Based on the comments in the thread, I sense I will be in the minority, but for most consumers this is a reasonable default. Broadly speaking, the threat model most users are concerned with doesn't account for their government. The previous default is no encryption at rest, which doesn't protect from the most common threats, like theft or tampering. With BitLocker on, a new risk for users is created: loss of access to their data because they don't have their recovery key. You are never forced to keep your recovery keys in Microsoft's servers and it's not a default for corporate users.

It's certainly a reasonable default. People lose or have their laptops stolen much more often than they get targeted by their governments.

Though that doesn't mean Microsoft couldn't implement a way of storing these keys so that they can't be accessed by Microsoft. Still better than nothing though.

I think it’s a reasonable default if Microsoft weren’t able to access your encryption keys.

Apple has that figured out. Your keys can be stored in your cloud synced keychain but only you can decrypt that keychain.

That’s why they couldn’t help the FBI to decrypt devices even when compelled.

Microsoft should have done the same. They should never find themselves in a place where they can be compromised like this.

I'll always remember - when I was first learning about it, one of the interesting counter-arguments to ignoring privacy was "what if the Nazis come back, would you want them to have your data?". I suppose there's some debate these days, but hostile governments seem a lot closer than they were 10-15 years ago.

Will this make people care? Probably not, but you never know.

"Closer"? They're already here. Trusting corporations or governments is inherently moronic.

Even in the best of times. Why widen your attack surface unnecessarily? Do you tell people your passwords and PINs at parties?

What governments and corporations (and plenty of bad actors in the FOSS world) have done is make this the default; made it easy to mindlessly hand people your privacy without even knowing. Opt-out, if you know the setting exists, and can find it.

For password hashing, only short-output or broken hash functions have practical collision concerns. The odds of any random collision with a 256-bit hash, and not with a specific hash, is 50% at 2^128 inputs. Salting is a defense against precomputation attacks like rainbow tables and masking password reuse. Attackers crack password dumps by trying known password combinations, previously compromised passwords, brute force up to a certain length, etc. and using the hashing algorithm to compare the output.

You can check against the API with just the first characters of your hashed password (SHA-1 or NTLM), for example: https://api.pwnedpasswords.com/range/21BD1 or you can download the entire dataset.

How can you download the entire dataset?

You can download the entire dataset using curl (will be 40+ GB)

    curl -s --retry 10 --retry-all-errors --remote-name-all --parallel --parallel-max 150 "https://api.pwnedpasswords.com/range/{0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F}{0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F}{0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F}{0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F}{0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F}"

It's not that I couldn't have written that oneliner, it's that I assumed you'd get blocked very quickly.

It is officially recommended by the Troy Hunt: https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader/i...

That speaks to a certain confidence in one's servers ability to hold up under load, doesn't it?

"Oh you want your own copy? Sure, just thrash seven shades of shit out of the database. Here's how."

It's not a database, it's just files. And they are hosted by Cloudflare so they can cope with a lot of downloads.

I think he should make the files smaller my removing the second half of the hashes, i.e. reduce it from 40 hex digits to 20. This increases the change of a false positive (i.e. I enter my password, it says it was compromised but it wasn't, it just has the same hash as one that did) from 1 in 10^48 to 1 in 10^24 (per password), but that's still a huge number. (There's less than 10^10 people in the world, they only have a few passwords each). This will approximately halve the download, maybe more because the first half of each hash is more compressible (when sorted) the second half is totally random.

> It's not a database, it's just files. And they are hosted by Cloudflare so they can cope with a lot of downloads.

Database: a usually large collection of data organized especially for rapid search and retrieval (as by a computer) [1]

It is a database. Stop nitpicking.

[1] https://www.merriam-webster.com/dictionary/database

Confidence in Cloudflare, for sure.

That's crazy, thank you.

You are being purposefully obtuse here. HIBP is a very, very well established site with a long history of operating in good faith.

> > It's not that I couldn't have written that oneliner, it's that I assumed you'd get blocked very quickly.

> junon https://news.ycombinator.com/user?id=junon

> You are being purposefully obtuse here. HIBP is a very, very well established site with a long history of operating in good faith.

Allowing people to query and someone downloading the entire dataset is normally considered abuse, so being blocked is the expectation here. You're so dense you're bending light around you.

Several open source tools can be found on GitHub, but here’s the “official” one https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader

Second line I already notice:

> 000F6468C6E4D09C0C239A4C2769501B3DD:5894

... Does the 5894 mean what I think it does?

I remember when I was searching the file for some passwords my friends and family use, it took me a while to work out that number too. There are some passwords that many people seem to independently come up with and think must be reasonably secure. I suppose they are to the most basic of attacks.

5894 means that the password appeared 5894 times in the dataset.

5894 is not the password associated with the hash.

Yes, it did mean what I thought, then.

But I guess some passwords appear far more often than that in the dataset.

Some passwords are far more commonly used than others; that isn't surprising.

(2020)

This type of exploit is useful as part of a chain of exploits; it defeats a defense-in-depth protection.

Specifically, it leaks a kernel address inside a security-sensitive structure, which is supposed to be unpredictable / unknowable because the layout of kernel memory is randomized.

If you have another exploit that will write bytes under the attacker’s control to an attacker-supplied kernel address, you will be able to do the Windows equivalent of escalate to root.

Doesn't look like it. https://github.com/anewtypeofinterference/Optician-Sans/issu...

I believe this was the original announcement https://azure.microsoft.com/en-us/blog/powershell-is-open-so.... I have used it on Linux and it is included by default in Kali and ParrotOS.

Open-source versus proprietary and the option to self-host are the two that immediately come to mind.

I can't speak about the other password managers, but 1Password's architecture ensures even 1Password can't see any of your credentials. It's E2E Encrypted.

I've been a 1Password user for over a decade. It's user friendly, and I'd rather not have the responsibility to self-host my company and extended family's credentials.

Bitwarden is also a zero knowledge architecture built on E2EE; I would presume that is the standard in the industry.

This doesn't pass the sniff test. Please, show me the napkin math where this remotely adds up.

My dad was obsessed with this game while I was growing up and I was so proud to learn how to use DOSBox so that he could play it again. A very formative game for me and I get a nostalgic itch to revisit it every few years. Just seeing the title, I can hear the music playing.