Microsoft criticised over Windows 10 encryption key upload

December 30, 2015 // 11:35 a.m.

Tags: #bitlocker #device-encryption #drive-encryption #encryption #encryption-key #microsoft #onedrive #privacy #security #windows-10 #windows-10-home

A weakness has been found in the on-by-default disk encryption of Microsoft's Windows 10, with the encryption keys being uploaded and stored on a remote server without the user's knowledge.

Microsoft's Windows 10 made some strides in improving the security of the company's computing platform, beginning with enabling an on-by-default disk encryption system based around its BitLocker technology. What the company did not make clear, however, is that the key used for this encryption is automatically uploaded to the Microsoft OneDrive servers - meaning it can, in theory, be illegally captured or legally requested by security services and other attackers, rendering the cryptography moot.

The news was broken by The Intercept, which confirmed with Microsoft that the encryption key used for on-disk encryption is automatically uploaded to Microsoft's servers by default and that there is no way to opt-out of the process. 'When a device goes into recovery mode, and the user doesn’t have access to the recovery key, the data on the drive will become permanently inaccessible. Based on the possibility of this outcome and a broad survey of customer feedback we chose to automatically backup the user recovery key,' a spokesperson told the site. 'The recovery key requires physical access to the user device and is not useful without it.'

With Microsoft already under fire for default settings in Windows 10 which see considerable user information being transmitted for the sake of targeted advertising and software feedback, the revelation that the encryption keys are being stored remotely is an unwelcome one. The issue is, however, somewhat mitigated: only the keys used for the on-by-default disk encryption are shared, with any users option to turn on BitLocker being offered the option to store the recovery key locally instead. For Windows 10 Home users, this is of little help: BitLocker is only available on Windows 10 Pro and above.

Microsoft does provide a means of deleting a device's recovery key from the remote servers, but not of generating a new key on Windows 10 Home without having it automatically uploaded once more.


View this in the forums