dark web. This is just more Microsoft forcing really bad options upon people turning Windows into even larger bloatware with an ever increasing number of security flaws and intrusive "features".

I just couldn't suffer windows 11 anymore. My asus zenbook kept constantly crashing despite resetting it multiple times. Heated up like a kettle on idle workloads and the battery kept draining very quickly (within 2-3 hours). I nuked everything on my hard drive and installed linux. What a god damn difference! All of the above issues are gone and my battery now actually lasts 5-6 hours.

Welp. Time to switch to linux. Really is the year of linux.

Windows wants to become macos, but it's entirely different paradigm: Windows laptops will still be stolen and even decrypted(via vulnerability), unless Microsoft starts doing "genuine part" crap like apple does. And it will reduce gaming performance (probably the reason #1 why people use windows computers at home).

I remember almost losing my data because of this "feature" it took me the better part of the day to find the "key"

the recovery key not being the admin user password is a good idea for professionally or techie managed machines, terrible for literally the other 90% of humans

I'm very grateful to Microsoft for this change. This is the single best thing to happen to Windows in a long time. Because of this change, my dad has switched to Linux. If a nearly 70 year old man who only knows how to use Windows XP for taxes and web browsing can switch to Linux, so can you.

Data Recovery engineer here: I would say about 30-40% of cases where a drive comes in with BL encryption, we hit this same issue and those poor souls are SOL. Sometimes they can send in their whole laptop and their TPM will unlock it, but anyone who's PC/Laptop was damaged or destroyed are screwed out of their data. Enabling encryption by default for the base consumer is a nightmare

This is an example of why I’ve made a rule for family and friends that if I didn’t set up the computer or if someone else has done ANY configuration work on it then I won’t fix any problems. Even if I know how to fix it. I’ll wipe back to bare metal and reinstall, that’s it. Bitlocker makes sense in a corporate environment, where you’ll probably have a similar rule around support and be restricted from being able to do anything too destructive, not on a home PC.

Is Microsoft actively trying to reduce their install base over time? I'm perplexed at the decisions made especially over the last 5 years and for anyone who just needs a computer for internet and office applications then there are a number of Linux distros that are easy enough to get running with.

Why can't it be a one click choice in the install menu, something like "Use Bitlocker, keep your data secure" or "Don't use BitLocker, protect against data loss"

Security also stands for Availability, and they are forgetting that when your average user has the risk of losing their information

Steinberg took years to release a version of thier Cubase music production software that could remotely run on windows 10, and as a musician who does nothing but browse the internet and make music on my PC, I'm sticking with windows 10... the nightmare I've had every time I "upgrade" windows with audio interfaces is soul destroying!

I once had bitlocker enabled (it was default) and the pc was set up with my personal Microsoft account. I had also entered the school account somewhere in settings, assuming this would maybe make logins a bit smoother (don't ask what exactly I expected). Later, I tried out a Linux distro (usb-booted) and bitlocker locked the device. It took 3 days to find out the key wasn't stored on my personal account but my school account and the PC was basically bricked until then.

Microsoft never fails when it comes to taking Ls

As an IT Security Professionial that utilizes Bitlocker for most of my clients i can tell you that Microsoft started enabling Bitlocker by default awhile back but NOT in the form that is discussed here. Systems would come with it set up but NOT activated. That setup allowed the system to unlock itself without a dedicated password which seems completely useless to me since it protected nothing upon startup. Now if you altered the BIOS it would trigger the Blue Bitlocker screen requiring the key. So what i did to elevate this problem completely is disable Bitlocker in it's default form for anyone that didn't want to use it. And for those that did, i would disable and then reenable it with additional security measures within the policy editor so that the client could have a defined password with the backup key printed out to be put into a safe within their home if they ever forgot their pass phrase. Of course as a Linux user i would always recommended switching over to Linux to use LUKS since it's NON propriety but since most users won't do that, i made Bitlocker work to best fit their needs.

As someone who works in tech the amount of people that have accidentally set up bitlocker and don’t know the passkey or can’t access their Microsoft account. The amount of times I’ve been screamed at because they lose their data because Microsoft doesn’t make it ABUNDANTLY CLEAR what they are setting up. If this is a requirement, they need to make it so that there’s an unskippable video that plays before setting it up properly explaining what bitlocker is and how important keeping the Key is.

This happened with one of my computers back around 2017, device encryption was enabled, I was never told it was enabled, and I lost a significant amount of data.

Everyday, what Windows does nowadays just encourages me more to use linux.

I do IT support for work. Ive seen bitlocker prompts come up for literally no reason at all.. I expect some boomers will just buy a new laptop when that screen comes up.

BitLocker it's only on Windows 11 Pro and above. So this it's not a problem for the other versions of Windows 11. The article refers to Device Encryption, which is different from BitLocker. Device Encryption has been enabled on eligible devices since the release of Windows 8.1 in 2013. This feature continued to be available in subsequent Windows versions, including Windows 10 and now 11. Since Device Encryption stores your encryption key in your Microsoft Account, you can always recover the key. Therefore, as long as you sign into your Microsoft Account, Device Encryption will not encrypt your drive automatically.

I'm sure that grandma will navigate this situation flawlessly. 😂

I hate when bitlocker was enabled by default on a dell laptop. In first day, i wanted to disable it right away.

Already happened to with a preinstalled windows 11, the bios got updated and it asked for bios key, so I had to reinstall, thx for keeping the pc safe from it's owner.

If you're worth your money as a tech, you can extract the bitlocker key from the TPM because it's broadcast in cleartext over SPI or LPC during boot. This is basically guaranteed because boomers never use a startup password with bitlocker.

Microsoft Bitlocker once destroyed my company laptop, now we use LUKS

Another reason why I’ll never upgrade to windows 11 from 10 since it’s easy to despook it.

Time for a class action lawsuit

Happen to many friends and coworker, the computer broke and they didn't know they have this extortion by default.

When WINE can run absolutely any Windows application without issue (that aren't already present normally), Windows will be finished. There'd be no reason to NOT install Linux.

I've had a management person, who's laptop required the recovery key to be entered at boot, file a complaint because I could not unlock it without the recovery key.

"if you dont have a backup" Yeah like the people who aren't backing up their bitlocker have a backup of their user profile 🤣

BitLocker was originally a feature exclusive to the pro versions of Windows that were activated and it was enabled by default on my Dell G15 laptop from late 2021 which had Windows 11 pre installed.

Drive Encryption should never be an automatically applied feature of your Operating System, it should be a conscious decision you make during device setup and you should have the option to decline the feature. I will certainly immediately disable it if an update turns it on. One Drive is also pretty much automatically turned on when you set up your device with a Microsoft Account Login , this also causes many headaches as you most assuredly know, ask the average person if he is using One Drive, most reply that they don't know. I have to deal with these issues almost daily.

idk if this is mentionned later in the video but, this is especially infuriating for me because turning off bitlocker once its already enabled takes HOURS to de-encrypt even on an ssd. i recently had to swap drives for more storage space and apparently my device had it enabled, it took SO LONG to finish, im talking hours

Microsoft preparing for the Windows subscription. So if you dont pay you would be locked out of your computer, lol.

As someone who spends a lot of their time on the PC, I don't really care about bitlocking. If someone steals my PC they would likely just format and resell it. Chances of it getting to someone who could actually leverage the sensitive data on there (email login cookies for example) are negligible. I would also immediately change all my important passwords if my PC/phone gets stolen just to make sure.

I haven't seen such a stupid idea in a good while to be honest

michaelsoft binbows at it again

Full disk encryption is good... ...until you need to find the damn key.

I have to admit at 65 years old that I'm the IT for many of my Church members as well as a few outside of my church . As I haven't father any children, I need to keep up with the trouble that Microsoft keeps cooking up . I appreciate the information I get from you as well as other on this platform . Thank you ...