{"id":15414,"date":"2026-01-23T12:08:21","date_gmt":"2026-01-23T19:08:21","guid":{"rendered":"https:\/\/jasonsblog.ddns.net\/?p=15414"},"modified":"2026-01-23T12:08:21","modified_gmt":"2026-01-23T19:08:21","slug":"microsoft-gave-fbi-a-set-of-bitlocker-encryption-keys-to-unlock-suspects-laptops","status":"publish","type":"post","link":"https:\/\/jasonsblog.ddns.net\/index.php\/2026\/01\/23\/microsoft-gave-fbi-a-set-of-bitlocker-encryption-keys-to-unlock-suspects-laptops\/","title":{"rendered":"Microsoft Gave FBI a Set of BitLocker Encryption Keys To Unlock Suspects\u2019 Laptops"},"content":{"rendered":"\n

Beyond the fact that Microsoft gave the keys to law enforcement, you have to wonder if there doesn’t exist an exploit for disk encryption to be broken anyway with this just a method to conceal it in court. Google and Apple devices in stock configuration can also be broken by security suites bypassing their encryption, and I wouldn’t trust Microsoft to hold the keys to any encryption system I’d use. From leaked presentation slides, at least Graphene OS device’s have secure encryption before first unlock. So basically, big tech and governments don’t want you to have full encryption unless they can break into it, and heading towards agentic AI that can see and report everything they want from your device, your opinions and behavior. <\/p>\n\n\n\n

https:\/\/techcrunch.com\/2026\/01\/23\/microsoft-gave-fbi-a-set-of-bitlocker-encryption-keys-to-unlock-suspects-laptops-reports\/<\/a><\/p>\n\n\n

<\/div><\/div><\/div>\n\n\n
\"\"<\/figure>\n\n\n\n

By Lorenzo Franceschi-Bicchierai<\/p>\n\n\n\n

Microsoft provided the FBI with the recovery keys to unlock encrypted data on the hard drives of three laptops as part of a federal investigation, Forbes reported on Friday<\/a>.<\/p>\n\n\n\n

Many modern Windows computers rely on full-disk encryption, called BitLocker, which is enabled by default<\/a>. This type of technology should prevent anyone except the device owner from accessing the data if the computer is locked and powered off. <\/p>\n\n\n\n

But, by default, BitLocker recovery keys are uploaded to Microsoft\u2019s cloud, allowing the tech giant \u2014 and by extension law enforcement \u2014 to access them and use them to decrypt drives encrypted with BitLocker, as with the case reported by Forbes.<\/p>\n\n\n\n

The case involved several people suspected of fraud related to the Pandemic Unemployment Assistance program in Guam, a U.S. island in the Pacific. Local news outlet Pacific Daily News covered<\/a> the case last year, reporting that a warrant had been served to Microsoft in relation to the suspects\u2019 hard drives. Kandit News, another local Guam news outlet, also reported<\/a> in October that the FBI requested the warrant six months after seizing the three laptops encrypted with BitLocker. <\/p>\n\n\n\n

A spokesperson for Microsoft did not immediately respond to a request for comment by TechCrunch. Microsoft told Forbes that the company sometimes provides BitLocker recovery keys to authorities, having received an average of 20 such requests per year. <\/p>\n\n\n\n

Apart from the privacy risks of handing recovery keys to a company, Johns Hopkins professor and cryptography expert Matthew Green raised the potential scenario<\/a> where malicious hackers compromise Microsoft\u2019s cloud infrastructure \u2014 something that has happened<\/a> several times<\/a> in recent years \u2014 and get access to these recovery keys. The hackers would still need physical access to the hard drives to use the stolen recovery keys.<\/p>\n\n\n\n

\u201cIt\u2019s 2026 and these concerns have been known for years,\u201d Green wrote in a post on Bluesky<\/a>. \u201cMicrosoft\u2019s inability to secure critical customer keys is starting to make it an outlier from the rest of the industry.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"

Beyond the fact that Microsoft gave the keys to law enforcement, you have to wonder if there doesn’t exist an exploit for disk encryption to be broken anyway with this just a method to conceal it in court. Google and Apple devices in stock configuration can also be broken by security suites bypassing their encryption, […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-15414","post","type-post","status-publish","format-standard","hentry","category-tech"],"blocksy_meta":[],"featured_image_src":null,"author_info":{"display_name":"Jason","author_link":"https:\/\/jasonsblog.ddns.net\/index.php\/author\/jturning\/"},"_links":{"self":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/15414","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/comments?post=15414"}],"version-history":[{"count":1,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/15414\/revisions"}],"predecessor-version":[{"id":15416,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/15414\/revisions\/15416"}],"wp:attachment":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/media?parent=15414"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/categories?post=15414"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/tags?post=15414"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}