This is a most excellent place for technology news and articles.
Yes! This happened to me when I turned off the 'safe boot' on a laptop via BIOS. It locked me out but I had never agreed to install Bitlocker in the first place, let alone know what key I was supposed to have. It was a total loss & I had to wipe the drive.
MS is hot trash.
The decryption key is saved in the Microsoft account, the error message explains that
I also almost got a panic attack when my Lenovo updated the bios and i was locked out
This is already looking like Microsuck is asking for a Windows 11/BitLocker based Class Action Lawsuit against them for this data lose blunder, and hopefully get their currently CEO fired.
They're making an increasingly compelling case for me to switch to Linux.
Your title is borked. Maybe edit that
It's duplicated in case half of it is lost to Bitlocker
I had a small Win11 machine that I now have Ubuntu on. Win11 wouldn't let me use the whole disk because of the BitLocker bullshit. I had to dig through the menus and disable it then wait hours for it to finish decrypting. Fuck Microsoft. I'm proud to say me and my GF dont have a single Microsoft product in our home, and I'm keeping that way.
Why couldn't you just format the entire drive with the linux installer?
I could only format the free space not used by the windows partition.
!titlegore@lemmy.world
I am LITERALLY in the process of migrating my servers to my new NixOS server after months of prep work. This couldn't have been more timely lol Funniest part is, I just did my own TPM based encryption on my drives.
That's extraordinary, even for Microsoft.
If you're on Win 11 Pro, up to 23H2, follow these steps to prevent 24H2:
win+R, type GPEDIT.MSC, press enter Locate "Computer Configuration\Administrative Templates\Windows Components\Windows Update\Manage updates offered from Windows Update\Select the target feature update version"
Now click the "Enabled" button, type "Windows 11" in the first prompt and "23H2" in the second prompt and click "Apply"
That will prevent 24H2 from being downloaded and installed. When they've fixed this and the "Recall" mess, you can go back and undo the setting.
You can still do the "bypassnro" thing, it's just a script that's been removed. All it did was write a registry entry and reboot. This is the registry key entry - you can still press shift-F10 at the same point and type this manually:
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE /v BypassNRO /t REG_DWORD /d 1 /f
shutdown /r /t 0
another method to try is this, instead of the registry entry:
start ms-cxh:localonly
but I haven't tried that one yet.
I've fixed it by axing my bitlocker encrypted partition that contained my Pro version OS and just installed arch.
I love how Windows fix has terminal and GUI configurations mixed as an unholy concoction directly from the HQ.
I had a stroke reading the thread title.
The lost data is appearing inThe lost data is appearing in this thread.
The bot that posted this is not programmed to edit typos.
really interesting to see that they have more posts than comments
Really wish we didn't have bots posting at all
I'm of the opinion that encryption based security should be compartmentalized. IE, an encrypted folder, or "safe" app. Safes in housing are already a concept that is already commonly known so it would be natural to extend a safe into the digital realm. This would also help in the idea that safes are locked with a key, so if the user loses their keys, whatever is inside the safe, might as well be lost.
Now if EVERYTHING is a safe, (always on encryption). People will never known the difference. Its a dangerous type of security that is likely to be more a loss than a benefit.
But, houses have locks on the doors. The whole point of the house is to be a safe for people. Security is all about the threat model, your risk assessment should inform the security measures that make sense in the security/convenience continuum. Not everyone will be equally well served by the exact same risk mitigation methods.
The point of whole disk encryption is to delay or nullify physical device control. If your disk is not encrypted, but you have a single encrypted file a bad actor wants to access. If they get physical control, then it is game over. They have all the time and power in the world to crack down that one file. Now, most people don't have any one file(s) like that, but instead are worried about their private life in general. Without encryption, physical access to the device means total access to their entire life, the house had no locks and the thieves just waltzed in and took everything of value. Whole disk encryption is opting for a sturdier door, with better locks. Physical control is still bad, but access is orders of magnitude harder. Sure, if you lose the only key to your house, you better be prepared to break windows or walls to get in, but that is a user responsibility.
For most folks they could just write down their encryption passphrase in a secure location with the rest of their papers since 99.9% of the risk is thieves stealing their laptops. For most folks the biggest secure item they have is the one they use constantly their browser and all the passwords it stores to all their services. You know the thing they use constantly.
A compartmentalized approach makes sense when the laptop contains really vulnerable data like laptops which have been stolen with bunches of client data on it or a journalists communication with confidential sources etc etc. In that case you STILL want to encrypt the whole thing but you want to separately encrypt the really important stuff with a different key so that every time you open your laptop to watch cat videos on youtube you aren't also unlocking all the data you will have to tell your companies users you lost.
HEY, @moe90@feddit.nl
FIX YOUR FUCKING TITLE lazy ass
don't you mean, "FIX YOUR FUCKING TITLEFIX YOUR TITLE FUCKING lazy ass"
where_steamos_orang.jpeg
Windows is malware.
I remember when Linux users used to say that, but it turns out they were right.
I'm glad I leaved that cursed OS behind.
Since when is Bitlocker required? None of my files are encrypted, and I've been using 11 since it came out.
It automatically encrypts the drive only if admin has a Microsoft account (to backup the key on their cloud servers for easier ~~LEO access~~ data recovery) and the PC is a prebuilt
If one of the condition is not met, the automatic ransomware isn't enabled
Did you use Rufus? You can bypass Bitlocker. Or your machine does not have TPM 2.0 (which you can also bypass)…?
Yeah I used Rufus. Always do for every OS install. Explains it lol
Bitlocker encrypts your drive, not single files. Once the computer is booted up, it's completely transparent to the user.
But my PC doesn't even have a password. So how can my files be encrypted? I thought a password was manditory for file encryption to work.
You probably haven't activate Bitlocker. Up until now it was optional with Windows. I would argue it isn't necessary for a desktop computer at home, but you should seriously consider activating disk encryption for a laptop.
Every retail PC I've seen with win11 has bitlocker enabled. Screwed one over as they forgot their password...
Surprise, surprise.
Forcing security measures onto someone who doesn't understand them or know how to recover their data if something goes wrong is a bad idea.
Fix that title gore please
~~Windows 11 users reportedly losing data due to Microsoft's forced~~Windows 11 users reportedly losing data due to Microsoft's forced BitLocker encryption
I mean, it's kind of not incorrect:
Windows 11 users reportedly losing data due to Microsoft’s forced Windows 11
