undefined | Better HN

0 pointssudioStudio6410y ago0 comments

Every company that has access to your encryption keys can be prompted to give them up with a warrant.

You can keep them from having the key. That's one way around it. Using hardware of some kind (and there are multiple.)

You are also free to use another solution that might meet your strict requirements to personally review the encryption, filesystem, device driver, and memory management code of your operating system to verify it's operating to your specifications. There have literally never been so many options for the privacy minded person with the time to pour through a metric ton of C code.

0 comments

4 comments · 1 top-level

the847210y ago· 3 in thread

I'm not talking about encryption keys.

I'm talking about the data itself. Sitting on my harddrive, as it is.

As I understand it microsoft is saying that they could siphon data from my computer if they deemed it necessary.

Maybe that's an adversarial reading of their privacy statement[1]. But it clearly speaks of accessing files in private folders.

[1]: https://www.microsoft.com/en-us/privacystatement/default.asp...

sudioStudio64OP10y ago

I believe that you are mistaken. Could they turn over your BitLocker recovery key to the authorities that would then use it to decrypt your HDD that they have already taken from you? Yes.

Are they going to reach out over the internet and take your data? No. They are not going to do that. I follow this stuff really closely. I promise I haven't seen or heard of a capability where they can remotely take data from your machine and turn it over to the government.

the847210y ago

The point is that they're granting themselves the permission to do so if anyone ever deemed it necessary and that the user has to agree to their terms to use windows.

So you're basically signing away your rights to privacy. Not based on due process but on "good faith belief".

Someone at microsoft thought there is a need to do that to cover their legal asses. They would only think that in case they anticipated needing it in the future.

1 more reply

JoshTriplett10y ago

There are two approaches: give someone a pile of power over you and trust them not to abuse it, or never give them that power in the first place. Given the repeated demonstrations of what can and does go wrong with the former...

2 more replies

j / k navigate · click thread line to collapse