this post was submitted on 04 May 2025

1215 points (97.1% liked)

linuxmemes

24828 readers

555 users here now

Hint: :q!

Sister communities:

Community rules (click to expand)

1. Follow the site-wide rules

Instance-wide TOS: https://legal.lemmy.world/tos/
Lemmy code of conduct: https://join-lemmy.org/docs/code_of_conduct.html

2. Be civil

Understand the difference between a joke and an insult.

Do not harrass or attack users for any reason. This includes using blanket terms, like "every user of thing".

Don't get baited into back-and-forth insults. We are not animals.

Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.

Bigotry will not be tolerated.

3. Post Linux-related content

Including Unix and BSD.

Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.

No porn, no politics, no trolling or ragebaiting.

4. No recent reposts

Everybody uses Arch btw, can't quit Vim, <loves/tolerates/hates> systemd, and wants to interject for a moment. You can stop now.

5. 🇬🇧 Language/язык/Sprache

This is primarily an English-speaking community. 🇬🇧🇦🇺🇺🇸

Comments written in other languages are allowed.

The substance of a post should be comprehensible for people who only speak English.

Titles and post bodies written in other languages will be allowed, but only as long as the above rule is observed.

6. (NEW!) Regarding public figures

We all have our opinions, and certain public figures can be divisive. Keep in mind that this is a community for memes and light-hearted fun, not for airing grievances or leveling accusations.

Keep discussions polite and free of disparagement.

We are never in possession of all of the facts. Defamatory comments will not be tolerated.

Discussions that get too heated will be locked and offending comments removed.

Please report posts and comments that break these rules!

Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't remove France.

founded 2 years ago

MODERATORS

[email protected]

1215

Microsoft secured my files! (lemmy.world)

submitted 3 days ago by [email protected] to c/[email protected]

168 comments fedilink hide all child comments

Back in January Microsoft encrypted all my hard drives without saying anything. I was playing around with a dual boot yesterday and somehow aggravated Secureboot. So my C: panicked and required a 40 character key to unlock.

Your key is backed up to the Microsoft account associated with your install. Which is considerate to the hackers. (and saved me from a re-install) But if you've got an unactivated copy, local account, or don't know your M$ account credentials, your boned.

Control Panel > System Security > Bitlocker Encryption.

BTW, I was aware that M$ was doing this and even made fun of the effected users. Karma.

top 50 comments

sorted by: hot top controversial new old

[–] [email protected] 12 points 1 day ago* (last edited 1 day ago)

Bit late to this thread but I know a few commands that might help if you're stuck:

manage-bde -off C: (or any other drive) This decrypts the volume and turns off bitlocker

manage-bde -lock/unlock

manage-bde -protectors -get C: (or any other drive) This displays your 48-digit key. I suggest you store it somewhere, just to be safe.

Get-BitlockerVolume reveals which of your partitions are encrypted with Bitlocker.

Disclaimer: I am not a terminal nerd, I just had similar problems years ago and went down the rabbit hole, used these commands and turned off bitlocker permanently. I don't use windows anymore, but when I did, it didn't cause any problems with bitlocker after this. If you're concerned about your un-encrypted hard drives, consider using Veracrypt (carefully!) or similar open source encryption software.

[–] [email protected] 24 points 1 day ago

Windows is the virus.

[–] [email protected] 15 points 1 day ago (2 children)

Fuck Microsoft.

I remember back in highschool a buddy encrypted his harddrive, didn't backup his key. He Lost ALOT when I upgraded his comp

[–] [email protected] 6 points 1 day ago* (last edited 1 day ago) (1 children)

But how is that relevant to your 'Fuck Microsoft' if he knowingly encrypted his device, which is how you make it sound?

I've enabled FDE on one of my Linux devices, I've already had to mount the filesystem in a rescue environment once because a failed update caused the system to be unable to boot. I would also have been hosed if I had lost the encryption key. Ok not really, because that's what backups are for, but you hopefully get the point.

[–] [email protected] 2 points 1 day ago (1 children)

From what I gather though other memes, It looks like Windows 11 is enabling Bitlocker by default.

[–] [email protected] 2 points 1 day ago

I know, and the 'fuck Microsoft' is completely warranted for that. But shouting that and then coming up with a story where somebody enabled it themselves and subsequently lost their key, that doesn't make a lot of sense. Unless it was to illustrate the dangers of FDE, but in that case the point could have been made a bit clearer.

[–] [email protected] 1 points 1 day ago

That's not a Microsoft issue. Loose your key and the door will stay close whatever it is.

[–] [email protected] 5 points 1 day ago (1 children)

I mean you can write your Bitlocker key down and store it safely or put it somewhere else safe.. Lol

[–] [email protected] 10 points 1 day ago

The main problem here is Bitlocker is being turned on by default on fresh 24H2 installs, most people that don't know how to bypass the online account requirement are making burner Microsoft accounts (Boomers), therefore do not know the credentials in 3-4 years when their computer needs a repair.

[–] [email protected] 3 points 1 day ago* (last edited 1 day ago)

Alright, lol, I'll be the guy

Hey OP, ever heard of Linux?

[–] [email protected] 37 points 2 days ago

[–] [email protected] 7 points 1 day ago

I've been preaching about this for a while. Many modern systems are getting bitlocker turned on by default.

If your system gets messed up, or simply won't start because of some security vendors bad update, goodbye data. You need the recovery key, and if you don't have it, you'll never see your bits the the correct order again.

[–] [email protected] 222 points 3 days ago (9 children)

They also do spyware. They just renamed it "AI."

[–] [email protected] 89 points 3 days ago (3 children)

and also Recall

load more comments (3 replies)

load more comments (8 replies)

[–] [email protected] 16 points 2 days ago (2 children)

I just leave secure boot/bitlocker off when it comes to my home system. It wasnt something I "needed" when I was dual booting windows 10 and it's not something I'm gonna enable now that I'm using 11.

[–] [email protected] 18 points 2 days ago (1 children)

It’s not ”leaving bitlocker off”, though. It’s ”be aware about it and turn bitlocker off manually” since it’s enabled by default in the latest updates.

[–] [email protected] 3 points 1 day ago* (last edited 1 day ago)

That's false. My Windows partition didn't magically enable bitlocker and I'm on 24h2. LTSC build and local account tho.

[–] [email protected] 7 points 2 days ago (1 children)

I tried having it on my new laptop for a bit. It took like a week for Windows to kill the secure boot key for my Linux partition. Even after I disabled secure boot I couldn't get it to boot up so I had to reinstall. Just left it turned off afterwards.

[–] [email protected] 8 points 2 days ago

Its just not worth the trouble for a home pc imo

[–] [email protected] 133 points 3 days ago (6 children)

load more comments (6 replies)

[–] [email protected] 94 points 3 days ago (15 children)

They desperately wanted to eliminate personal computers and replace them with dumb terminals running over the net.

When the public rejected this idea

THIS is their response. They are still insisting on total control of our computers.

[–] [email protected] 37 points 2 days ago (15 children)

They desperately wanted to eliminate personal computers and replace them with dumb terminals running over the net.

I don't know about that.

Dumb terminal concept was more what Chromebook was doing.

Microsoft is doing something even stupider.

[–] [email protected] 3 points 1 day ago

MS execs blathered about "the age of software running locally being over" long before Chromebooks.

load more comments (14 replies)

[–] [email protected] 155 points 3 days ago (1 children)

Holy shit, they automatically activate it on computers without an account to back the key up to?

That's just malicious

[–] [email protected] 97 points 3 days ago (3 children)

IIRC, they only do this if you're logged in with a Microsoft account.

Bitlocker is disabled by default if you only use local accounts

load more comments (3 replies)

[–] [email protected] 26 points 2 days ago

This happened to me once and I had to redo my coursework over the weekend...now I use Fedora :D

[–] [email protected] 76 points 2 days ago (4 children)

Just checked my wife's laptop. Local account, secure boot off, windows 10. It had a message telling me to setup a microsoft account to 'finish encrypting the device'. I clicked turn off, and it's currently decrypting the hard drive. Blech.

load more comments (4 replies)

[–] [email protected] 14 points 2 days ago

This has been happening to people randomly for years. Ysed to get calls about it all the time, and that was pre-covid

[–] [email protected] 14 points 2 days ago (1 children)

Always have backups! Doesnt matter what OS you use, stuff will break eventually.

I prefer bootable full system images to my NAS for easy restores, and online file backups, both running daily.

[–] [email protected] 2 points 1 day ago (1 children)

3-2-1 rule : 3 backups 2 different types of storage 1 copy off-site

[–] [email protected] 3 points 1 day ago

Yup, I treat the '3' as 3 copies of data, so the first copy is just my working system, and the other 2 are various backups.

[–] [email protected] 6 points 2 days ago (2 children)

I got into coding in the last few days. I have a project. Bumping into this while I'm trying to learn this shit? Fuck me. You know, we could just stop using money

[–] [email protected] 2 points 1 day ago (1 children)

No, we can't. Otherwise how would people like Elon and Bezos know that they're better than us?

[–] [email protected] 1 points 1 day ago

Their good looks, obviously

load more comments (1 replies)

[–] [email protected] 25 points 2 days ago (2 children)

I just installed Manjaro on my daily driver over the weekend. My entire steam library just works. My dev tools all work(better) on Linux, and free office is nice and familiar. Fuck widows.

[–] [email protected] 1 points 1 day ago

Bazitte ! Try Bazitte.

[–] daftpuggi 14 points 2 days ago

Give them time to mourn first, but then fuck widows :D

[–] [email protected] 11 points 2 days ago

Regarding your last sentence, something similar happened to me with OneDrive. I mocked people thinking surely they enabled something by mistake. Nope. The defaults and general behavior are just that wacky. Glad I'm off Microsoft now.

[–] [email protected] 56 points 3 days ago (7 children)

Meanwhile in Linux with luls, which I've had since a pre-pre-pre version somewhere back in the early 2000's, I can have multiple keys, all works like sunshine, never had problems.

On windows... So we work with highly sensitive data, and ever since I came in I thought it insane that people working remote don't have that highly sensitive data encrypted. We can't switch Linux yet, so okay, we go for BitLocker.

Boy oh boy oh boy was that a mistake.

50 remote users, 5 get encrypted devices with BitLocker as a trial and within a month, 3 of them already got locked up permanently because apparently it'll pwrma lock itself after x amounts of invalid passwords which is just incredibly stupid. But don't worry, there is a backup key! Yeah, that is lie 48 characters that we'd had to pass by phone and they have to type it flawlessly.

Suffice to say, the remote users will be running Linux soon, like it or not.

load more comments (7 replies)

[–] [email protected] 25 points 2 days ago

I've actually had this occur before to a machine I specifically disabled the tpm on so that it wouldn't happen (it was an account less frozen kiosk). I was fuming the entire time I spent rebuilding it.

load more comments