Back in January Microsoft encrypted all my hard drives without saying anything. I was playing around with a dual boot yesterday and somehow aggravated Secureboot. So my C: panicked and required a 40 character key to unlock.

Your key is backed up to the Microsoft account associated with your install. Which is considerate to the hackers. (and saved me from a re-install) But if you’ve got an unactivated copy, local account, or don’t know your M$ account credentials, your boned.

Control Panel > System Security > Bitlocker Encryption.

BTW, I was aware that M$ was doing this and even made fun of the effected users. Karma.

  • carrion0409@lemm.ee
    3·
    18 minutes ago

    I just leave secure boot/bitlocker off when it comes to my home system. It wasnt something I “needed” when I was dual booting windows 10 and it’s not something I’m gonna enable now that I’m using 11.

  • Mustakrakish@lemmy.world
    7·
    2 hours ago

    This has been happening to people randomly for years. Ysed to get calls about it all the time, and that was pre-covid

  • MangoPenguin@lemmy.blahaj.zoneEnglish
    3·
    2 hours ago

    Always have backups! Doesnt matter what OS you use, stuff will break eventually.

    I prefer bootable full system images to my NAS for easy restores, and online file backups, both running daily.

  • JackbyDev@programming.devEnglish
    5·
    3 hours ago

    Regarding your last sentence, something similar happened to me with OneDrive. I mocked people thinking surely they enabled something by mistake. Nope. The defaults and general behavior are just that wacky. Glad I’m off Microsoft now.

  • randomname@sh.itjust.works
    2·
    3 hours ago

    they’ve been doing this for a long time. the issue you are having is the reason I keep bitlocker disabled on my desktop. on devices that can be stolen I still use it.

  • sbird@lemmy.worldEnglish
    21·
    7 hours ago

    This happened to me once and I had to redo my coursework over the weekend…now I use Fedora :D

    • REDACTED@infosec.pubEnglish
      11·
      5 hours ago

      Do home versions even come with bitlocker? There might be nothing to adjust

      • Vahenir@lemmy.world
        5·
        4 hours ago

        They do and it auto activates when you add a Microsoft account. It cannot be turned off on the home edition as it doesn’t have the full bitlocker settings. Came across this one on some machine i was working on a while ago and i ended up having to pull the SSD from the customers machine and plug it into something with pro to actually disable bitlocker.

  • spicehoarder@lemm.eeEnglish
    19·
    10 hours ago

    I just installed Manjaro on my daily driver over the weekend. My entire steam library just works. My dev tools all work(better) on Linux, and free office is nice and familiar. Fuck widows.

  • Dimi Fisher@lemmy.world
    91·
    10 hours ago

    I still don’t understand why there is no other mainstream os in competition alongside MS except IOs, I wouldn’t call Linux mainstream of course, don’t you think that’s a bit weird?!

    • superkret@feddit.org
      21·
      3 hours ago

      If you don’t just look at desktop computers, GNU/Linux and Android/Linux are the most used operating systems in the world (not sure which is in the lead).
      If you look only at desktop computers, the most used OS is Minix, which is installed on most Intel CPUs and motherbords.

    • Dragonstaff@leminal.spaceEnglish
      3·
      5 hours ago

      MS abused its monopoly in the 90s. The Clinton administration was too lenient, then the Bush admin kowtowed completely. Now, there’s largely no chance for another operating system to compete.

      • Dimi Fisher@lemmy.world
        1·
        5 hours ago

        Why so! and what Clinton and Bush have to do with an operating system that is used globally!? I think you overestimate MS

        • jnod4@lemmy.caEnglish
          5·
          5 hours ago

          Right wing politicians will always be in favour of big corporations, they pay good money

          • TheOakTree@lemm.ee
            1·
            3 hours ago

            And big corportations will always pay good money, so long as it makes/saves them money in the future

    • spicehoarder@lemm.eeEnglish
      121·
      10 hours ago

      Microsoft is almost good as dead. These days, Linux takes just as much maintenance as XP used to. They’ve got maybe 5 years left until laptops start shipping with alternatives to Windows. My bet is it’s going to be SteamOS.

      • superkret@feddit.org
        1·
        3 hours ago

        Microsoft is thriving and will continue to do so, just probably on machines running Linux.
        They get paid $$ per month per employee by most businesses in the developed world.
        There is a mature alternative to desktop Windows now. But there isn’t for AD, Azure, Exchange, Kerberos and M365.

        • spicehoarder@lemm.eeEnglish
          2·
          2 hours ago

          My bad, I meant their consumer grade stuff.

          I would generally agree with you on their cloud/server solutions. However, I do think AWS will get there some day.

      • weissbinder@feddit.org
        3·
        8 hours ago

        I have way less maintenance to do than on my old XP machine.

        And considering all the shenanigans Microsoft does starting with 10, I guess this still holds up.

      • Matt@lemmy.ml
        21·
        8 hours ago

        Maybe SteamOS Lite if the device doesn’t have a proper GPU.

  • Ptsf@lemmy.world
    24·
    13 hours ago

    I’ve actually had this occur before to a machine I specifically disabled the tpm on so that it wouldn’t happen (it was an account less frozen kiosk). I was fuming the entire time I spent rebuilding it.

  • yaroto98@lemmy.orgEnglish
    73·
    17 hours ago

    Just checked my wife’s laptop. Local account, secure boot off, windows 10. It had a message telling me to setup a microsoft account to ‘finish encrypting the device’. I clicked turn off, and it’s currently decrypting the hard drive. Blech.

  • UncleGrandPa@lemmy.worldEnglish
    883·
    18 hours ago

    They desperately wanted to eliminate personal computers and replace them with dumb terminals running over the net.

    When the public rejected this idea

    THIS is their response. They are still insisting on total control of our computers.

    • toastmeister@lemmy.ca
      10·
      12 hours ago

      Not to mention DRM. They want to own your computer and prevent any kind of modification so that movie producers give them money.

    • VitoRobles@lemmy.todayEnglish
      34·
      17 hours ago

      They desperately wanted to eliminate personal computers and replace them with dumb terminals running over the net.

      I don’t know about that.

      Dumb terminal concept was more what Chromebook was doing.

      Microsoft is doing something even stupider.

      • jim3692@discuss.online
        2·
        6 hours ago

        I think they want you to only use Windows and pay for cloud storage.

        By enforcing BitLocker and Secure Boot, they are trying to eliminate dual-booting (you don’t need to dual-boot Windows/Linux anyway, as you can just use WSL2 /s).

        By enforcing disk encryption, in general, they try to force the use of cloud storage, by making data recovery nearly impossible. Most people are probably too lazy to buy external storage, and manually copy their files over.

        This guarantees 2 money streams. One from Windows’s tracking/advertising and the other from OneDrive subscriptions.

      • CafecitoHippo@lemm.eeEnglish
        8·
        16 hours ago

        Dumb terminal concept was more what Chromebook was doing.

        I mean, for a lot of people they’re fine especially if they’re priced appropriately. Especially with a lot more software as a service out there. My problem is that all of them have a built in drop dead date on when they’re going to stop getting updates and there’s not really a great option for the devices post ChromeOS.

        ChromeOS certainly can be a good system. I still have my old CR-48 from when I got selected to test the OS and even when it was in its infancy, it was solid. I used it for a lot of my college career because it was better than my Asus eeePC which had Ubuntu on it.

        • DFX4509B@lemmy.orgEnglish
          6·
          11 hours ago

          Good luck locking loose mainboards sold for the DIY market, which don’t come with anything installed by default, to a given OS, the only way that could maybe work is forcing the OS in ROM.

          Another way would be to discontinue the socketed desktop form factors and replace them all with mini PCs that are as locked down as the current Macs.

          • brbposting@sh.itjust.worksEnglish
            5·
            11 hours ago

            Thinking for two seconds:

            MS pays Google to start enforcing some device verification thing so you can only view a good chunk of the Internet if you pass verification? (Assumes Google goes even harder making the web Chrome-focused)

            Ooh Cloudflare could be invited to the party here too. Constant CAPTCHAs if you’re not on an MS AUTHENTI-PC! device. (Think Private Access Token)

            …fill in the gaps friends 😉 you know MS has already debated all your “suggestions” anyway

            • theblips@lemm.ee
              3·
              4 hours ago

              Google already does precisely that with their “open source” mobile OS. People underestimate how easily these guys can ruin stuff

            • DFX4509B@lemmy.orgEnglish
              2·
              11 hours ago

              So you’re suggesting MS will somehow block non-Windows OSes from installing, even on hardware like loose mainboards for building your own PC with, or even on barebones mini PC kits or certain laptop SKUs, which don’t ship with an OS installed to begin with and expect the user to install it themselves? I mean, unless something extreme happens like changing the entire PC platform to be like the current Macs, that won’t be feasible.

              Also, doing that would kill the Steam Deck which I doubt Valve would take sitting down.

              • Something Burger 🍔@jlai.lu
                4·
                8 hours ago

                SecureBoot pretty much does this. There is nothing preventing motherboard manufacturers from blocking adding non-MS keys if they wanted to.

                • DFX4509B@lemmy.orgEnglish
                  1·
                  6 hours ago

                  Except AFAIK loose mainboards aimed at the DIY market, as well as barebones kits, don’t ship with SecureBoot turned on by default and an off switch for that is mandatory to the PC spec.

        • FartsWithAnAccent@fedia.io
          43·
          23 hours ago

          It logs literally everything you do with screenshots, then sends it to M$ despite their assurances that it would be local only.

          Super invasive!

          • Ephera@lemmy.mlEnglish
            3·
            22 hours ago

            I’m not aware of them uploading the screenshotted data, not for now anyways.

            • GoodLuckToFriends@lemmy.todayEnglish
              12·
              20 hours ago

              The data is indexed and parsed somehow. The last report on it that I saw had a picture of a semi-famous person be properly indexed under the person’s name, despite it being a picture that was taken by the person talking about recall, which means the image was not public. Whatever recall was doing, it analyzed the picture, and that’s probably not a local process.

        • Ephera@lemmy.mlEnglish
          12·
          22 hours ago

          It takes a screenshot every five seconds and runs an LLM over it to extract text. Then there’s a UI where you can query it for what you did in the past.

          It came under fire when they wanted to introduce it last year, because it stored all that data on your disk in unencrypted form. Meaning if anyone manages to run malicious code on your system, they don’t need to do the collecting themselves anymore, but can rather just send off any screenshotted passwords or whatever other secret things you might’ve been doing on your PC at any point in time. In particular, Microsoft had claimed that the data would be encrypted and it wasn’t. Didn’t even need special permissions to access it.

          No idea, if they fixed the encryption now, or if this is just a case of the shitstorm having died down, so they roll it out now. But yeah, even with encryption, the implications aren’t great. If your parents or boss or law enforcement want to know what you were doing on your PC, they now have an exact history. And Microsoft could still change their mind and decide to upload all your data at any point in the future.

            • Ephera@lemmy.mlEnglish
              2·
              12 hours ago

              Yeah, good question. I imagine the screenshotting itself is largely negligible, although obviously not free either. I don’t know when the LLM gets to do its job. Theoretically, it could be delayed until some point where there’s not much going on on your PC.

              At some point, Microsoft wanted to roll out these AI features only on PCs which have an NPU, which is basically an additional CPU with a different architecture optimized for pattern recognition and such. I don’t know, if they still hold onto that requirement, but it would mean that it wouldn’t hog your CPU at least.

              They have been somewhat desperate to roll out Recall, because it was the only semi-useful out of a handful of features that they came up with to somehow integrate AI into Windows. So, that’s why I’m never quite sure, what requirements they’re still holding onto.