this post was submitted on 14 Aug 2024
3 points (100.0% liked)

Technology

60074 readers
3556 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Brkdncr@lemmy.world -1 points 4 months ago (3 children)

The anti-MS here is annoying. They set up online accounts by default to improve usability and its complaints about privacy. They set up full disk encryption at rest by default to improve privacy and its complaints about usability.

[–] BearOfaTime@lemm.ee 1 points 4 months ago* (last edited 4 months ago)

They set up online accounts by default to improve usability

Hahahahaha, you're kidding, right? Or do you genuinely believe this?

Unless you mean usability for MS tracking and telemetry of home users who lack the expertise of enterprise IT (which uses Windows Pro, and disables/blocks the MS tracking via Group Policy, which isn't available on Windows Home).

The reason for defaulting to an MS account, and making it practically required (they even hide creating a local account during setup if it has a network connection), is to capture even more user data and telemetry.

Now, defaulting to encryption is a good thing. But, the way to do it is to explain during setup (and have a process for) saving the key to another device immediately after setup - such as a thumb drive. Or even printing it, saving it to a text file, etc, etc.

It should also explain how critical it is, and not to trust saving it to a single device/location.

[–] gentooer@programming.dev 0 points 4 months ago (1 children)

These are valid complaints tho.

[–] Badeendje@lemmy.world -1 points 4 months ago

From powerusers yes, and taking away their options is nonsense. But for the general populace it is arguably a good thing.

[–] IHawkMike@lemmy.world -1 points 4 months ago (2 children)

Agreed. The immature iamsosmart user base is making me strongly consider leaving Lemmy for good. There just aren't enough actual professionals here for any serious discussion in a technical community. It's just a bunch of 20-year-olds who think they have the world figured out. And they all downvote based on emotion rather than facts (which I am quite prepared for).

Microsoft accounts, OneDrive, and BitLocker are absolutely great features for the average user providing SSO, cloud storage with ransomware-proof backups, and seamless full-disk encryption.

I love Linux too, but there seems to be no room for nuance on Lemmy. These children are insufferable.

[–] dogslayeggs@lemmy.world 1 points 4 months ago (1 children)

I lost all of my data on a tablet that had Bitlocker installed without my knowledge. Not one time was I ever told that my drive was encrypted or that there was even something called Bitlocker or that I should write down some password or code. Bitlocker activated because of an OS update, and I had no way to unlock it so I had to wipe the drive. I don't have an MS account, because I have no need to give MS all of my data, so I couldn't unlock it that way either. And no, I'm not a 20 year old; I'm someone who has used computers since before the internet and have no interest in setting up a corporate account for every watch, shoe, phone, video game, car, etc. I have no interest in giving MS all of my pictures, documents, emails, and browsing history.

[–] IHawkMike@lemmy.world -1 points 4 months ago (1 children)

Bitlocker activated because of an OS update

This did not happen. You did something to enable it.

I don't have an MS account, because I have no need to give MS all of my data

If you had one, all of your data would have been safe in OneDrive and easily recoverable. But I'm sure the irony is completely lost on all the anti-MS people here. Nah, it must be Microsoft's fault you didn't have backups when you broke your tablet.

[–] dogslayeggs@lemmy.world 0 points 4 months ago (1 children)

Bitlocker activates when you enter an incorrect OS password too many times. I had my tablet set to unlock without a password or pass code, so I never used whatever pass code I set up a year and a half earlier. After one of the OS updates it forced me to log in with a pass code. I tried some pass codes I thought I might have used, thinking that worst case I would have to do a time delay before trying again.... because again, MS never told me Bitlocker was installed and never told me it had a password and never told me I should write down whatever password Bitlocker set for itself and never told me that Bitlocker would lock my entire harddrive if I entered an incorrect password too many times.

But go ahead and keep telling me it's my fault MS added something so intrusive without telling me.

[–] IHawkMike@lemmy.world -1 points 4 months ago (1 children)

Bitlocker activates when you enter an incorrect OS password too many times.

This is completely false. Please stop spreading misinformation. You clearly have no idea how BitLocker works, nor Secure Boot, BCD, TPM, or PCRs. Or anything really.

Maybe you should stick to an iPad. I'm done replying to this blithering nonsense.

[–] dogslayeggs@lemmy.world 0 points 4 months ago (1 children)

Where is /c/confidentlyincorrect when you need it?

https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview

Very first goddamn bullet: "Entering the wrong PIN too many times"

[–] IHawkMike@lemmy.world 0 points 4 months ago (1 children)

That's the BitLocker PIN, not the OS PIN. Go away.

[–] dogslayeggs@lemmy.world 1 points 4 months ago (1 children)

I don't think you're right. Those bullets are: "The following list provides examples of common events that cause a device to enter BitLocker recovery mode when starting Windows:"

Why would entering the Bitlocker PIN too many times cause BitLocker to activate? If you are entering a BitLocker PIN then you have already activated BitLocker, right? Please explain to me why, in your scenario, I would be in the position to enter the BitLocker PIN too many times when all I was doing was restarting my tablet after an OS update.

The last bullet says it also happens when "Exceeding the maximum allowed number of failed sign-in attempts." So even if you are correct that the first bullet is about the BitLocker PIN, then the last bullet is about failed sign-in attempts to Windows.

I like how you keep dismissing someone who is providing evidence by replying with being a jerk instead of giving helpful or factual information. You're dying on the stupidest hill here.

[–] IHawkMike@lemmy.world -1 points 4 months ago* (last edited 4 months ago) (1 children)

I don't care what you think. I'm playing chess with a pigeon here. Test it yourself.

Edit: And sorry for being a jerk. Back to my original point, I'm pretty much fed up with the "technical" communities of Lemmy where correct information is downvote to oblivion and blatantly wrong information is lionized as absolute truth. And when I have tried to actually help and provide useful information I get met with the hordes of confidently incorrect people trying to discredit me.

[–] dogslayeggs@lemmy.world 0 points 4 months ago (1 children)

https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold

Right there, in plain English directly from Microsoft:

"Failed password attempts on workstations or member servers that have been locked by using either Ctrl + Alt + Delete or password-protected screen savers count as failed sign-in attempts.

The security setting allows you to set a threshold for the number of failed sign-in attempts that causes the device to be locked by using BitLocker. This threshold means, if the specified maximum number of failed sign-in attempts is exceeded, the device will invalidate the Trusted Platform Module (TPM) protector and any other protector except the 48-digit recovery password, and then reboot. "

[–] IHawkMike@lemmy.world -1 points 4 months ago

Look man, this is just exhausting. I'm well aware of that security policy. I have enabled it at some of my clients. But it's not a default setting and would never be on a random non-enterprise PC. This is what I mean when I say the only people who are getting locked out this way were screwing with their computers in ways they don't understand, installing random garbage and following bad advice on the internet.

From your link:

If you set the value to 0, or leave blank, the computer or device will never be locked as a result of this policy setting.

[–] jeena@piefed.jeena.net 0 points 4 months ago (1 children)
[–] IHawkMike@lemmy.world -1 points 4 months ago (1 children)

I'm actually 46.

Here's a cookie:

[–] jeena@piefed.jeena.net 1 points 4 months ago

Oh, and I use Arch btw.