BitLocker Protection off: Update UEFI/BIOS to fix issues

When BitLocker Protection is “off” means that BitLocker encryption is currently disabled on the drive. In my case, it is disabled and the encryption did not succeeded in the first place. Therefore, we will limit our solution to this use-case. In this article, we shall discuss “BitLocker Protection off: Update UEFI/BIOS to fix issues”. Please see How to Disable BitLocker on Windows 10, how to…

Windows 11 24H2 will enable BitLocker encryption by default, including Home Edition

Windows11 24H2 will enable BitLocker encryption by default, including Home Edition

Microsoft plans to enable BitLocker encryption by default during the Windows 11 24H2 installation process. This will have two impacts on users: one is affecting the performance of the hard drive, and the other is that if the user does not have the decryption key, related data may be lost.

We noticed the change while testing the installation of Windows 11 24H2 using the newly designed installer, and thankfully users can disable Device Encryption in the Privacy & Security section of Settings.

According to reports, Windows 11 24H2 brings an improved installer. The new installation process no longer starts with a “blue window” but is similar to an in-place upgrade, except that BitLocker encryption of the drive may be performed in the background during the new installation process.

This may not only affect Windows 11 Pro and above, but also Home editions, which may surprise some.

Using BitLocker to encrypt drives is not new on Windows 11 PCs, with some OEMs already implementing it on Pro machines. Of note, there are reports that the default software-based BitLocker encryption on Windows (XTS-AES 128) can cause significant performance degradation even on some of the fastest SSDs, such as PCIe Gen4 NVMe SSDs. Furthermore, unsuspecting users may be completely unaware that their device is encrypted, and if the key is lost or not saved correctly, the encrypted data may not be recovered.

And if you need Windows 11, You can buy it from keyingo.com, it is much cheaper than the Microsoft store !

How to Enable BitLocker Drive Encryption on Windows 11/10 Home Edition

If you have Windows 11, please turn off the Recall feature unless you have Bitlocker on your computer. This is because it takes screenshots of your PC and stores them in such a way that the screenshots could be stolen and passwords etc. taken. (It can be encrypted automatically by Bitlocker, so if you do have that enabled, turning Recall off is optional). If you want to turn off Recall, please do the following:

Please open "Settings".

Next, please click on "Privacy & Security".

Select the "Recall & Snapshots" page.

Turn off the “Save snapshots” toggle switch.

Do this for every account on the computer (the setting is saved per account).

This will completely turn off the Recall option on the account. If you use Windows 10 or earlier, you can put your feet up and relax - Recall isn't available on these operating systems. Obviously, it's a non-issue on non-Windows computers too.

Apparently Windows has Bitlocker enabled by default????

got my laptop back but for some god forsaken reason they enabled bitlocker & now I either wait 30 days for my security info to change or just reinstall windows LOL

My PC is named Gore after the mountain, but I recently set up a dual boot and need a new name and well... "Glory and gore go hand in hand"

GORE: My everything including most gaming GLORY: Games with invasive anti-cheat only

I definitely wasn't nervous modifying my boot while also having BitLocker enabled. Also it's awesome I can just use Hyper-V to install another OS on another disk and then boot off of it for real.

Windows or Linux? Finding Your Perfect Match in the VPS Hosting Arena

In the ever-evolving landscape of Virtual Private Server (VPS) hosting, the choice between Windows and Linux is pivotal. Your decision can significantly impact your website's performance, security, and overall user experience. At l3webhosting.com, we understand the importance of this decision, and we're here to guide you through the intricacies of choosing the perfect match for your hosting needs.

Understanding the Basics: Windows vs. Linux

Windows VPS Hosting: Unveiling the Dynamics

When it comes to Windows VPS hosting, users are drawn to its familiarity and seamless integration with Microsoft technologies. For websites built on ASP.NET or utilizing MSSQL databases, Windows VPS is the natural choice. The user-friendly interface and compatibility with popular software make it a preferred option for businesses relying on Microsoft-centric applications.

Windows VPS provides robust support for various programming languages, ensuring a versatile hosting environment. The seamless compatibility with Microsoft's IIS (Internet Information Services) enhances website performance, especially for those developed using .NET frameworks.

Linux VPS Hosting: Unleashing the Power of Open Source

On the other side of the spectrum, Linux VPS hosting thrives on the principles of open source software. The inherent flexibility and stability of Linux attract developers and businesses looking for a reliable hosting foundation. Websites built using PHP, Python, or Ruby on Rails often find Linux to be the optimal environment.

Linux's renowned security features, including the capability to customize firewall settings, contribute to a robust defense against potential cyber threats. Additionally, Linux VPS hosting typically comes at a lower cost, making it an economical choice without compromising performance.

Performance Benchmark: Windows vs. Linux

Windows Performance Metrics

Windows VPS excels in scenarios where compatibility with Microsoft technologies is paramount. The integration with .NET applications and MSSQL databases ensures optimal performance for websites that rely on these frameworks. The user-friendly interface also simplifies management tasks, providing a smooth experience for administrators.

However, it's essential to note that Windows VPS may require more system resources compared to Linux, impacting scalability and cost-effectiveness for resource-intensive applications.

Linux Performance Metrics

Linux VPS, being lightweight and resource-efficient, offers excellent performance for a wide range of applications. The open-source nature of Linux enables users to tailor the operating system to their specific needs, optimizing performance and resource utilization.

Linux excels in handling concurrent processes and multiple users simultaneously, making it an ideal choice for high-traffic websites. Its stability and ability to run efficiently on minimal hardware make it a cost-effective solution for businesses mindful of their hosting budget.

Security Considerations: Windows vs. Linux

Windows Security Features

Windows VPS prioritizes security with features like BitLocker encryption, Windows Defender, and regular security updates. The familiarity of Windows security protocols can be reassuring for users accustomed to the Microsoft ecosystem.

However, the popularity of Windows also makes it a target for cyber threats. Regular updates and a robust security posture are crucial to mitigating potential risks.

Linux Security Features

Linux VPS boasts a solid reputation for security, primarily due to its open-source nature. The community-driven development and constant scrutiny contribute to swift identification and resolution of security vulnerabilities.

The ability to customize firewall settings and the availability of robust security tools make Linux a secure choice for websites that prioritize data protection and threat prevention.

Making Your Decision: Tailoring Hosting to Your Needs

Factors Influencing Your Choice

When deciding between Windows and Linux VPS hosting, consider the nature of your website, the technologies it relies on, and your budgetary constraints. If your website is built on Microsoft-centric frameworks, Windows VPS might be the most seamless option. On the other hand, Linux VPS offers versatility, cost-effectiveness, and robust security, making it an attractive choice for many users.

Our Recommendation

At l3webhosting.com, we understand that each website is unique. Our recommendation is tailored to your specific needs, ensuring that you make an informed decision based on performance requirements, budget considerations, and long-term scalability.

Conclusion: Your Hosting Journey Begins

In the dynamic world of VPS hosting, choosing between Windows and Linux is a critical decision. Understanding the nuances of each platform allows you to make an informed choice, aligning your hosting environment with your website's specific requirements.

An important note: as of right now, Microsoft Recall is only available on Windows 11 PCs, on certain types of hardware, when device encryption or Bitlocker and biometric sign-ins are enabled. The program is also opt-in, so if you're getting a new computer or setting one up yourself, it's not something that you should find running when you get it started. If you're still on Windows 10, this isn't something you'll deal with at all (but check up on what the end of security updates for the OS means for you, while you're here!)

I think the important thing is to recognize that while you have control over Windows Recall on your system, you DON'T have control over computers you use for work or school. Windows Recall has a taskbar icon that shows when it's active, so if you routinely use a Windows 11 PC or laptop that doesn't belong to you personally, it's worth checking to see if it's enabled! And maybe check with your IT people and ask some pressing questions if it is.

I think every computer user needs to read this because holy fucking shit this is fucking horrible.

So Windows has a new feature incoming called Recall where your computer will first, monitor everything you do with screenshots every couple of seconds and "process that" with an AI.

Hey, errrr, fuck no? This isn't merely because AI is really energy intensive to the point that it causes environmental damage. This is because it's basically surveilling what you are doing on your fucking desktop.

This AI is not going to be on your desktop, like all AI, it's going to be done on another server, "in the cloud" to be precise, so all those data and screenshot? They're going to go off to Microsoft. Microsoft are going to be monitoring what you do on your own computer.

Now of course Microsoft are going to be all "oooh, it's okay, we'll keep your data safe". They won't. Let me just remind you that evidence given over from Facebook has been used to prosecute a mother and daughter for an "illegal abortion", Microsoft will likely do the same.

And before someone goes "durrr, nuthin' to fear, nuthin to hide", let me remind you that you can be doing completely legal and righteous acts and still have the police on your arse. Are you an activist? Don't even need to be a hackivist, you can just be very vocal about something concerning and have the fucking police on your arse. They did this with environmental protesters in the UK. The culture war against transgender people looks likely to be heading in a direction wherein people looking for information on transgender people or help transitioning will be tracked down too. You have plenty to hide from the government, including your opinions and ideas.

Again, look into backing up your shit and switching to Linux Mint or Ubuntu to get away from Microsoft doing this shit.

The Most Secure Windows Ever: Protecting Your Enterprise with Windows 11

Unlocking the Future of Enterprise Security with Windows 11

In today’s fast-evolving digital landscape, safeguarding your enterprise has never been more critical. Windows 11 stands at the forefront of security innovation, offering robust features designed to protect your organization from emerging threats while fostering productivity and flexibility. With its state-of-the-art security architecture, Windows 11 ensures that your business data remains confidential, your systems stay resilient, and your users can operate seamlessly across hybrid environments.

One of the standout features of Windows 11 is its comprehensive security suite, built from the ground up to defend against cyber threats. Hardware security enhancements, such as TPM 2.0 and Secure Boot, form the first line of defense, ensuring that your devices boot securely and are resistant to tampering. Moreover, Windows Hello provides biometric authentication options, enabling secure and quick access without compromising usability.

In addition to hardware protections, Windows 11 introduces advanced software security measures. Windows Defender Antivirus and Firewall work together to detect and neutralize malware in real-time. The integration of Endpoint Detection and Response (EDR) capabilities allows IT teams to monitor, analyze, and respond swiftly to security incidents, minimizing potential damage.

Managing enterprise security becomes simpler with Windows 11’s unified management tools. Microsoft Endpoint Manager seamlessly integrates with Windows Autopilot, enabling zero-touch deployment and centralized control over security policies. This ensures consistent enforcement of security standards across all devices, whether they are in-office or remote, facilitating a truly hybrid work environment.

For organizations concerned about data privacy, Windows 11 offers enhanced encryption options, including BitLocker, which encrypts data at rest, and Windows Information Protection (WIP), which helps prevent data leaks. Additionally, the new Virtualization-based Security (VBS) isolates critical system processes, further reducing the attack surface and safeguarding sensitive information.

Universal Print and DirectAccess are game-changers for enterprise connectivity. Universal Print simplifies print management in a cloud-first world, reducing hardware dependencies and enabling secure printing from any device. DirectAccess provides seamless, secure remote access to internal resources without the need for traditional VPNs, empowering remote workers with secure, always-on connectivity.

Choosing the right operating system is vital for hybrid work environments. Windows 11 offers the best platform, combining security, productivity, and user experience. When comparing Windows 11 Enterprise vs. Pro, the Enterprise edition provides advanced security features, comprehensive management tools, and flexible deployment options tailored for large organizations, making it the ideal choice for securing your enterprise infrastructure.

To maximize the security benefits of Windows 11, organizations should consider acquiring genuine licenses. You can buy windows 11 enterprise license easily to ensure your enterprise is protected with authentic software, support, and updates. Embracing Windows 11 not only elevates your security posture but also empowers your workforce with a modern, efficient, and resilient operating system.

In conclusion, Windows 11 is undeniably the most secure Windows operating system ever created. Its innovative security features, management capabilities, and user-centric design make it the perfect choice for enterprises aiming to safeguard their digital assets while enabling hybrid work success. Invest in Windows 11 today and experience the future of enterprise security.

Windows11 24H2 will enable BitLocker encryption by default, including Home Edition

Windows11 24H2 will enable BitLocker encryption by default, including Home Edition

Microsoft plans to enable BitLocker encryption by default during the Windows 11 24H2 installation process. This will have two impacts on users: one is affecting the performance of the hard drive, and the other is that if the user does not have the decryption key, related data may be lost.

We noticed the change while testing the installation of Windows 11 24H2 using the newly designed installer, and thankfully users can disable Device Encryption in the Privacy & Security section of Settings.

According to reports, Windows 11 24H2 brings an improved installer. The new installation process no longer starts with a "blue window" but is similar to an in-place upgrade, except that BitLocker encryption of the drive may be performed in the background during the new installation process.

This may not only affect Windows 11 Pro and above, but also Home editions, which may surprise some.

Using BitLocker to encrypt drives is not new on Windows 11 PCs, with some OEMs already implementing it on Pro machines. Of note, there are reports that the default software-based BitLocker encryption on Windows (XTS-AES 128) can cause significant performance degradation even on some of the fastest SSDs, such as PCIe Gen4 NVMe SSDs. Furthermore, unsuspecting users may be completely unaware that their device is encrypted, and if the key is lost or not saved correctly, the encrypted data may not be recovered.

And if you need Windows 11, You can buy it from keyingo.com, it is much cheaper than the Microsoft store !

How To Make Sure Information On Your Old Computer Is Really, Truly Deleted

It Isn’t As Simple As Pressing ‘Delete’ And Emptying The Trash. Here’s A Step-By-Step Guide.

— By Sean Captain | June 17, 2025 | The Wall Street Journal (WSJ)

Illustration: Jon Krause

Spring-cleaning season is almost done, and it is time to finally get rid of that old computer. But be very careful before you sell, give away or recycle it.

You could be handing over sensitive information.

Even if you think you deleted everything on it, your old computer may hold lots of personal items you don’t want anyone seeing. In a 2019 study by the University of Hertfordshire (funded by security tech-reviews site Comparitech), researchers purchased 200 used hard drives from the U.S. and U.K. An analysis found data remaining on 59% of the drives, including passport and driver’s license scans, bank statements, utility bills and “intimate photos.”

Just pressing “delete” and emptying the Trash in macOS or the Recycle Bin in Windows won’t do the trick. That’s because your computer maintains an index of where every file resides. Deleting a file erases only its entry in the index, telling your system that it can put new files in that space. But until the system actually does put new files there, the old ones remain accessible. Simple consumer-level file-recovery apps can get at it—never mind professional-grade forensic software.

Here’s how to make sure your data is really gone—even on a computer that won’t start up.

Back-up And Log Out

Start by backing up anything you want to keep. You could drag files onto an external hard drive or use backup software such as the Time Machine app in macsOS. You can also back up to the cloud using Microsoft OneDrive, Apple iCloud, Google Drive, Dropbox or other services. (Don’t empty the Trash or Recycling bin. The wipe process will take care of this.)

Next, log out of applications or games with an online component, so the license is no longer associated with your old computer. Also do this for services like Gmail or Facebook, and web browsers like Chrome that sync your data online—on the admittedly remote chance that an incomplete wipe allows the next owner to access those accounts.

Another step for any type of computer is making sure your files are encrypted—scrambled in a mathematical operation based on very long strings of random numbers and letters called encryption keys. The wiping process will delete the keys to make sure any files that may remain on the machine are unreadable.

What you do next depends on your operating system.

Clearing Out A PC

Windows 10 and the current Windows 11 have a feature called “Reset this PC,” which, with the right settings, thoroughly wipes your data. First, make sure your operating system is up-to-date, as Microsoft recently fixed a bug that sometimes caused the reset process to fail. Press the Windows key, search for “updates” and select “Check for updates.” Install any that are available.

Now check on encryption. In Windows 10 or 11 Home editions, press the Windows key and search for “device encryption settings.” Click “Device encryption settings” on the next screen, then make sure the switch next to “Device encryption” is toggled on. Windows Pro, Enterprise and Education editions have an encryption utility called BitLocker. To enable it, click the Start button, type “bitlocker” and select “Manage BitLocker” from the list of results. (All versions of Windows 10 and 11 also encrypt deleted files.)

Now you’re ready to wipe. Tap the Windows key again, search for “Reset this PC,” then click on it. On the next screen, tap “Reset PC” (Windows 11) or “Get started” (Windows 10), and on the following screen, click “Remove everything.” On the next screen, select “Local reinstall.” (If this doesn’t work, try the “Cloud download” option.) Then click “Change settings,” and on the following screen (under “Clean data?”), toggle the switch to “Yes” and press “Confirm.” On the following screen, press “Next” (Windows 11) or “Reset” (Windows 10). On Windows 11, you will press “Reset” on one more screen. Then let the process run for a few hours.

“Reset this PC” deletes your files, apps and settings, logs you out of your Microsoft account and disables the “Find My Device” feature so the computer is no longer associated with you. Then the serious wiping starts. The encryption keys are deleted, making any encrypted data irretrievably scrambled, and the Clean data option overwrites the ones and zeros that had encoded data on your drive. A clean copy of Windows is also installed.

The MacOS Method

Apple’s “Erase Assistant” feature made its debut in 2021’s macOS 12 Monterey. If your current OS is older, you may be able to update it. To update an older OS to Monterey or a later one, click the Apple menu, then “System Preferences” and “Software Update.” If the update process doesn’t work, jump to “If all else fails” below for another option.

As with Windows, the “Erase All Content & Settings” process should start with encryption. On newer Macs (starting between 2018 and 2020, depending on the model), data is encrypted automatically. Just to be safe, though, turn on a feature called FileVault that adds encryption to older systems and an extra layer to newer ones. Click the Apple icon, then “System Settings” (or “System Preferences” in Monterey). In the next window, click “Privacy & Security” (or “Security & Privacy”), then click FileVault.

Now it is time to wipe. Click again on the Apple icon and “System Settings” (or “System Preferences”), click “General” on the left, then “Transfer or Reset” on the bottom right. Finally, on the next screen, click “Erase All Content & Settings.” (In Monterey, you’ll go there directly from “System Preferences.”)

This process signs you out of Apple services, turns off the “Find My” and “Activation Lock” security measures so that the system is no longer associated with you, and erases all your files, settings, apps and anything else. It deletes the encryption keys, permanently scrambling any data that remains.

If All Else Fails

If your PC or Mac is so old that it can’t run a modern wipe process, you have one more option before seeking pro help. For Windows, several experts recommended the KillDisk app. The $49.95 Professional version runs from a USB drive and overwrites the ones and zeros that encode data on your hard drive with all zeros. Afterward, your computer will no longer boot into Windows unless you reinstall the OS.

For a Mac, your best option is a complex process that Apple describes online.

If these processes sound too complicated, or if your system won’t even turn on, use Apple’s recycling program for Macs or a disposal company that offers hard-drive destruction (or shredding) and recycling for consumers with either type of system. Look for ones that issue a certificate of destruction to verify the process. For instance, Ship ‘N’ Shred accepts drives or whole devices, with prices that include shipping ranging from around $30 to $200.

Modern technology leaves a lot of digital footprints, but at least you can sweep them off your old computer.

— Sean Captain is a Writer ✍️ in New York.

Windows 11 Patch Notes

Force disabled SFWMS service

Inserted ads into every available bit of screen real estate

Adjusted your mouse sensitivity, screen scaling and microphone volume by 5%

Uninstalled your webcam driver

Set your keyboard to DVORAK

Activated Bitlocker

Force enabled SFWMS again

I think computers should have some sort of a "stop fucking with my settings"-setting. Like when you've set all your settings to your liking, they stay that way. So instead of fucking with all your settings and shifting everything a little bit to the left, your computer would just. not do that.

Short summary of Exterminatus.

The drive kicked it.

But I had the knoppix.

But someone had re-enabled bitlocker.

But I had a key.

But the files are a mishmash though knoppix sees the partition after the key. You can even open some of them and enjoy a nice array of japanese and korean characters and sans as well as cursed unicode.

Gave this warp-corrupted piece of ungrateful junk to the data recovery app. It can't see the partition, even though I know it is there.

IT at work says it "will take a look". Online service says 2 weeks.

My head hurts and I simultaneously want and don't want to redraw the biomancy thing. It's dark fade and I don't seem to be able to handle dark stuff properly and without crying and throwing things at walls.

My paper was there, I don't want to relive this horror. Other stuff.

Ah fuck it.

On the other hand, I can enjoy the outdoors today. Glassed outdoors.

[i'll try the biomancy thing again in the evening, will attempt to take laptop off girlfriend :)]

How bad this is really can't be understated.

Recall is a feature that is being marketed as exclusive to Copilot+ PCs, a handful of new machines that are launching later this month. However, it's possible to install Recall on machines that don't meet the minimum system requirements. Machines like your standard Windows 11 PC that aren't running the new NPU chips, and probably at least some that are running Windows 10.

And, as said above, the SQLite database stores data as plain text.

But it's encrypted on the drive, Microsoft says, so it's safe!

No. No, it isn't.

So far this week I've seen a dozen client computers where the system has been compromised by remote access software. Most of them fell for scams saying their computers were infected with viruses, called an 800 number shown on the screen, and downloaded and installed those programs at the scammer's instructions.

Doing that grants the scammer full access to the system. Bitlocker's encryption kicks in when a drive is removed from a system and attached to another. It's not going to do anything to protect data from a scammer using the computer the drive belongs to while it's signed into the user account.

It's going to be a matter of seconds for them to export the entire SQLite database from the AppData folder it lives in on Copilot+ PCs. By the time the user realizes what's going on, it's probably too late.

And again, it's possible to get Recall installed on machines that aren't supposed to be running it because they don't meet the minimum system requirements. So there's a very real chance that threat actors are going to weaponize it and deploy it to victims' computers for the sole purpose of harvesting all the data they can.

The security risks this poses even to average PC users are legitimately terrifying.

And it's enabled by default on Copilot+ PCs. You have to actively opt out.

Recall is designed to use local AI models to screenshot everything you see or do on your computer and then give you the ability to search and retrieve anything in seconds. There’s even an explorable timeline you can scroll through. Everything in Recall is designed to remain local and private on-device, so no data is used to train Microsoft’s AI models. Despite Microsoft’s promises of a secure and encrypted Recall experience, cybersecurity expert Kevin Beaumont has found that the AI-powered feature has some potential security flaws. Beaumont, who briefly worked at Microsoft in 2020, has been testing out Recall over the past week and discovered that the feature stores data in a database in plain text.

Holy cats, this is way worse than we were told.

Microsoft said that Recall stored its zillions of screenshots in an encrypted database hidden in a system folder. Turns out, they're using SQLite, a free (public domain) database to store unencrypted plain text in the user's home folder. Which is definitely NOT secure.

Further, Microsoft refers to Recall as an optional experience. But it's turned on by default, and turning it off is a chore. They buried it in a control panel setting.

They say certain URLs and websites can be blacklisted from Recall, but only if you're using Microsoft's Edge browser! But don't worry: DRM protected films & music will never get recorded. Ho ho ho.

This whole debacle feels like an Onion article but it's not.

Luckily(?) Recall is currently only available on Windows 11, but I fully expect Microsoft to try and shove this terrible thing onto unsuspecting Win10 users via Update.

Stay tuned...