Microsoft OneDrive - Encryption Keys Uploaded?
- Details
- Created on Tuesday, 23 December 2014 08:56
Microsoft OneDrive in NSA PRISM
A sends:
1) Bitlocker keys are uploaded to OneDrive by 'device encryption'.
"Unlike a standard BitLocker implementation, device encryption is enabled automatically so that the device is always protected.
...
If the device is not domain-joined a Microsoft Account that has been granted administrative privileges on the device is required. When the administrator uses a Microsoft account to sign in, the clear key is removed, a recovery key is uploaded to online Microsoft account and TPM protector is created."
http://technet.microsoft.com/en-us/library/dn306081.aspx
2) Device encryption is supported by Bitlocker for all SKUs that support connected standby. This would include Windows phones.
"BitLocker provides support for device encryption on x86 and x64-based computers with a TPM that supports connected stand-by. Previously this form of encryption was only available on Windows RT devices."
http://technet.microsoft.com/en-us/library/dn306081.aspx#BKM...
3) The tech media and feature articles recognise this.
"... because the recovery key is automatically stored in SkyDrive for you."
http://www.zdnet.com/surface-bitlocker-and-the-future-of-encryption-7000024613/
4) Here's how to recover your key from Sky/OneDrive.
"Your Microsoft account online. This option is only available on non-domain-joined PCs. To get your recovery key, go to ...onedrive.com..."
http://windows.microsoft.com/en-us/windows-8/bitlocker-recovery-keys-faq
5) SkyDrive (now named OneDrive) is onboarded to PRISM. (pg 26/27)
http://hbpub.vo.llnwd.net/o16/video/olmk/holt/greenwald/NoPlaceToHide-
Documents-Uncompressed.pdf
Source http://cryptome.org/2014/11/ms-onedrive-nsa-prism.htm
Subscribe to our Newsletter
Search ALL Articles
Managed V. Non-Managed
US-CERT Latest Warnings
Latest US-CERT Released Warnings
-
Mozilla Releases Security Updates for Firefox and Firefox ESR
Mozilla Releases Security Updates for Firefox and Firefox ESR
Original release date: June 18, 2019Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the[…]
Created on: Jun 18, 2019 | 11:01 am
Jun 18, 2019 | 11:01 am -
Mozilla Releases Security Update for Thunderbird
Mozilla Releases Security Update for Thunderbird
Original release date: June 13, 2019Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit these vulnerabilities to take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to[…]
Created on: Jun 13, 2019 | 19:34 pm
Jun 13, 2019 | 19:34 pm -
Google Releases Security Updates for Chrome
Google Releases Security Updates for Chrome
Original release date: June 13, 2019Google has released Chrome 75.0.3770.90 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA) encourages users[…]
Created on: Jun 13, 2019 | 15:27 pm
Jun 13, 2019 | 15:27 pm -
Exim Releases Security Patches
Exim Releases Security Patches
Original release date: June 13, 2019Exim has released patches to address a vulnerability affecting Exim versions 4.87–4.91. A remote attacker could exploit this vulnerability to take control of an affected email server. This vulnerability was detected in exploits in the[…]
Created on: Jun 13, 2019 | 12:41 pm
Jun 13, 2019 | 12:41 pm -
FTC Releases Alert on Updating Software
FTC Releases Alert on Updating Software
Original release date: June 13, 2019The Federal Trade Commission (FTC) has released an alert on keeping software up to date to help protect sensitive information such as financial and tax information.The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers to[…]
Created on: Jun 13, 2019 | 12:37 pm
Jun 13, 2019 | 12:37 pm -
Cisco Releases Security Update for Cisco IOS XE
Cisco Releases Security Update for Cisco IOS XE
Original release date: June 12, 2019Cisco has released a security update to address a vulnerability in Cisco IOS XE. A remote attacker could exploit this vulnerability to take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA) encourages[…]
Created on: Jun 12, 2019 | 14:19 pm
Jun 12, 2019 | 14:19 pm -
Intel Releases Security Updates, Mitigations for Multiple Products
Intel Releases Security Updates, Mitigations for Multiple Products
Original release date: June 11, 2019 | Last revised: June 12, 2019Intel has released security updates and recommendations to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a[…]
Created on: Jun 11, 2019 | 12:23 pm
Jun 11, 2019 | 12:23 pm -
Microsoft Releases June 2019 Security Updates
Microsoft Releases June 2019 Security Updates
Original release date: June 11, 2019Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA) encourages users[…]
Created on: Jun 11, 2019 | 11:03 am
Jun 11, 2019 | 11:03 am -
Adobe Releases Security Updates
Adobe Releases Security Updates
Original release date: June 11, 2019Adobe has released security updates to address vulnerabilities affecting ColdFusion, Adobe Campaign, and Adobe Flash Player. An attacker could exploit some these vulnerabilities to take control of an affected system.The Cybersecurity and Infrastructure Security Agency[…]
Created on: Jun 11, 2019 | 07:14 am
Jun 11, 2019 | 07:14 am -
CIS Releases 2018 Year in Review
CIS Releases 2018 Year in Review
Original release date: June 10, 2019The Center for Internet Security (CIS) has released its 2018 Year in Review. CIS is home to the Multi-State Information Sharing & Analysis Center (MS-ISAC), a Cybersecurity and Infrastructure Security Agency (CISA) partner focused on cyber[…]
Created on: Jun 10, 2019 | 18:47 pm
Jun 10, 2019 | 18:47 pm
 |
High Desert Technology is a Complete IT Solution with a Privacy and Security Emphasis!
 |
 |