> If your company has data that the police want and they can get a warrant, you have no choice but to give it to them.
Yes. The thing is: Microsoft made the design decision to copy the keys to the cloud, in plaintext. And they made this decision with the full knowledge that the cops could ask for the data.
You can encrypt secrets end-to-end - just look at how password managers work - and it means the cops can only subpoena the useless ciphertext. But Microsoft decided not to do that.
I dread to think how their passkeys implementation works.
> Yes. The thing is: Microsoft made the design decision to copy the keys to the cloud, in plaintext. And they made this decision with the full knowledge that the cops could ask for the data.
Apple does this too. So does Google. This is nothing new.
It's a commonly used feature by the average user who loses their password or their last device.
During set up, they even explicitly inform the user that their bitlocker keys are being backed up to the cloud. And, you can still choose to use bitlocker without key escrow.
If the user's MacOS FileVault disk encryption key is "stored in iCloud" it resides in the users iCloud Keychain which is end-to-end encrypted. This creates a situation similar to the iPhone, where Apple does not have the ability to access the user's data and therefore cannot comply with a warrant for access (which really annoys organizations like the FBI and Interpol)
I'm sorry, but you're wrong, and wrong in a way that is dangerous. You're conflating two separate things.
> If the user's MacOS FileVault disk encryption key is "stored in iCloud" it resides in the users iCloud Keychain which is end-to-end encrypted.
First: Keychains synced to iCloud are encrypted end to end, as is iCloud Keychain.
However: when you set up FileVault, you are prompted to put escrow your keys in the cloud. If you do that, those keys are NOT end-to-end encrypted.
Further: this is an explicit user feature. It is how "cloud unlock" of a machine with FileVault works. Apple also offers Advanced Data Protection, which is more akin to what you're describing, but requires opting in.
> This creates a situation similar to the iPhone, where Apple does not have the ability to access the user's data and therefore cannot comply with a warrant for access
Another potentially dangerous statement: while this is true for a locked phone, if you use iCloud backups for your device with "standard" level of protection, Apple stores the backups and maintains key escrow.
And by the way, the situation is improved in tahoe and closer to what you've described, but it's still not a guarantee if you upgraded from an older version.
Yes. The thing is: Microsoft made the design decision to copy the keys to the cloud, in plaintext. And they made this decision with the full knowledge that the cops could ask for the data.
You can encrypt secrets end-to-end - just look at how password managers work - and it means the cops can only subpoena the useless ciphertext. But Microsoft decided not to do that.
I dread to think how their passkeys implementation works.