• toasteecup@lemmy.world
    link
    fedilink
    English
    arrow-up
    37
    ·
    4 months ago

    This is great and a hats off to Microsoft for whipping it up so fast,that being said you’ll still need the recovery key for bitlocker which is the ultimate problem; a bitlockered crowdstriked active directory server storing all of the bitlocker recovery keys.

    • cm0002@lemmy.world
      link
      fedilink
      English
      arrow-up
      15
      arrow-down
      2
      ·
      4 months ago

      a bitlockered crowdstriked active directory server storing all of the bitlocker recovery keys.

      If you didn’t make a backup of the recovery key to the master server holding all other keys that’s on you

      • Rhaedas@fedia.io
        link
        fedilink
        arrow-up
        19
        ·
        4 months ago

        I did make a backup. Then I put it on that other computer. That’s also blue screen.

        Post-It security is best security.

      • toasteecup@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        4 months ago

        Oh I’m not affected by this at all. I’m just explaining the issue and why we’re not out of the forest yet. I fully agree that this is the fault of the companies for having garbage update and back up policies. I also blame crowdstrike for having a shit tier qa policy.

      • stringere
        link
        fedilink
        English
        arrow-up
        4
        ·
        4 months ago

        Second-to-worst-case scenario was the best we could do at the time.

    • Buelldozer@lemmy.today
      link
      fedilink
      English
      arrow-up
      2
      ·
      4 months ago

      It’s a PITA but you can restore a backup from last Wednesday or earlier into a VM, boot it up, and then retrieve the key for one of your regular ADCs.

      Also, why are all your ADCs using BitLocker? I get that you want data encrypted at rest but why not use your RAID controller instead?