Microsoft released its latest version of its operating system with the feature of encrypting the whole disk (Don't confuse it with Bitlocker). Recently it has been stated that Microsoft backs up the encryption keys on its server.
Microsoft if installed will encrypt the whole disk and the encryption key will be saved in their server as a backup option. This can possess a serious threat if
Any rogue insider can misuse it.
Any spy agencies can access the data with the backed up keys if allowed.
If Microsoft is hacked then the damage may be on large scale.
There is option available to stop the machine from sending the keys to Microsoft server and it can be achieved by
Turn off the Bitlocker (This will decrypt the entire disk)
Turn on Bitlocker again
Then it will ask you whether to send the data or not (Do not select "Save to your Microsoft Account").
The reason turning off and turning on again will make the backed up key of no use and we are using a fresh key and then we are telling not to store it in Microsoft Account.
If you want to delete the keys that are stored already in Microsoft server then you can login to your Microsoft Account. Then you will find the recovery keys backed up. Store them locally into your machine and then delete them.
Before making any changes ensure you know what you are doing as this may lead to some damage if misused. The Author is NOT RESPONSIBLE for any damage occured due to the execution of this article.
P.S : The post is to create awareness and not to create any negative impact.
No comments:
Post a Comment