BitLocker Protection off: Update UEFI/BIOS to fix issues

When BitLocker Protection is “off” means that BitLocker encryption is currently disabled on the drive. In my case, it is disabled and the encryption did not succeeded in the first place. Therefore, we will limit our solution to this use-case. In this article, we shall discuss “BitLocker Protection off: Update UEFI/BIOS to fix issues”. Please see How to Disable BitLocker on Windows 10, how to…

Windows 11 24H2 will enable BitLocker encryption by default, including Home Edition

Windows11 24H2 will enable BitLocker encryption by default, including Home Edition

Microsoft plans to enable BitLocker encryption by default during the Windows 11 24H2 installation process. This will have two impacts on users: one is affecting the performance of the hard drive, and the other is that if the user does not have the decryption key, related data may be lost.

We noticed the change while testing the installation of Windows 11 24H2 using the newly designed installer, and thankfully users can disable Device Encryption in the Privacy & Security section of Settings.

According to reports, Windows 11 24H2 brings an improved installer. The new installation process no longer starts with a “blue window” but is similar to an in-place upgrade, except that BitLocker encryption of the drive may be performed in the background during the new installation process.

This may not only affect Windows 11 Pro and above, but also Home editions, which may surprise some.

Using BitLocker to encrypt drives is not new on Windows 11 PCs, with some OEMs already implementing it on Pro machines. Of note, there are reports that the default software-based BitLocker encryption on Windows (XTS-AES 128) can cause significant performance degradation even on some of the fastest SSDs, such as PCIe Gen4 NVMe SSDs. Furthermore, unsuspecting users may be completely unaware that their device is encrypted, and if the key is lost or not saved correctly, the encrypted data may not be recovered.

And if you need Windows 11, You can buy it from keyingo.com, it is much cheaper than the Microsoft store !

How to Enable BitLocker Drive Encryption on Windows 11/10 Home Edition

If you have Windows 11, please turn off the Recall feature unless you have Bitlocker on your computer. This is because it takes screenshots of your PC and stores them in such a way that the screenshots could be stolen and passwords etc. taken. (It can be encrypted automatically by Bitlocker, so if you do have that enabled, turning Recall off is optional). If you want to turn off Recall, please do the following:

Please open "Settings".

Next, please click on "Privacy & Security".

Select the "Recall & Snapshots" page.

Turn off the “Save snapshots” toggle switch.

Do this for every account on the computer (the setting is saved per account).

This will completely turn off the Recall option on the account. If you use Windows 10 or earlier, you can put your feet up and relax - Recall isn't available on these operating systems. Obviously, it's a non-issue on non-Windows computers too.

Apparently Windows has Bitlocker enabled by default????

got my laptop back but for some god forsaken reason they enabled bitlocker & now I either wait 30 days for my security info to change or just reinstall windows LOL

My PC is named Gore after the mountain, but I recently set up a dual boot and need a new name and well... "Glory and gore go hand in hand"

GORE: My everything including most gaming GLORY: Games with invasive anti-cheat only

I definitely wasn't nervous modifying my boot while also having BitLocker enabled. Also it's awesome I can just use Hyper-V to install another OS on another disk and then boot off of it for real.

Windows or Linux? Finding Your Perfect Match in the VPS Hosting Arena

In the ever-evolving landscape of Virtual Private Server (VPS) hosting, the choice between Windows and Linux is pivotal. Your decision can significantly impact your website's performance, security, and overall user experience. At l3webhosting.com, we understand the importance of this decision, and we're here to guide you through the intricacies of choosing the perfect match for your hosting needs.

Understanding the Basics: Windows vs. Linux

Windows VPS Hosting: Unveiling the Dynamics

When it comes to Windows VPS hosting, users are drawn to its familiarity and seamless integration with Microsoft technologies. For websites built on ASP.NET or utilizing MSSQL databases, Windows VPS is the natural choice. The user-friendly interface and compatibility with popular software make it a preferred option for businesses relying on Microsoft-centric applications.

Windows VPS provides robust support for various programming languages, ensuring a versatile hosting environment. The seamless compatibility with Microsoft's IIS (Internet Information Services) enhances website performance, especially for those developed using .NET frameworks.

Linux VPS Hosting: Unleashing the Power of Open Source

On the other side of the spectrum, Linux VPS hosting thrives on the principles of open source software. The inherent flexibility and stability of Linux attract developers and businesses looking for a reliable hosting foundation. Websites built using PHP, Python, or Ruby on Rails often find Linux to be the optimal environment.

Linux's renowned security features, including the capability to customize firewall settings, contribute to a robust defense against potential cyber threats. Additionally, Linux VPS hosting typically comes at a lower cost, making it an economical choice without compromising performance.

Performance Benchmark: Windows vs. Linux

Windows Performance Metrics

Windows VPS excels in scenarios where compatibility with Microsoft technologies is paramount. The integration with .NET applications and MSSQL databases ensures optimal performance for websites that rely on these frameworks. The user-friendly interface also simplifies management tasks, providing a smooth experience for administrators.

However, it's essential to note that Windows VPS may require more system resources compared to Linux, impacting scalability and cost-effectiveness for resource-intensive applications.

Linux Performance Metrics

Linux VPS, being lightweight and resource-efficient, offers excellent performance for a wide range of applications. The open-source nature of Linux enables users to tailor the operating system to their specific needs, optimizing performance and resource utilization.

Linux excels in handling concurrent processes and multiple users simultaneously, making it an ideal choice for high-traffic websites. Its stability and ability to run efficiently on minimal hardware make it a cost-effective solution for businesses mindful of their hosting budget.

Security Considerations: Windows vs. Linux

Windows Security Features

Windows VPS prioritizes security with features like BitLocker encryption, Windows Defender, and regular security updates. The familiarity of Windows security protocols can be reassuring for users accustomed to the Microsoft ecosystem.

However, the popularity of Windows also makes it a target for cyber threats. Regular updates and a robust security posture are crucial to mitigating potential risks.

Linux Security Features

Linux VPS boasts a solid reputation for security, primarily due to its open-source nature. The community-driven development and constant scrutiny contribute to swift identification and resolution of security vulnerabilities.

The ability to customize firewall settings and the availability of robust security tools make Linux a secure choice for websites that prioritize data protection and threat prevention.

Making Your Decision: Tailoring Hosting to Your Needs

Factors Influencing Your Choice

When deciding between Windows and Linux VPS hosting, consider the nature of your website, the technologies it relies on, and your budgetary constraints. If your website is built on Microsoft-centric frameworks, Windows VPS might be the most seamless option. On the other hand, Linux VPS offers versatility, cost-effectiveness, and robust security, making it an attractive choice for many users.

Our Recommendation

At l3webhosting.com, we understand that each website is unique. Our recommendation is tailored to your specific needs, ensuring that you make an informed decision based on performance requirements, budget considerations, and long-term scalability.

Conclusion: Your Hosting Journey Begins

In the dynamic world of VPS hosting, choosing between Windows and Linux is a critical decision. Understanding the nuances of each platform allows you to make an informed choice, aligning your hosting environment with your website's specific requirements.

An important note: as of right now, Microsoft Recall is only available on Windows 11 PCs, on certain types of hardware, when device encryption or Bitlocker and biometric sign-ins are enabled. The program is also opt-in, so if you're getting a new computer or setting one up yourself, it's not something that you should find running when you get it started. If you're still on Windows 10, this isn't something you'll deal with at all (but check up on what the end of security updates for the OS means for you, while you're here!)

I think the important thing is to recognize that while you have control over Windows Recall on your system, you DON'T have control over computers you use for work or school. Windows Recall has a taskbar icon that shows when it's active, so if you routinely use a Windows 11 PC or laptop that doesn't belong to you personally, it's worth checking to see if it's enabled! And maybe check with your IT people and ask some pressing questions if it is.

I think every computer user needs to read this because holy fucking shit this is fucking horrible.

So Windows has a new feature incoming called Recall where your computer will first, monitor everything you do with screenshots every couple of seconds and "process that" with an AI.

Hey, errrr, fuck no? This isn't merely because AI is really energy intensive to the point that it causes environmental damage. This is because it's basically surveilling what you are doing on your fucking desktop.

This AI is not going to be on your desktop, like all AI, it's going to be done on another server, "in the cloud" to be precise, so all those data and screenshot? They're going to go off to Microsoft. Microsoft are going to be monitoring what you do on your own computer.

Now of course Microsoft are going to be all "oooh, it's okay, we'll keep your data safe". They won't. Let me just remind you that evidence given over from Facebook has been used to prosecute a mother and daughter for an "illegal abortion", Microsoft will likely do the same.

And before someone goes "durrr, nuthin' to fear, nuthin to hide", let me remind you that you can be doing completely legal and righteous acts and still have the police on your arse. Are you an activist? Don't even need to be a hackivist, you can just be very vocal about something concerning and have the fucking police on your arse. They did this with environmental protesters in the UK. The culture war against transgender people looks likely to be heading in a direction wherein people looking for information on transgender people or help transitioning will be tracked down too. You have plenty to hide from the government, including your opinions and ideas.

Again, look into backing up your shit and switching to Linux Mint or Ubuntu to get away from Microsoft doing this shit.

Short summary of Exterminatus.

The drive kicked it.

But I had the knoppix.

But someone had re-enabled bitlocker.

But I had a key.

But the files are a mishmash though knoppix sees the partition after the key. You can even open some of them and enjoy a nice array of japanese and korean characters and sans as well as cursed unicode.

Gave this warp-corrupted piece of ungrateful junk to the data recovery app. It can't see the partition, even though I know it is there.

IT at work says it "will take a look". Online service says 2 weeks.

My head hurts and I simultaneously want and don't want to redraw the biomancy thing. It's dark fade and I don't seem to be able to handle dark stuff properly and without crying and throwing things at walls.

My paper was there, I don't want to relive this horror. Other stuff.

Ah fuck it.

On the other hand, I can enjoy the outdoors today. Glassed outdoors.

[i'll try the biomancy thing again in the evening, will attempt to take laptop off girlfriend :)]

Windows11 24H2 will enable BitLocker encryption by default, including Home Edition

Windows11 24H2 will enable BitLocker encryption by default, including Home Edition

Microsoft plans to enable BitLocker encryption by default during the Windows 11 24H2 installation process. This will have two impacts on users: one is affecting the performance of the hard drive, and the other is that if the user does not have the decryption key, related data may be lost.

We noticed the change while testing the installation of Windows 11 24H2 using the newly designed installer, and thankfully users can disable Device Encryption in the Privacy & Security section of Settings.

According to reports, Windows 11 24H2 brings an improved installer. The new installation process no longer starts with a "blue window" but is similar to an in-place upgrade, except that BitLocker encryption of the drive may be performed in the background during the new installation process.

This may not only affect Windows 11 Pro and above, but also Home editions, which may surprise some.

Using BitLocker to encrypt drives is not new on Windows 11 PCs, with some OEMs already implementing it on Pro machines. Of note, there are reports that the default software-based BitLocker encryption on Windows (XTS-AES 128) can cause significant performance degradation even on some of the fastest SSDs, such as PCIe Gen4 NVMe SSDs. Furthermore, unsuspecting users may be completely unaware that their device is encrypted, and if the key is lost or not saved correctly, the encrypted data may not be recovered.

And if you need Windows 11, You can buy it from keyingo.com, it is much cheaper than the Microsoft store !

Windows 11 Patch Notes

Force disabled SFWMS service

Inserted ads into every available bit of screen real estate

Adjusted your mouse sensitivity, screen scaling and microphone volume by 5%

Uninstalled your webcam driver

Set your keyboard to DVORAK

Activated Bitlocker

Force enabled SFWMS again

I think computers should have some sort of a "stop fucking with my settings"-setting. Like when you've set all your settings to your liking, they stay that way. So instead of fucking with all your settings and shifting everything a little bit to the left, your computer would just. not do that.

Enabling vTPM in vSphere VMs using Orchestrator

To enable a virtual Trusted Platform Module (vTPM) for a virtual machine in vCenter using Aria Automation Orchestrator (vRO), follow these steps. This process enhances security by enabling cryptographic features like BitLocker encryption and secure boot. What is vTPM?Before it, let us see TPM first – TPM or Trusted Platform Module is a specialized chip on an endpoint device that stores RSA…

How bad this is really can't be understated.

Recall is a feature that is being marketed as exclusive to Copilot+ PCs, a handful of new machines that are launching later this month. However, it's possible to install Recall on machines that don't meet the minimum system requirements. Machines like your standard Windows 11 PC that aren't running the new NPU chips, and probably at least some that are running Windows 10.

And, as said above, the SQLite database stores data as plain text.

But it's encrypted on the drive, Microsoft says, so it's safe!

No. No, it isn't.

So far this week I've seen a dozen client computers where the system has been compromised by remote access software. Most of them fell for scams saying their computers were infected with viruses, called an 800 number shown on the screen, and downloaded and installed those programs at the scammer's instructions.

Doing that grants the scammer full access to the system. Bitlocker's encryption kicks in when a drive is removed from a system and attached to another. It's not going to do anything to protect data from a scammer using the computer the drive belongs to while it's signed into the user account.

It's going to be a matter of seconds for them to export the entire SQLite database from the AppData folder it lives in on Copilot+ PCs. By the time the user realizes what's going on, it's probably too late.

And again, it's possible to get Recall installed on machines that aren't supposed to be running it because they don't meet the minimum system requirements. So there's a very real chance that threat actors are going to weaponize it and deploy it to victims' computers for the sole purpose of harvesting all the data they can.

The security risks this poses even to average PC users are legitimately terrifying.

And it's enabled by default on Copilot+ PCs. You have to actively opt out.

Recall is designed to use local AI models to screenshot everything you see or do on your computer and then give you the ability to search and retrieve anything in seconds. There’s even an explorable timeline you can scroll through. Everything in Recall is designed to remain local and private on-device, so no data is used to train Microsoft’s AI models. Despite Microsoft’s promises of a secure and encrypted Recall experience, cybersecurity expert Kevin Beaumont has found that the AI-powered feature has some potential security flaws. Beaumont, who briefly worked at Microsoft in 2020, has been testing out Recall over the past week and discovered that the feature stores data in a database in plain text.

Holy cats, this is way worse than we were told.

Microsoft said that Recall stored its zillions of screenshots in an encrypted database hidden in a system folder. Turns out, they're using SQLite, a free (public domain) database to store unencrypted plain text in the user's home folder. Which is definitely NOT secure.

Further, Microsoft refers to Recall as an optional experience. But it's turned on by default, and turning it off is a chore. They buried it in a control panel setting.

They say certain URLs and websites can be blacklisted from Recall, but only if you're using Microsoft's Edge browser! But don't worry: DRM protected films & music will never get recorded. Ho ho ho.

This whole debacle feels like an Onion article but it's not.

Luckily(?) Recall is currently only available on Windows 11, but I fully expect Microsoft to try and shove this terrible thing onto unsuspecting Win10 users via Update.

Stay tuned...

How to Enable & Use BitLocker to Go on Windows 11

Maximize Your Control with Dedicated Windows Servers

When it comes to web hosting and managing digital resources, the need for control, reliability, and high performance is non-negotiable. This is where Dedicated Windows Servers step in, offering a premium solution for businesses, developers, and enterprises looking to elevate their web presence. Unlike shared hosting or virtual private servers (VPS), dedicated servers provide an exclusive environment, giving you full control over your resources and software configurations.

In this blog, we'll explore the benefits and reasons why dedicated Windows servers are the ideal choice for those seeking maximum control over their hosting environment.

What is a Dedicated Windows Server?

A Dedicated Windows Server refers to a physical server that is entirely dedicated to a single user or organization. This means that you don’t share resources like CPU, RAM, or bandwidth with other clients. Powered by the Windows operating system, these servers support a variety of enterprise-level applications, including SQL Server, Active Directory, and custom web hosting environments.

The Windows environment is known for its user-friendly interface and wide support for software, making it an excellent choice for businesses that rely on Microsoft-based applications and require a stable, familiar platform.

1. Full Control Over Your Server

One of the most significant advantages of using a dedicated Windows server is complete control. As the sole user of the server, you have administrative access to the entire machine. This means you can install and configure any software, change system settings, and implement custom solutions according to your needs.

With root access to the operating system, you can:

Install and update software without restrictions.

Set up complex configurations to meet business requirements.

Ensure maximum security by controlling firewall settings and access permissions.

Install custom scripts and tools that may not be available in shared hosting environments.

This level of flexibility is essential for businesses with specific software needs or those operating resource-intensive applications.

2. Enhanced Performance and Reliability

With a dedicated Windows server, performance is vastly improved compared to shared hosting or VPS. Since you're the only user, the server's resources are allocated entirely to your applications and websites, ensuring faster load times and better overall performance.

Key performance benefits include:

No Resource Sharing: Unlike shared hosting, where multiple users share the same server, a dedicated server's resources are all yours.

Better Uptime: Since the server is dedicated to your use, there's less likelihood of experiencing downtime caused by the actions of other users.

Scalability: Dedicated servers can be easily upgraded to accommodate growing needs, whether that involves adding more RAM, storage, or processing power.

This reliability is crucial for businesses that require constant uptime, such as e-commerce stores, large websites, and enterprise applications.

3. Improved Security and Customization

Security is one of the most critical factors for any business operating online. With a dedicated Windows server, you can take control of your security measures and implement custom security protocols. Unlike shared hosting, where security depends on the actions of other users, a dedicated server offers isolated resources, reducing the risk of cyber-attacks and data breaches.

You can customize security settings by:

Installing and configuring your own firewalls.

Using Windows Security features such as BitLocker and Windows Defender.

Creating isolated environments with virtual machines (VMs).

Enabling regular backups and disaster recovery plans.

Implementing SSL certificates for secure transactions.

These customizable options allow you to create a robust security framework suited to your business’s specific needs.

4. Dedicated Support and Expert Assistance

When you opt for a dedicated Windows server, you're not just paying for the hardware and software – you're also getting access to expert technical support. Most hosting providers offer 24/7 support with dedicated teams that understand the intricacies of Windows servers.

This means:

Quick Resolution of Issues: Any technical difficulties or issues are resolved faster with a team that understands your specific setup.

Proactive Monitoring: Many providers offer proactive server monitoring services to identify potential issues before they impact your operations.

Consultation and Optimization: Dedicated support staff can guide you through system optimization and help you get the most out of your server.

This hands-on support ensures you can maintain your server's performance, security, and stability with ease.

5. Cost-Effective for Large Operations

Although dedicated Windows servers are generally more expensive than shared hosting or VPS options, they can be incredibly cost-effective for larger operations or businesses with high resource demands. By consolidating multiple applications, websites, and services onto a single dedicated server, you can save money on multiple hosting solutions.

Additionally, with full control over your server, you can optimize costs by adjusting the configuration to your precise needs, avoiding unnecessary expenses for resources you don’t use.

Conclusion

A Dedicated Windows Server offers unmatched control, performance, and security, making it the ideal choice for businesses that require a customized, scalable, and reliable hosting environment. Whether you’re running mission-critical applications, handling sensitive data, or operating large-scale websites, the flexibility and power provided by a dedicated server can take your business to the next level.

If you’re ready to maximize your control and optimize your online presence, consider upgrading to a dedicated Windows server today. With the right configuration and support, you’ll experience an enhanced digital experience that positions your business for long-term success.