Privacy watchdog calls for Windows 10 to stop uploading encryption keys to Microsoft

Fix it Already wants Microsoft to update Windows 10 Home Edition so it follows the same security practices as Pro and Enterprise

Privacy watchdog Fix it Already has called for Microsoft to stop its Windows 10 platform from sharing encryption keys.

Although only a problem with the Windows 10 Home Edition, the campaign launched by the Electronic Frontier Foundation (EFF) wants the process of sharing keys with Microsoft to be eradicated, enforcing that the disk encryption key is only shared with users.

Fix it Already said Microsoft is unfairly treating users of Home Edition because both Enterprise and Pro editions of its platform work differently and encryption keys aren't shared with the company at all.

"Windows 10 Home Edition does come with a built-in encryption solution, but only for some users. Called 'Device Encryption', it only works if you have certain hardware and if you sign into your computer with a Microsoft accountwhich means you have to trust Microsoft with the backup keys. This is bad encryption design by Microsoft: users should never have to give their encryption keys to a third-party," explained the EFF.

Advertisement
Advertisement - Article continues below

Although giving the key to Microsoft means users are able to recover data, even if the backup is lost, those keys could be exposed if a data breach occurs and this means hackers could potentially steal information stored on user computers.

"Other versions of Windows 10 don't require you to back up your key to Microsoft's servers," the watchdog continued. "And some Windows 10 Home users may find it helpful to have a backup key stored on Microsoft's servers, so that they can recover the contents of their computers even if they forget their passwords. But other users may have different concerns, and may not be technically savvy enough to remove the backup key and generate a new one."

It now wants Microsoft to update Home Edition to be in line with its business products.

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now
Advertisement

Most Popular

Visit/business-strategy/digital-transformation/354201/boston-dynamics-dog-like-robots-sniff-out-bombs-for
digital transformation

Boston Dynamics dog-like robots sniff out bombs for Massachusetts police

26 Nov 2019
Visit/business-strategy/mergers-and-acquisitions/354191/xerox-to-pursue-hostile-hp-takeover-after-30bn
mergers and acquisitions

Xerox to pursue hostile HP takeover after $30bn gambit fails

28 Nov 2018
Visit/mobile/google-android/354189/samsung-galaxy-a90-5g-review-simply-the-best-value-5g-phone
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019
Visit/security/data-breaches/354192/t-mobile-data-breach-affects-more-than-a-million-users
data breaches

T-Mobile data breach affects more than a million users

25 Nov 2019