> Not "backdoors" but it seems Microsoft stores the BitLocker decryption key, based on this leaked slide (just found on twitter): https://twitter.com/TheBlogPirate/status/471759810644283392/...
> edit: Confirmed Microsoft stores your recovery key on their servers if you're not connected to a domain: http://windows.microsoft.com/en-AU/windows-8/bitlocker-recov...
That looks dubious to me - if you were creating a slide, would you use 90-degree-rotated text?
> edit: Confirmed Microsoft stores your recovery key on their servers if you're not connected to a domain: http://windows.microsoft.com/en-AU/windows-8/bitlocker-recov....
"There are several locations in which your BitLocker recovery key might have been saved" - emphasis mine - doesn't this mean they'll store the key if you log into "Your Microsoft account"? I have to admit I don't use Windows 8 so I don't know if this is mandatory or not? What about Windows 7?
(1) It's possible Microsoft could choose to store the keys online regardless of what the user picks, but it's certainly not their official stance.
(2) Microsoft does automatically store keys online if you're using "Device Encryption" in Windows 8.1 (http://arstechnica.com/information-technology/2013/10/window...). This uses Bitlocker code but is distinct from using Bitlocker itself though -- i.e. if you do a vanilla Bitlocker encryption, your system should not send the keys to MS without a user (or admin) explicitly telling it to.
Now I have read these revelations, I feel that not trusting Microsoft is a sensible default.
You make it sound as if trusting Microsoft was ever an option to begin with...
Both of these are hypothetical, however. We've seen tons of vulnerabilities from both. IMHO Open Source works a lot better on paper but once projects get very large auditing them is really hard...which definitely cuts down on the amount of eyes looking at them.
These two things are orthogonal, IMHO.
My point is that while open-source should be better, right now it seems that everything is equally not good enough.
http://dokan-dev.net/en/ might work on windows for implementing something you might otherwise do via FUSE. Can't speak for windows as ive not used it for a decade or more.