Windows 8.1 will automatically encrypt the storage on modern Windows PCs.
. . . Microsoft does hold the recovery key and would be capable of providing it to law enforcement if it was requested, which is certainly a legitimate concern in the age of PRISM.
. . . This is the new normal for Windows PCs, tablets, and devices in general. Where files on typical PCs were once ripe for easy access by thieves, Windows PCs are now encrypted by default and recovery keys are sent to Microsoft’s servers for safe keeping.
I trust nobody less than I trust microsoft. Not a bit worried about PRISM, Stellar Wind, NSA, or anybody of that genre. But microsoft I trust not at all. They scarcely constrained by any law known to humankind. And their security history is dirt poor.
Speculation: Is this a step toward requiring a subscription for windows?
Regardless, this is nearly the last straw for me. If I weren't so lazy I would have switched over to Linux long ago. This may do it.
I don't see the concern. Currently Windows isn't encrypted which means everyone can access your files - including Microsoft. Now it is encrypted and only Microsoft can open it up. Perfect? No. But still 6,999,999,999 less people* who can open your stuff.
Hopefully it will encourage people to think more about saving passwords and keys and also backing up their info.
i hope you are right, i am still staggered at how many people simply do no backups at all and live in some sort of dreamworld.
how many PC repair centres will be getting dead PC's they have to pull the encrypted drive out of and have to jump through all manner of hurdles to recover the data - if they can.
I don't think it would be hugely prominent though. The computer's death would need to coincide with the owner losing access to their Microsoft account.
The idea that this will foil genuine hackers is questionable. Microsoft has never yet been able to secure its OS. Somewhere in that registry or on some chip there will be a key. Some malevolent 14 year old will figure out a workaround within a month, if he hasn't already. Some nation state is working on it right now. Moreover, microsoft has probably built in some sort of master password (read as "back door").
For sure that is an overly broad statement, based on absolutely no hard facts, just history. But imagine that your car manufacturer said "This car will always start. Period". Such a statement would immediately be recognized as hyperbole and would tarnish the credibility of the car maker.
The folks who really need encryption (doctors, lawyers, keepers of trade secrets, double 00 spies) will not dare to depend on this encryption. For such folks there are free and paid apps that work...some are open source and therefore open to investigation by skeptics.
If you accept that premise, then this microsoft initiative is a marketing gimmick.
It creates a (false?) sense of security.
And it gives microsoft a degree of control to which they are not entitled.
Actually I think the motive for it is a tossup: Either another effort to lock down the PC market or a step toward windows subscriptions.
OK, OK, not a positive, happy post...sorry for that, but I just don't see microsoft playing well with others these days.
Well, on a positive note, that microsoft encryption thing will probably be actually helpful for small businesses who need to protect their data, and its free.
(Work with me here, doing the best I can.)
Alan, you have a car that starts every time? PM me asap the make & model...
I don't think it would be hugely prominent though. The computer's death would need to coincide with the owner losing access to their Microsoft account.
the scenario i had in mind was a dead PC comes in and, for whatever reason, can't be fixed, the encrypted drive is removed and put into another PC, one already with a Microsoft account (or without, doesn't really matter i guess), the It guy will need to make a new user account on his PC that matches the account the encrypted drive had and will need to ask the client for their password.
that's the theory, but with anything like that, it usually is never that easy in practice, then throw MS into the equation and what should be an easy task escalates into a dog's breakfast.
and the whole of idea of Person A giving Person B their password (which tend to be lazy and used repeatedly) is just wrong.
and do you think some MS geek has thought of this scenario, where a PC has a MS account accessing an encrypted C:\ and another MS account accessing an encrypted F:\ drive, geez i hope so.
I don't log on with a Microsoft Account.. just a local user account so I won't get encrypted
Hi hazelnut, it's been a while since I last posted!
I have Windows 8 and I too have been using a local user account rather than a Microsoft Account. I've just upgraded from Windows 8 to 8.1 and I wasn't able to complete the upgrade without converting my local user account to a Microsoft Account. Perhaps I overlooked some setting but I don't think I did.
Basically once Windows 8.1 was downloaded to my laptop and was then installed (a process that for both took in total well over two hours) I had to go through a number of screens that were similar to those I had to go through the first time I switched on my laptop after buying it back in June though some such as having to give the laptop a computer name didn't appear. But the screen that asks for a Microsft Account for signing in did appear and I couldn't see the option that I had back in June which sadi "Sign in without a Microsoft Account" which then created a local user account.
Bizarrely, after installing Windows 8.1 I have an additional 12GB of free space on my C: Drive which is the drive I use for the system files. The drive is 100GB in size and the free space available has increased from 33GB to 45GB. Quite how or why I don't know.
I do like Windows 8.1 (apart from this local user account issue) though.
