back to article Microsoft encrypts explanation of borked Windows 10 encryption

We know Microsoft can be pretty secretive about its spyware-as-a-service Windows 10, but Redmond has now taken its furtiveness to a whole new level. You may or may not know that its disk encryption tool Bitlocker has suddenly stopped working in the latest version of its operating system for a number of people. Bitlocker …

Page:

  1. Mark 85 Silver badge
    Trollface

    We used to beat MS up for bad security

    And now they're encrypting everything... sort of. Or maybe it's just the explanations and what's actually in their updates.

    1. Anonymous Coward
      Anonymous Coward

      Re: We used to beat MS up for bad security

      Now why would I want to use bitlocker on my self encrypting SSD?

      1. oldcoder

        Re: We used to beat MS up for bad security

        For protection, of course.

        If you don't trust the ability of the SSD encryption to hold up under hardware attacks (they won't - the key is on the device, so hardware attacks can extract the key), then you layer an additional encryption on top.

  2. Richard 12 Silver badge

    Decrypted :

    **** off, we don't care.

    1. Richard Jones 1
      WTF?

      Re: Decrypted :

      Nearly right corrected version;

      **** we don't know, we only wrote the stuff.

      They have brought back another unwanted feature for me, a refusal to hibernate or sleep.

      1. Pascal Monett Silver badge
        Coat

        That response reminds me of the old joke of guys lost in a balloon in the fog . . .

        * link leads to joke in plane, largely less credible but the gist is the same

      2. Stoneshop Silver badge
        WTF?

        Re: Decrypted :

        They have brought back another unwanted feature for me, a refusal to hibernate or sleep.

        You're losing sleep over W10's lack of encryption, or its level of spying? There's a solution for that.

    2. Christian Berger

      Re: Decrypted :

      Decrypted: "We have no ****ing idea what happened as Windows is even more complex than gnome with systemd, but as we find out what department it it that messed up, we need to say something."

      1. Anonymous Coward
        Anonymous Coward

        Re: Decrypted :

        That's a little harsh, don't you think? At least Windows isn't as *needlessly* complex and Gnome and systemd, is it?

      2. I. Aproveofitspendingonspecificprojects

        Re: Decrypted :

        > Decrypted: "We have no ****ing idea what happened as Windows is even more complex than gnome with systemd, but as we find out what department it it that messed up, we need to say something."

        Thanks Bill that's a lot clearer.

        Pardon?

    3. dotdavid

      Re: Decrypted :

      > **** off, we don't care.

      More like "You have reached the Microsoft Press Relations department and don't quite understand your question. Please have this complimentary pre-approved canned statement"

  3. Anonymous Coward
    Anonymous Coward

    When is someone going to file a UK Class Action against M$

    under the Computer Misuse Act?

    1. Anonymous Coward
      Anonymous Coward

      Re: When is someone going to file a UK Class Action against M$

      Can class actions be brought in the UK for anything other than competition cases? Clue: no.

      1. Anonymous Coward
        Anonymous Coward

        Re: When is someone going to file a UK Class Action against M$

        Not True. The NEW consumer regulation allow for something LIKE a CLA. Im not entirely familiar with the ins and outs..

        1. Anonymous Coward
          Anonymous Coward

          Re: When is someone going to file a UK Class Action against M$

          Not True. The NEW consumer regulation allow for something LIKE a CLA. Im not entirely familiar with the ins and outs..

          Perhaps you should become familiar with those little details, then, because the change you're referring to is restricted to competition cases. If you Google it you'll find plenty of law firms' web pages summarising the scope of the change.

        2. Bluto Nash
          Trollface

          Re: When is someone going to file a UK Class Action against M$

          Im not entirely familiar with the ins and outs..

          This is Microsoft - it likely just means you're getting screwed again.

        3. Doctor Syntax Silver badge

          Re: When is someone going to file a UK Class Action against M$

          "The NEW consumer regulation allow for something LIKE a CLA. Im not entirely familiar with the ins and outs"

          Quite correct. You're not entirely familiar with the ins & outs. It's only available in limited circumstances related to competition.

          1. Anonymous Coward
            Anonymous Coward

            Re: When is someone going to file a UK Class Action against M$

            Yes, and like you, now I have seen the BBC clip, I know that too...

            I'm happy to have enlightened you.

        4. Michael Nidd

          Re: When is someone going to file a UK Class Action against M$

          And if TTIP goes through?

    2. msknight

      Re: When is someone going to file a UK Class Action against M$

      I still don't know why the M$'s malicious software removal tool doesn't de-install Windows.

      1. Dan 55 Silver badge
        Trollface

        Re: When is someone going to file a UK Class Action against M$

        Because it doesn't work properly either.

        1. Pompous Git Silver badge

          Re: When is someone going to file a UK Class Action against M$

          Great minds like a think :-)

    3. oldcoder

      Re: When is someone going to file a UK Class Action against M$

      You would have better luck using a "false and misleading advertising" claim.

      That way you get them no matter what ...

  4. kryptylomese

    "Windows is the only platform with a customer commitment to investigate reported security issues, and proactively update impacted devices as soon as possible. We recommend customers use Windows 10 and the Microsoft Edge browser for the best protection. Our standard policy is to provide solutions via our current Update Tuesday schedule"

    The above is bollocks! Red Hat are much better at preventing, investigating and fixing security issues as all of their customers will confirm! Microsoft should not make misleading recommendations like this in fact I would go as far as to say it should be illegal from a consumer perspective.

    1. Timmy B Silver badge

      Is Red Hat a "platform"? Like all of these kind of statements that don't actually specify technical details (therefore for IT professionals) this is simply salesman-speak and thus automatically rubbish and should be ignored.

      1. SolidSquid

        It's as much a "platform" as Windows is, offering a desktop environment as well as lending itself to a variety of types of server environments to provide services from. Arguably they even have an "app store" via their repositories

        Although you have a point that the term "platform" is vague as hell and isn't really good at explaining what it does

        1. Timmy B Silver badge

          Exactly what I mean about salesman-speak. Platform could mean anything. After all is Red Hat the platform or Linux? It all means diddly really.

          1. TRT Silver badge

            "customer commitment to investigate reported "

            Of course, given the vagaries of English, that could equally means the customers are the ones committed to investigating the reports...

        2. Stoneshop Silver badge

          Platform

          The most common usage around here is that it's the entirety of hardware, OS and "middleware" (urgh), ready to run the user applications.

          Us techies understand it as implying it's something rather shaky high up with a lot of scaffolding underneath.

          1. amanfromMars 1 Silver badge

            Re: Platform @Stoneshop .... and Novel Platforms with Greater Light Speeding AIRCraft*

            Howdy, Stoneshop,

            There are those under no delusions working systems administrations in virtual platforms of operation realising Windows is muchmore olde business planphorm than leading edge executive base vessel and useful enough for conditions in those sorts of fields in virtual team terrains.

            *Advanced IntelAIgent Research Craft

            1. I. Aproveofitspendingonspecificprojects

              Re: Platform @Stoneshop .... and Novel Platforms with Greater Light Speeding AIRCraft*

              I might have guessed he could make sentence of it:

              >Howdy, Stoneshop,

              There are those under no delusions working systems administrations in virtual platforms of operation realising Windows is muchmore olde business planphorm than leading edge executive base vessel and useful enough for conditions in those sorts of fields in virtual team terrains.

              *Advanced IntelAIgent Research Craft

              What I think you do is count the number of primes then miss every other word reading it on a prime time, schedule until all the letters get use up, then you throw away the computer you first thought of and boil your head until no longer something or other shortage...

              1. I. Aproveofitspendingonspecificprojects

                Re: Platform @Stoneshop .... and Novel Platforms with Greater Light Speeding AIRCraft*

                I can't believe there are seven minutes to make this post better

                It can't last.

    2. Anonymous Coward
      Anonymous Coward

      FTFY: "the platform with only customer commitment"

      1. Fihart

        Exactly. Have an upvote.

    3. captain veg

      Sure, Windows is a platform. The train has already left.

      -A.

    4. Anonymous Coward
      Anonymous Coward

      proactively update impacted devices

      Translation: We'll change things on your computer remotely whenever we feel like it. You already consented via EULA, so you have no recourse.

    5. Anonymous Coward
      Anonymous Coward

      "Red Hat are much better at preventing, investigating and fixing security issues as all of their customers will confirm"

      Why then do they have vastly more security patches than Windows - even when you restrict RedHat to comparable feature sets - and are on average slower to deliver them (more days at risk) for a product that costs considerably more?

      1. oldcoder

        Vastly more software.

        "more days at risk"? Windows still has vulnerabilities from 19 years ago.

        RH fixes are actually provided, and not called "features".

    6. I. Aproveofitspendingonspecificprojects

      > "Windows is the only platform with a customer commitment to investigate reported security issues, and proactively update impacted devices as soon as possible. We recommend customers use Windows 10 and the Microsoft Edge browser for the best protection. Our standard policy is to provide solutions via our current Update Tuesday =

      There is a Windows customer with a commitment that is the only platform and it has, or had to investigate security issues that were reported I am not sure what poactively impacted devices are but once a month on Tuesdays or as soon as possible. I forget something something. And anyway I use Linux so there...

  5. Camilla Smythe

    Silly Peeps

    How can Microsoft Slurp your data if you encrypt it?

    1. Steve Davies 3 Silver badge

      Re: Silly Peeps

      Don't be silly. They have the master keys to your encryption.

      Well that my impression until they come out and make a public statement along the lines that Apple has done w.r.t iPhone data encryption.

      But... even if they did just that how many here would believe them eh?

    2. Hans 1 Silver badge
      Facepalm

      Re: Silly Peeps

      An encrypted drive safeguards your data somewhat when your kit gets stolen, that is it. When windows is running, all required data on your drive is automatically decrypted, for each and every program that runs on your computer, including Microsoft's telemetry (or whatever they call their spyware this week) software.

      They don't need master keys, you other numpty, the data is decrypted on your system before it gets sent over a secure (I would hope for you, guyz) connection to mothership.

      Maybe you mean a Microsoft rep is sneaking into your house to slurp your data while you're at work ...

      1. Camilla Smythe
        Happy

        Re: Silly Peeps

        Ooops. Silly me. I am sure I understand now.

        Encryption is like DNT where you are just sending Microsoft a 1 to say do not look at my data and therefore they can ignore your implied request in order to check if you might be interested in buying some more socks.

        After all these days someone else might have encrypted your sock pictures, sock novels, sock videos, sock music and sock design software along with your .sck design files so it's not as if they really know whether or not you yourself chose to encrypt your sock data so it's best to play safe and have a good rummage about the place just to make sure.

        Thanks for clearing that one up for me. As for Microsoft Reps sneaking about the house when I am out.. It's not them, it's the Pixies. They use the Goblins at work when I am at home and Gremlins to supply the down votes on El Reg.

        1. Alister Silver badge
          Happy

          Re: Silly Peeps

          After all these days someone else might have encrypted your sock pictures, sock novels, sock videos, sock music and sock design software along with your .sck design files so it's not as if they really know whether or not you yourself chose to encrypt your sock data so it's best to play safe and have a good rummage about the place just to make sure.

          Ha, you're nothing but a sock-puppet...

          BTW, if anyone's thinking of buying me Xmas presents, I could do with some socks...

  6. msknight

    Translation follows...

    "Windows is the only platform with a customer commitment to investigate reported security issues, and proactively update impacted devices as soon as possible."

    ...we think we're the only operating system manufacturer on the planet. At least, that's worth talking to. Competitors are jokers who don't take security reports or bugs seriously.

    "We recommend customers use Windows 10 and the Microsoft Edge browser for the best protection."

    ... For fuck sake get off Windws 7 and 8 already. We've tried to warn you. Honestly. We even did you the favour of pushing our product down your private wire at great expense... to you... and you still didn't have the common bloody sense to push the single buton we helpfully popped up in the fucking task bar. Oh no. You even went to the extent of working out a secret registry key to turn off our helpfulness. Well, be warned, we're sending the boys round shortly.

    "Our standard policy is to provide solutions via our current Update Tuesday schedule."

    ... We'll fix it on Tuesday. No, we won't tell you which one.

    1. 's water music

      Re: Translation follows...

      "Our standard policy is to provide solutions via our current Update Tuesday schedule."

      See you next... ?

    2. msknight

      Re: Translation follows...

      Decryption was via the 128bit Bll-S-hit algorythm. Private key was, G0b3ldyg00k

    3. RIBrsiq

      Re: Translation follows...

      "You even went to the extent of working out a secret registry key to turn off our helpfulness".

      Eh...? Do you think registry keys happen by themselves? A type of 'shroom, mayhap...?

      Here's the relevant KB:

      https://support.microsoft.com/en-us/kb/3080351

      1. captain veg

        Re: Translation follows...

        Yes,, well that KB kicks off with a blatant lie.

        > The computer or device is joined to a domain.

        This one is. I still had to manually remove the GWX crap, and am continuing to have to carelly review all updates before applying them.

        -A.

        1. RIBrsiq

          Re: Translation follows...

          @captain veg:

          I've read about this, but did not face it myself. I think probably because all my PCs are using Enterprise, which's not eligible for the upgrade anyway.

          But I find it very interesting, so I would greatly appreciate it if you could please elaborate. In particular:

          * Are the updates being received through WSUS or SCCM?

          * What edition of Windows?

          * Is the local user a normal, limited user?

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020