[BLKNSLVR]

Title sounds conspiratorial, but it lines up well with the controversy around TrueCrypt's discontinuation which, I believe, specifically called out BitLocker as an alternative to use in future.

[ekjhgkejhgk]

I'm not aware of the connection between truecrypt and bitlocker, want to enlighten us?

[akersten]

Long time ago TrueCrypt suddenly and abruptly shut down with a vague goodbye message saying "everyone please move on and use bitlocker instead"

Prevailing theory is they were pressured to put in a backdoor and couldn't disclose it, so they had to make a seemingly ridiculous statement (because who in their right mind would trust bitlocker) to call attention that "something is very wrong"

[dist-epoch]

seems like nobody here knows the history

https://en.wikipedia.org/wiki/Paul_Le_Roux

[gruez]

>so they had to make a seemingly ridiculous statement (because who in their right mind would trust bitlocker) to call attention that "something is very wrong"

Alternately, they don't want people to rely on abandonware for security.

Also, despite the conspiracy theories of backdoors I'm not aware of any bitlocker exploits that work on TPM + pin, which is the intended "secure" configuration[1]. All exploits rely on TPM-only (ie. ez-mode), which is basically the security equivalent of running https/ssh without certificates and blindly accepting whatever keys shows up.

[1] https://learn.microsoft.com/en-us/windows/security/operating...

[cubefox]

Why do you need a separate PIN anyway? Shouldn't your Windows password be enough? Having to enter two different codes makes it unlikely a majority would use the system. I would be surprised if iOS or Android required a separate PIN for encryption.

[bootsmann]

You need a separate pin because windows lives on the encrypted disk so you need to decrypt it before you can boot completely.

[cubefox]

Couldn't they just use the PIN also Windows password? Then the PIN screen would have to look like the Windows login screen.

[rafram]

macOS solved this (and a lot of other problems) by putting the OS on a separate read-only partition - technically an APFS volume - that doesn’t get encrypted. Microsoft’s backwards-compatibility obsession might not let them make that the default, but they could at least make it an option.

[ranger_danger]

Whose/Which Windows password? The OS is inherently multi-user.

Plus if you ever needed to change or reset your password, that complicates the encryption.

[cubefox]

On the other hand, Microsoft has thousands of SWEs, surely a few of them must be smart enough to figure this out.

[otakucode]

That was my immediate first thought. "Oh, is Bitlocker Not Safe Anymore?"

[ricksunny]

Why is 'conspiratorial' posed as a prime facie _bad thing_ to posit?

[pocksuppet]

Mental inertia. It used to be a bad thing to theorize conspiracies without evidence, but now we actually have evidence of so many conspiracies similar to this that it's probable there are lots more.

[alamortsubite]

You're probably thinking of VeraCrypt, which is a fork of TrueCrypt. I don't think BitLocker is related.

[rzzzt]

https://en.wikipedia.org/wiki/TrueCrypt#End_of_life_announce... - they are referring to this event, and the SourceForge page is still displaying the message along with a guide on how to enable BitLocker.