Chris Murphy wrote:
Summary: Windows 10/11 increasingly enables Bitlocker (full disk
encryption) out of the box with the encryption key sealed in the TPM.
[…]
The Bitlocker encryption key is unsealed only if the boot chain
measurement by the TPM matches the expected values in a TPM PCR.
So, basically, they set up things without the user's knowledge so that the
user's data can only be decrypted from Windows, only when booted directly,
and only with Restricted Boot enabled. Does that not fit the definition of
ransomware? Treacherous Computing at its finest… Does anyone still believe
that all this is about security?
Kevin Kofler