[grifball]

if you're using security methods like bitlocker (an MS product that encrypts your disk), it's possible that, after losing your license to use that program, your data would become unrecoverable without some serious reverse engineering efforts.

I'm probably just adding to the paranoia though. In reality, this whole thing is a very unrealistic attack. What hluska has stated is mostly true, but I'd like to add that an employee that could write code into an OS that would steal bitcoin and stay undetected would have to have a lot of skill. More than that random engineer that they just hired, think a guy with a PhD. Those types of people generally don't risk their jobs to steal because they're usually committed to their work and make a lot of money.

[Nitramevfank]

Sorry, but I'm not sure what point you are trying to make here. Is your scenario that the users license to use the OS is revoked combined with there not being any backups?

If you store data on a computer without backups you can expect to lose that data. Disks breaks, files are corrupted, computers are stolen, node.js deletes your crap. Or whatever.

As for employees embedding stuff in OS code. Sure, that can happen. Open source developers can also embed such code into any code they write, which has happened many times already. Unless you are writing your OS yourself from scratch or manually reviewed all source code for all code running on your machine (which I suspect no one has done the last decades), this is a risk. Open source or not.

[hluska]

I’m not the person you’re replying to, but Grifball is talking about BitLocker. BitLocker is a device encryption tool that ships with certain versions of Windows (I think only Pro, but don’t trust that.)

I believe that what Grifball is saying is that if your disc was fully encrypted and you lost the ability to decrypt, you’d be in a lot of trouble. In the BitLocker case, if you had a valid Windows license, encrypted your disc and lost your license, it would be a very bad day.

As for your comments about backups, you’re correct though in this case, a backup wouldn’t be much use if you lost access to BitLocker. That would take a really serious ops failure, but far stranger things have happened.

[bathtub365]

If your backup requires the original machine to be fully functioning, it's a bad backup. If it requires complete reliance on a third party holding a key, that they have the right and ability to revoke, it's also a bad backup. You're giving them the ability to cryptolock you at a whim.

[Nitramevfank]

I know what bitlocker is, I've been using it for years.

> backup wouldn’t be much use if you lost access to BitLocker

Why? What kind of backup are you talking about? This statement makes no sense to me.