12 Windows Services to Disable This 2024

Whether you have a low end PC or a high end PC, if you have unnecessary services running in the computer’s background, this will definitely slow down your machine and you won’t get a good performance out of it. First, click the windows icon at the lower-left part of your screen and click run and search for “services.msc”. Then, it will show you a lot of services with their basic description,…

View On WordPress

protect a flash drive without bitlocker

Co będzie, jeśli zgubisz komputer lub Ci go ukradną? 🚨 Czy na Twoim dysku znajdują się dane, które nie powinny trafić w niepowołane ręce? To poważny problem, ale dzięki szyfrowaniu dysków możesz zabezpieczyć swoje pliki! W tym materiale pokażę Ci, jak skutecznie zabezpieczyć dane na komputerze i chronić je przed nieautoryzowanym dostępem.

Why is BitLocker unable to encrypt Removable Drives via MBAM?

Fixed Data Drives refer to non-removable storage drives installed in a PC such as internal hard drives (HDDs) or solid-state drives (SSDs). Unlike removable drives (like USB flash drives). Fixed drives are used to store data, applications, and the operating system. In this article, we shall discuss how to resolve ‘Why is BitLocker unable to encrypt Removable Drives via MBAM?”. Please see Why does…

Windows 11 24H2 will enable BitLocker encryption by default, including Home Edition

Windows11 24H2 will enable BitLocker encryption by default, including Home Edition

Microsoft plans to enable BitLocker encryption by default during the Windows 11 24H2 installation process. This will have two impacts on users: one is affecting the performance of the hard drive, and the other is that if the user does not have the decryption key, related data may be lost.

We noticed the change while testing the installation of Windows 11 24H2 using the newly designed installer, and thankfully users can disable Device Encryption in the Privacy & Security section of Settings.

According to reports, Windows 11 24H2 brings an improved installer. The new installation process no longer starts with a “blue window” but is similar to an in-place upgrade, except that BitLocker encryption of the drive may be performed in the background during the new installation process.

This may not only affect Windows 11 Pro and above, but also Home editions, which may surprise some.

Using BitLocker to encrypt drives is not new on Windows 11 PCs, with some OEMs already implementing it on Pro machines. Of note, there are reports that the default software-based BitLocker encryption on Windows (XTS-AES 128) can cause significant performance degradation even on some of the fastest SSDs, such as PCIe Gen4 NVMe SSDs. Furthermore, unsuspecting users may be completely unaware that their device is encrypted, and if the key is lost or not saved correctly, the encrypted data may not be recovered.

And if you need Windows 11, You can buy it from keyingo.com, it is much cheaper than the Microsoft store !

BitLocker encryption broken in 43 seconds with sub-$10 Raspberry Pi Pico — key can be sniffed when using an external TPM

Bitlocker is one of the most easily accessible encryption solutions available today, being a built-in feature of Windows 10 Pro and Windows 11 Pro that’s designed to secure your data from prying eyes. However, YouTuber stacksmashing demonstrated a colossal security flaw with Bitlocker that allowed him to bypass Windows Bitlocker in less than a minute with a cheap sub-$10 Raspberry Pi Pico, thus…

View On WordPress

The Mysteries of BitLocker Recovery Key BitLocker is a full-disk encryption feature included in Microsoft Windows operating systems. It provides an additional layer of security by encrypting the entire hard drive, protecting the data stored on it from unauthorized access. However, in the event of certain circumstances such as a forgotten password or hardware failure, a BitLocker recovery key is essential for accessing the encrypted drive. [caption id="attachment_63031" align="aligncenter" width="640"] BitLocker recovery key[/caption] A BitLocker recovery key is a unique 48-digit numerical code that acts as a backup to unlock the encrypted drive. It is generated during the initial setup of BitLocker or can be retrieved later through various methods. Understanding the BitLocker recovery key and its importance is crucial for ensuring data security and avoiding potential data loss. Understanding BitLocker Recovery Key A BitLocker recovery key is a vital component of the BitLocker encryption system. It serves as a backup mechanism to unlock encrypted drives when the usual authentication methods, such as a password or smart card, fail. The recovery key is a 48-digit numerical code that is randomly generated during the encryption process. The recovery key can be stored in different formats, including a numerical key, a combination of letters and numbers, or a USB drive. It is essential to keep the recovery key in a secure location separate from the encrypted drive to prevent unauthorized access. When a BitLocker-protected drive needs to be unlocked, the recovery key is required. This ensures that even if the password or other authentication methods are forgotten or unavailable, the drive can still be accessed using the recovery key. It acts as a fail-safe measure to prevent data loss due to authentication issues. Obtaining and Saving the BitLocker Recovery Key There are several methods to obtain the BitLocker recovery key: Saving it during initial setup: When setting up BitLocker, users have the option to save the recovery key to a file, print it, or store it in a Microsoft account. Retrieving it from a Microsoft account: If the recovery key was saved to a Microsoft account, it can be retrieved by signing in to the account associated with the encrypted drive. Using Active Directory for enterprise users: In an enterprise environment, system administrators can use Active Directory to store and manage recovery keys for multiple drives. Recovering from a USB drive: If the recovery key was saved to a USB drive, it can be plugged in during the unlocking process to access the encrypted drive. It is crucial to save the BitLocker recovery key securely. Storing it in a safe location, such as a password-protected file or a hardware-encrypted USB drive, is recommended. It is also advisable to make multiple copies of the recovery key and store them in separate secure locations to avoid complete loss in case of unforeseen circumstances. By following these best practices, users can ensure that they have access to the recovery key when needed, preventing potential data loss and maintaining the security of their encrypted drives. Using the BitLocker Recovery Key The BitLocker recovery key plays a crucial role in two common scenarios: Unlocking a BitLocker-protected drive: In case the usual authentication methods fail, users can unlock the encrypted drive using the recovery key. This ensures access to the data stored on the drive. Recovering a lost or forgotten BitLocker password: If the password used to protect the BitLocker-encrypted drive is lost or forgotten, the recovery key can be used to regain access to the drive. Here is a step-by-step guide on how to use the BitLocker recovery key in both scenarios: Unlocking a BitLocker-protected drive: It is important to note that the recovery key should be kept in a secure location and not shared with unauthorized individuals. Additionally, users should be aware that using the recovery key will not reset the password, so it is advisable to update the password after regaining access to the drive. In case of any issues or errors while using the BitLocker recovery key, it is recommended to consult the official Microsoft documentation or seek assistance from a qualified IT professional. Managing and Updating BitLocker Recovery Key Changing or updating the BitLocker recovery key is an important aspect of maintaining the security of encrypted drives. Here are some methods to manage and update the recovery key: Changing the recovery key: Users can change the recovery key for a BitLocker-protected drive by accessing the BitLocker settings and selecting the option to change the recovery key. This is useful in situations where the current recovery key is compromised or needs to be updated for security reasons. Managing recovery keys for multiple drives: In an enterprise environment, system administrators can use Group Policy to manage recovery keys for multiple BitLocker-protected drives. This allows for centralized control and ensures that recovery keys are securely stored and accessible when needed. Periodically updating the recovery key: It is good practice to periodically update the recovery key for BitLocker-protected drives. This helps maintain the security of the encrypted data and reduces the risk of unauthorized access. By actively managing and updating the BitLocker recovery key, users can enhance the security of their encrypted drives and mitigate potential risks. Frequently Asked Questions What should I do if I lose my BitLocker recovery key? If you have lost your BitLocker recovery key, it is important to check if you have saved it in any of the available methods, such as a file, a Microsoft account, or a USB drive. If you cannot locate the recovery key, it is not possible to unlock the BitLocker-protected drive without it. In such cases, the data on the drive may be permanently inaccessible. Can I use the recovery key on multiple devices? No, each BitLocker-protected drive has a unique recovery key. The recovery key is specific to the drive it was generated for and cannot be used on other devices or drives. How can I recover my BitLocker recovery key from a Microsoft account? To recover your BitLocker recovery key from a Microsoft account, sign in to the Microsoft account associated with the encrypted drive. Navigate to the BitLocker recovery keys section, where you can view and retrieve the recovery key if it was previously saved to your account. Can I change my recovery key without decrypting the drive? No, to change the recovery key for a BitLocker-protected drive, the drive needs to be decrypted and then re-encrypted with a new recovery key. This process requires temporarily disabling BitLocker and can take a significant amount of time, depending on the size of the drive and the amount of data stored on it. What happens if I forget my BitLocker recovery key and password? If you forget both your BitLocker recovery key and password, it can be extremely challenging to regain access to the encrypted drive. Without the recovery key or password, the data on the drive may be permanently inaccessible. It is crucial to keep the recovery key and password in a secure location and create backups to avoid such situations. Conclusion: The BitLocker recovery key is a critical component of the BitLocker encryption system. It acts as a fail-safe mechanism to unlock encrypted drives in case of forgotten passwords or authentication failures. Understanding the BitLocker recovery key, obtaining and saving it securely, and knowing how to use it are essential for maintaining data security and preventing potential data loss. By following best practices, such as storing the recovery key in secure locations, periodically updating it, and managing it effectively for multiple drives, users can ensure the accessibility of their encrypted data while maintaining the highest level of security. Remember to always keep the recovery key in a safe place and avoid sharing it with unauthorized individuals. In case of any issues or concerns related to the BitLocker recovery key, it is advisable to consult official documentation or seek assistance from IT professionals to ensure the proper handling and management of encrypted drives.

For those who are not aware: Bitlocker is encryption software, it encrypts your computer and makes it impossible to access the information on the computer unless you have the key.

It should be standard practice for IT companies to document the bitlocker keys as they are configuring bitlocker on a computer; generally you would do this by creating a record in your client management software for that specific device and putting the key in the record. Sometimes software can be used to extract that information in the event that it's necessary, but even if there's theoretically a way to extract the key, it should be documented somewhere *other* than on the encrypted computer.

This is something that a lot of IT people fuck up on kind of a lot (we've definitely had problems with missing bitlocker keys and I'm quite happy that the people who didn't document those keys aren't my coworkers anymore).

So what do you do if you want to use encryption software and you're NOT an IT company using a remote management tool that might be able to snag the keys?

When you are setting up encryption, put the encryption key in your password manager. Put it in your password manager. Document the important information that you cannot lose in your password manager. Your password manager is a good place to keep important things like your device encryption key, which you do not want lost or stolen. (If you run your password manager locally on an encrypted computer, export the data every once in a while, save it as an encrypted file, and put the file on your backup drive; you are going to have a bad time if your computer that hosts the only copies of your passwords shits the bed so *make a backup*)

This is my tip for home users for any kind of important recovery codes or software product keys: Print out the key and put it in your underwear drawer. Keep it there with your backup drive. That way you've got your important (small) computer shit in one place that is NOT your computer and is not likely to get shifted around and lost (the way that papers in desks often get shifted around and lost).

Windows 7 - BitLocker Drive Encryption

2024 CrowdStrike Incident

I just wanted to document my day today. Since I feel this is a pretty major historical event in the history of computing.

From my understanding, the update that CrowdStrike pushed occurred last night, but I wasn't made aware of it until this morning.

I heard the notification for Microsoft Teams go off on my work phone a couple of times while I was still in bed. I decided not to answer right away since employees are supposed to call me directly if there's a production issue. However, around 5:30 this morning, I got a call from one of my team leads telling me that a CrowdStrike update got pushed earlier that has now "BitLockered" a bunch of computers.

For context, my team uses the term "BitLockered" for any time a computer crashes and requires the BitLocker encryption key to recover.

In any case, I was asked if I could run over to our local distribution center right away to start mitigating the damage. I immediately got up, got dressed, grabbed my work laptop and bag and left. I skipped my morning coffee and shower so I could get there ASAP.

When I finally managed to get inside the building, I started taking a look around the front office and saw several computers stuck on the Windows Recovery Mode screen. Already starting to look like a bad sign. I started booting up my work laptop, which I thankfully did not leave turned over overnight, and headed upstairs to a bank of production computers. As soon as I got up there, I saw a sea of Windows Recovery Mode screens.

By this point my Microsoft Teams notifications started going off non-stop, and I started running the recommended fix on one of the computers. Basically I was trying to make sure I understood how to perform the fix. At this point, it became apparent we were going to have to touch every endpoint in our network at every facility.

Around 6:00AM, I got a call from a manager from a separate facility asking me about what was going on. This is someone that's constantly just called me instead of submitting a help desk ticket, and I've tried to be patient with. Today I had to be a bit more blunt and state that I couldn't drop what I was doing to come over and help, but that someone would be there later today to assist. This manager continued to try and call me throughout the day, but I had to keep telling him that I was not going to be available all day.

Around 6:30AM one of my co-workers made it to the distribution center to help. I ran the fix on his laptop and we started working to fix each computer one by one. A bit later I noticed my mom texted me that she heard about this in the news. So I looked up "CrowdStrike" on Google and found that not only were we affected by it, but many other major companies were.

As we started getting workstations back online, it became apparent that was only going to be half the battle, as this issue caused most of our servers to crash as well. But at this point, we figured it would be best to continue to get as many workstations back up and running one by one. But because the servers were down, I kept getting asked if I could restore a connection, which unfortunately we couldn't do until the server team could run the fixes on our servers.

Eventually I was asked to join a Zoom call so I could start providing other facilities with BitLocker keys so they could start running the fix on their own computers. Some machines we determined could be fixed by reverting to a restore point. Others we had find a way to manually remove the "C-00000291*.sys* file by booting the computer into Safe Mode with Networking. Those devices ended up costing us a bunch of time to get back up and running.

By the time 5:00PM rolled around, I asked if I could go home and continue to work from there. So I took the opportunity to go home, get myself cleaned up, and continue to work. By 8:30PM it seemed that things had died down to the point we could stop for the day. I'm sure we've got a few machines we still need to apply the fix to, but we managed to get our core business back up and running within the matter of a few hours.

So yeah, long story. But I just felt like documenting it, given that this is an event that's probably going to be pretty well remembered in the history books.

If you have Windows 11, please turn off the Recall feature unless you have Bitlocker on your computer. This is because it takes screenshots of your PC and stores them in such a way that the screenshots could be stolen and passwords etc. taken. (It can be encrypted automatically by Bitlocker, so if you do have that enabled, turning Recall off is optional). If you want to turn off Recall, please do the following:

Please open "Settings".

Next, please click on "Privacy & Security".

Select the "Recall & Snapshots" page.

Turn off the “Save snapshots” toggle switch.

Do this for every account on the computer (the setting is saved per account).

This will completely turn off the Recall option on the account. If you use Windows 10 or earlier, you can put your feet up and relax - Recall isn't available on these operating systems. Obviously, it's a non-issue on non-Windows computers too.

i can do better than that previous poll. 1 point per recommendation followed, interpret conservatively.

automatic backups (and tested!!)

ransomware resilient

2nd factor on all important accounts

2nd factor, not sms, phishing resistant everywhere where feasible

unique passwords on all important accounts

unique passwords everywhere

bitlocker/full disk encryption and secureboot

bonus point for measures not listed (tags plssss)

Windows 11 BitLocker Encryption Bypassed to Extract Full Volume Encryption Keys

Source: https://gbhackers.com/windows-11-bitlocker-encryption-bypassed/

More info: https://noinitrd.github.io/Memory-Dump-UEFI/

How to Disable device encryption

How to Disable device encryption

How to Disable device encryption Encryption is a powerful tool for protecting data on your Windows devices. However, there are times when you might need to disable it. Let’s walk through the process of disabling device encryption in Windows 10/11 and understand the difference between Device Encryption and BitLocker Drive Encryption. Kindly see, How to Change BitLocker Password in Windows and how…

View On WordPress

Breaking Bitlocker

(ez amugy csak azert erdekes, mert van itt nalam egy laptop, rajta van ez a szar, es senki nem tudja a bitlocker pint; elso ranezesre githubon van hw / sw IS, nem ezeket altalaban nem adjak ki...)

This day in history

On September 12 at 7pm, I'll be at Toronto's Another Story Bookshop with my new book The Internet Con: How to Seize the Means of Computation.

On September 14, I'm hosting the EFF Awards in San Francisco.

#15yrsago Canadian man changes name to beat no-fly list https://web.archive.org/web/20080917202919/https://www.cbc.ca/canada/montreal/story/2008/09/11/nofly-name.html

#15yrsago Michigan GOP attacks right-to-vote for the recently foreclosed https://web.archive.org/web/20080911193036/https://michiganmessenger.com/4076/lose-your-house-lose-your-vote

#15yrsago North Texas house burns because local authorities switched off hydrants “to fight terrorism” https://web.archive.org/web/20080913150058/https://www.wfaa.com/sharedcontent/dws/wfaa/latestnews/stories/wfaa080827_lj_hawes.1983f2d0.html

#15yrsago Terror cops hunt down ornamental castor bean plant https://web.archive.org/web/20080914224719/http://www.abc4.com/news/local/story.aspx?content_id=f2396fa3-c730-457d-825c-257c263a831c

#15yrsago Seaweed: Lush, hilarious oversized indie graphic novel https://memex.craphound.com/2008/09/11/seaweed-lush-hilarious-oversized-indie-graphic-novel/

#10yrsago NSA reveals that it illegally gathered thousands of phone records, to the appalled astonishment of FISA court judge https://www.theguardian.com/world/2013/sep/10/nsa-violated-court-rules-data-documents

#10yrsago Revisiting Milgram’s obedience experiment: what did he actually prove? https://psmag.com/social-justice/electric-schlock-65377

#10yrsago This is the crypto standard that the NSA sabotaged https://archive.nytimes.com/bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/

#10yrsago How the feds asked Microsoft to backdoor BitLocker, their full-disk encryption tool https://mashable.com/archive/fbi-microsoft-bitlocker-backdoor

#5yrsago California Farm Bureau sells out farmers, hands John Deere a monopoly over tractor repair https://www.vice.com/en/article/kz5qgw/california-farm-bureau-john-deere-tractor-hacking-right-to-repair

#5yrsago 2018’s Blue Wave needs to take down Trump, and the right-wing establishment of the Democratic Party https://www.theguardian.com/commentisfree/2018/sep/10/trump-neoliberal-democratic-party-america

#5yrsago History’s solutions to runaway inequality: warfare, revolution, state collapse and plague https://www.economist.com/open-future/2018/09/10/can-inequality-only-be-fixed-by-war-revolution-or-plague

#5yrsago The EU’s copyright plans will let anyone mass-censor the internet https://www.eff.org/deeplinks/2018/09/how-eus-copyright-filters-will-make-it-trivial-anyone-censor-internet

#5yrsago Wanting It Badly Is Not Enough: Real Problems For Creators Deserve Real Solutions https://www.eff.org/deeplinks/2018/09/wanting-it-badly-not-enough-real-problems-creators-deserve-real-solutions

#5yrsago Woman World: the hilarious man-free apocalypse we’ve all been waiting for https://memex.craphound.com/2018/09/11/woman-world-the-hilarious-man-free-apocalypse-weve-all-been-waiting-for/

#5yrsago What developers need to do to save the internet from the EU’s looming copyright disaster https://github.blog/2018-09-10-how-developers-can-defend-open-source-from-the-eu-copyright-proposal/