Beyond the crypto architecture debate, I don't really understand how could anyone imagine a world where MS could just refuse such a request. How exactly would we draft laws to this effect, "the authorities can subpoena for any piece of evidence, except when complying to such a request might break the contractual obligations of a third party towards the suspect"?
Do we really, really, fully understand the implications of allowing for private contracts that can trump criminal law?
They could just ask before uploading your encryption key to the cloud.
Instead they force people to use a Microsoft Account to set up their windows and store the key without explicit consent
That's a crypto architecture design choice, MS opted for the user-friendly key escrow option instead of the more secure strong local key - that requires a competent user setting a strong password and saving recovery codes, understanding the disastrous implication of a key loss etc.
Given the abilities of the median MS client, the better choice is not obvious at all, while "protecting from a nation-state adversary" was definitely not one of the goals.
While you're right, they also went out of their way to prevent competent users from using local accounts and/or not upload their BitLocker keys.
I could understand if the default is an online account + automatic key upload, but only if you add an opt-out option to it. It might not even be visible by default, like, idk, hide it somewhere so that you can be sure that the median MS user won't see it and won't think about it. But just fully refusing to allow your users to decide against uploading the encryption key to your servers is evil, straight up.
I don't think that many people here are naive enough to believe that any business would fight the government for the sake of its customers. I think most of us are simply appalled by the blatantly malicious behavior. I'm not buying all the "but what if the user is an illiterate, senile 90-year-old with ADHD, huh?" attempts to rationalize this. it's the equivalent of the guy who installed your door keeping a copy of your keys by unspoken default - "what if your toddler locks himself out, huh?"
> Do we really, really, fully understand the implication of allowing private contracts that trump criminal law?
...it's not that at all. We don't want private contracts to enshrine the same imbalances of power; we want those imbalances rendered irrelevant.
We hope against hope that people who have strength, money, reputation, legal teams, etc., will be as steadfast in asserting basic rights as people who have none of those things.
We don't regard the FBI as a legitimate institution of the rule of law, but a criminal enterprise and decades-long experiment in concentration of power. The constitution does not suppose an FBI, but it does suppose that 'no warrant shall issue but upon probable cause... particularly describing the place to be searched, and the persons or things to be seized' (emphasis mine). Obviously a search of the complete digital footprint and history of a person is not 'particular' in any plain meaning of that word.
...and we just don't regard the state as having an important function in the internet age. So all of its whining and tantrums and pepper spray and prison cells are just childish clinging to a power structure that is no longer desirable.
If tech companies implemented real, e2e encryption for all user data, there would be a huge outcry, as the most notable effect would be lots of people losing access to their data irrevocably.
I'm all for criticizing tech companies but it's pointless to demand the impossible.
Just say "we are storing your keys on our servers so you won't lose them" and follow that with either "do you trust us" or even "we will share this key with law enforcement if compelled". Would be fine. Let people make these decisions.
Besides, bit ocker keys are really quite hard to lose.
> Every bad day for microsoft is yet another glorious day for linux.
Nah. If that were the case, Linux would dominate personal computer statistics. The reality is that most mainstream users just don't care. But, of course, that won't stop us.
Last time I onboarded a Mac (a few months ago), it would very explicitly ask if you want to enable support for remote FileVault unlocking.
That said, they could also roll out a small patch to a specific device to extract the keys. When you really want to be safe (and since you can be a called a 'left extremist' for moving your car out of the way, that now includes a lot of people), probably use Linux with LUKS.
If you have advanced data protection enabled, Apple claims:
“No one else can access your end-to-end encrypted data — not even Apple — and this data remains secure even in the case of a data breach in the cloud.”
>>Do you think Tim Cook gave that gold bar to Trump for nothing?
Not in US - THANKS for this hint: I googled it! Wow!!! The both do bribery (offering&accepting) in front of the recording camera in a government building!!
Yes, I know this sounds conspiratorial, but I think the whole Liquid Ass thing was a rush to put some other software in Apple products to appease the Trump admin.
For example, it is new in Tahoe that they store your filevault encryption key in your icloud keychain without telling you.
My conspiration theory about Liquid Ass is their hardware for past 5 years was so good that they needed to make people finally upgrade it. My Air M1 16GB worked absolutely fine until it slowed down immensely on macOS 26.
iCloud login is still optional on macOS. Can't download stuff from the App Store and I think some continuity things require iCloud, but otherwise pretty solid.
For a long time, if you used full disk encryption, the encryption key never left your machine. If you forgot your password, the data was gone - tough luck, should have made a backup. That's still how it works on Linux.
Pretty surprising they'd back up the disk encryption secrets to the cloud at all, IMHO, let alone that they'd back it up in plaintext.
That's why full disk encryption was always a no-go for approximately all computer users, and recommending it to someone not highly versed in technology was borderline malicious.
"Tough luck, should have made a backup" is higher responsibility than securing anything in meatspace, including your passport or government ID. In the real world, there is always a recovery path. Security aficionados pushing non-recoverable traps on people are plain disconnected from reality.
Microsoft has the right approach here with Bitlocker defaults. It's not merely about UX - it's about not setting up traps and footguns that could easily cause harm to people.
Well, for a consumer notebook or mobile device, the threat model typically envisions a thief grabbing it from a coffeehouse or hotel room. So your key needs to be safeguarded from the opportunist who possesses your hardware illegally.
Linux can be fairly well-secured against state-level threat actors, but honestly, if your adversary is your own nation-state, then no amount of security is going to protect you!
For Microsoft and the other consumer-OS vendors, it is typically a bad user-experience for any user, particularly a paying subscriber, to lose access to their account and their cloud apps. There are many ways to try and cajole the naïve user into storing their recovery key somewhere safe, but the best way is to just do it for them.
A recovery key stored in the user's own cloud account is going to be secure from the typical threats that consumers will face. I, for one, am thankful that there is peace of mind both from the on-device encryption, as well as the straightforward disaster recovery methods.
The problem is mass-surveillance and dragnets. Obviously if the state wants to go after you no laws will protect you. As we've seen they can even illegally collect evidence and then do a parallel construction to "launder" the evidence.
But One-drive is essentially a mass-surveillance tool. It's a way to load the contents of every single person's computer into Palentir or similar tools and, say, for instance, "give me a list of everyone who harbors anti-ICE sentiments."
By the way my windows computer nags me incessantly about "setting up backups" with no obvious way to turn off the nags, only a "remind me later" button. I assume at some point the option to not have backups will go away.
I agree that "cloud storage" paradigms are a sea change from the status quo of the old days. My father has a file cabinet at home and keys on his keychain, wherein he stores all his important paperwork. There is no way anyone's getting in there except by entering his home and physically intruding on those drawers. Dad would at least notice the search and seizure, right?
What is just as crazy as cloud storage, is how you "go paperless" with all your service providers. Such as health care, utility bills, banks, etc. They don't print a paper statement and send it to your snail mail box anymore. They produce a PDF and store it in their cloud storage and then you need to go get it when you want/need it.
The typical consumer may never go get their paperwork from the provider's cloud. It is as if they said "Hey this document's in our warehouse! You need to drive across town, prove your identity, and look at it while you're here! ...You may not be permitted to take it with you, either!"
So I've been rather diligent and proactive about going to get my "paperless documents" from the various providers, and storing them in my own cloud storage, because, well, at least it's somewhere I can access it. I care a lot more about paying my medical bills, and accounting for my annual taxes, than someone noticing that I harbor anti-jew sentiment. I mean, I think they already figured that part out.
That's a reductionist view. Apple, at least, based a big portion of their image on privacy and encryption. If a company does that and is then proven otherwise, it does a tremendous damage to the brand and stock value and is something shareholders would absolutely sue the board and CEO for. Things like these happened many times in the past.
A Proton model makes this very simple: full cooperation and handover and virtually nothing to be extracted from the data. Size is somewhat of a metadata, ip connection points and maybe date of first use and when data changes occurred...
I'm all for law enforcement, but that job has to be old-school Proof of Work bound and not using blanket data collection and automated speeding ticket mailer.
But I guess it's not done more because the free data can't be analyzed and sold.
The major OS vendors (apple, google, ms) are complicit in data turnover and have been for over ten years now. It has been reported multiple times so I'm struggling to see the angle being projected here. This feels like click harvesting got the HN "Microsoft bad" crowd.
The segment of the population that is the target of political vindictiveness from the FBI seems to have changed somewhat with this administration so it makes sense to remind people of the vulnerabilities from time to time.
This was a decade ago, before the big tech went to brown nose Trump on live TV. We live in different reality nowadays. Apple doesn't even market their encryption and safety anymore, like they did on massive billboards all over the world.
Sure, but these are all mere statements. You don't know if they fully back that until there's a public standoff with law enforcement/administration and there weren't any in recent years. Yet at the same time it's hard to believe there were no attempts from that government to decrypt some devices they needed. So the fact we hear nothing about it is also an information to me. Sure, this is all speculation, but all things considered...
Besides, they fully comply with Chinese requirements, so...
Everybody should have access to your hard drive, not just the FBI, so please do not encrypt your hard-drive.
If you encrypt your drive and upload the key to Microsoft, you are engaging in anti-competitive behavior since you give them access to your data, but not also to the local thief.
Just don't encrypt your drive if you cant be bothered to secure your key. Encryption-neutrality.
The problem is not that they will give the key (government can force them - this is expected), but that they even have the key in the first place.. I bet this is done without proper consent, or with choice like "yes" vs "maybe later"..
Apple will do this too. Your laptop encryption key is stored in your keychain (without telliing you!). All is needed is a warrant for your iCloud account and they also have access to your laptop.
It's most software. Cryptography is user-unfriendly. The mechanisms used to make it user friendly sacrifice security.
There's a saying that goes "not your keys not your crypto" but this really extends to everything. If you don't control the keys something else does behind the scenes. A six digit PIN you use to unlock your phone or messaging app doesn't have enough entropy to be secure, even to derive a key-encryption-key.
If you pass a KDF with a hardness of ~5 seconds a four digit PIN to derive a key, then you can brute force the whole 10,000 possible PINs in ~13 hours. After ~6.5 hours you would have a 50% chance of guessing correctly. Six digit PIN would take significantly longer, but most software uses a hardness nowhere near 5 seconds.
You can (and should) watch all of https://www.youtube.com/watch?v=BLGFriOKz6U&t=1993s for the details about how iCloud is protected by HSMs and rate limits to understand why you’re wrong, but especially the time-linked section… instead of spreading FUD about something you know nothing about.
Beyond the crypto architecture debate, I don't really understand how could anyone imagine a world where MS could just refuse such a request. How exactly would we draft laws to this effect, "the authorities can subpoena for any piece of evidence, except when complying to such a request might break the contractual obligations of a third party towards the suspect"?
Do we really, really, fully understand the implications of allowing for private contracts that can trump criminal law?
They could just ask before uploading your encryption key to the cloud. Instead they force people to use a Microsoft Account to set up their windows and store the key without explicit consent
That's a crypto architecture design choice, MS opted for the user-friendly key escrow option instead of the more secure strong local key - that requires a competent user setting a strong password and saving recovery codes, understanding the disastrous implication of a key loss etc.
Given the abilities of the median MS client, the better choice is not obvious at all, while "protecting from a nation-state adversary" was definitely not one of the goals.
While you're right, they also went out of their way to prevent competent users from using local accounts and/or not upload their BitLocker keys.
I could understand if the default is an online account + automatic key upload, but only if you add an opt-out option to it. It might not even be visible by default, like, idk, hide it somewhere so that you can be sure that the median MS user won't see it and won't think about it. But just fully refusing to allow your users to decide against uploading the encryption key to your servers is evil, straight up.
Forcing implies there are zero ways to begin with a local only account (or other non-Microsoft Account). That's simply not true.
I don't think that many people here are naive enough to believe that any business would fight the government for the sake of its customers. I think most of us are simply appalled by the blatantly malicious behavior. I'm not buying all the "but what if the user is an illiterate, senile 90-year-old with ADHD, huh?" attempts to rationalize this. it's the equivalent of the guy who installed your door keeping a copy of your keys by unspoken default - "what if your toddler locks himself out, huh?"
> Do we really, really, fully understand the implication of allowing private contracts that trump criminal law?
...it's not that at all. We don't want private contracts to enshrine the same imbalances of power; we want those imbalances rendered irrelevant.
We hope against hope that people who have strength, money, reputation, legal teams, etc., will be as steadfast in asserting basic rights as people who have none of those things.
We don't regard the FBI as a legitimate institution of the rule of law, but a criminal enterprise and decades-long experiment in concentration of power. The constitution does not suppose an FBI, but it does suppose that 'no warrant shall issue but upon probable cause... particularly describing the place to be searched, and the persons or things to be seized' (emphasis mine). Obviously a search of the complete digital footprint and history of a person is not 'particular' in any plain meaning of that word.
...and we just don't regard the state as having an important function in the internet age. So all of its whining and tantrums and pepper spray and prison cells are just childish clinging to a power structure that is no longer desirable.
Due to Third Party Doctrine, Microsoft doesn't even NEED a "legal order."
It's merely a courtesy which they could change at any time.
If tech companies implemented real, e2e encryption for all user data, there would be a huge outcry, as the most notable effect would be lots of people losing access to their data irrevocably.
I'm all for criticizing tech companies but it's pointless to demand the impossible.
Just say "we are storing your keys on our servers so you won't lose them" and follow that with either "do you trust us" or even "we will share this key with law enforcement if compelled". Would be fine. Let people make these decisions.
Besides, bit ocker keys are really quite hard to lose.
Related discussion from yesterday: https://news.ycombinator.com/item?id=46735545
Veracrypt https://veracrypt.io/en/Home.html
https://linuxmint.com/
https://ubuntu.com/download/desktop
https://archlinux.org/
https://www.kali.org/get-kali/#kali-platforms
https://fedoraproject.org/
Every bad day for microsoft is yet another glorious day for linux.
One could almost say "Embrace the penguin"
> Every bad day for microsoft is yet another glorious day for linux.
Nah. If that were the case, Linux would dominate personal computer statistics. The reality is that most mainstream users just don't care. But, of course, that won't stop us.
You forgot to list Slackware :)
http://www.slackware.com/
http://slackware.osuosl.org/slackware64-current/ChangeLog.tx...
Pretty sure the same applies to all the passwords/passkeys/2FA codes stored in the Authenticator app with cloud backup on.
Only if that authenticator/password manager app is not end-to-end encrypted.
No, not "only". E2EE is now used as a dog whistle.
Who holds/controls the keys on both ends?
Headline says “…if asked”
Article and facts are “…if served with a valid legal order compelling it”
∴ Headline is clickbait.
You are arguing semantics, whereas the point is that A) they have your keys, and B) they will give them away if they will have to
Stallman was correct
He headline misleading - they will give it if there’s a court order, not just if asked.
Still crap but the headline is intentionally inaccurate for clickbaiting
Microsoft confirms it will obey the law.
"US firm confirms it will comply with US law if asked."
Any reason to believe Apple won't do the same with whatever we backup in iCloud?
Last time I onboarded a Mac (a few months ago), it would very explicitly ask if you want to enable support for remote FileVault unlocking.
That said, they could also roll out a small patch to a specific device to extract the keys. When you really want to be safe (and since you can be a called a 'left extremist' for moving your car out of the way, that now includes a lot of people), probably use Linux with LUKS.
If you have advanced data protection enabled, Apple claims: “No one else can access your end-to-end encrypted data — not even Apple — and this data remains secure even in the case of a data breach in the cloud.”
https://support.apple.com/en-us/102651
Please read this section of Apple's own document before you talk about their "advanced data protection".
The following information may be available from iCloud if a user has enabled Advanced Data Protection for iCloud:
https://www.apple.com/legal/privacy/law-enforcement-guidelin...
Do you think Tim Cook gave that gold bar to Trump for nothing?
>>Do you think Tim Cook gave that gold bar to Trump for nothing?
Not in US - THANKS for this hint: I googled it! Wow!!! The both do bribery (offering&accepting) in front of the recording camera in a government building!!
Relly "impressive" :-X
Yeah, the problem is whether they already bent over for Trump admin or not yet.
Yes, I know this sounds conspiratorial, but I think the whole Liquid Ass thing was a rush to put some other software in Apple products to appease the Trump admin.
For example, it is new in Tahoe that they store your filevault encryption key in your icloud keychain without telling you.
https://sixcolors.com/post/2025/09/filevault-on-macos-tahoe-...
Which is a very good thing.
iCloud is much more secure than most people realize because most people don’t take the 30 minutes to learn how it is architected.
You can (and should) watch https://www.youtube.com/watch?v=BLGFriOKz6U&t=1993s for all the details about how iCloud is protected, but especially the time-linked section. :)
I dont need to know anything about icloud to know this repy doesnt answer the "they didnt tell anyone" part which naturally makes me suspicious.
My conspiration theory about Liquid Ass is their hardware for past 5 years was so good that they needed to make people finally upgrade it. My Air M1 16GB worked absolutely fine until it slowed down immensely on macOS 26.
iCloud login is still optional on macOS. Can't download stuff from the App Store and I think some continuity things require iCloud, but otherwise pretty solid.
At least they’re honest.
not your keys? not your crypto
Lol it's been 20 years now that the whole world should stop to be all surprised pikachu about that.
For a long time, if you used full disk encryption, the encryption key never left your machine. If you forgot your password, the data was gone - tough luck, should have made a backup. That's still how it works on Linux.
Pretty surprising they'd back up the disk encryption secrets to the cloud at all, IMHO, let alone that they'd back it up in plaintext.
That's why full disk encryption was always a no-go for approximately all computer users, and recommending it to someone not highly versed in technology was borderline malicious.
"Tough luck, should have made a backup" is higher responsibility than securing anything in meatspace, including your passport or government ID. In the real world, there is always a recovery path. Security aficionados pushing non-recoverable traps on people are plain disconnected from reality.
Microsoft has the right approach here with Bitlocker defaults. It's not merely about UX - it's about not setting up traps and footguns that could easily cause harm to people.
Well, for a consumer notebook or mobile device, the threat model typically envisions a thief grabbing it from a coffeehouse or hotel room. So your key needs to be safeguarded from the opportunist who possesses your hardware illegally.
Linux can be fairly well-secured against state-level threat actors, but honestly, if your adversary is your own nation-state, then no amount of security is going to protect you!
For Microsoft and the other consumer-OS vendors, it is typically a bad user-experience for any user, particularly a paying subscriber, to lose access to their account and their cloud apps. There are many ways to try and cajole the naïve user into storing their recovery key somewhere safe, but the best way is to just do it for them.
A recovery key stored in the user's own cloud account is going to be secure from the typical threats that consumers will face. I, for one, am thankful that there is peace of mind both from the on-device encryption, as well as the straightforward disaster recovery methods.
The problem is mass-surveillance and dragnets. Obviously if the state wants to go after you no laws will protect you. As we've seen they can even illegally collect evidence and then do a parallel construction to "launder" the evidence.
But One-drive is essentially a mass-surveillance tool. It's a way to load the contents of every single person's computer into Palentir or similar tools and, say, for instance, "give me a list of everyone who harbors anti-ICE sentiments."
By the way my windows computer nags me incessantly about "setting up backups" with no obvious way to turn off the nags, only a "remind me later" button. I assume at some point the option to not have backups will go away.
I agree that "cloud storage" paradigms are a sea change from the status quo of the old days. My father has a file cabinet at home and keys on his keychain, wherein he stores all his important paperwork. There is no way anyone's getting in there except by entering his home and physically intruding on those drawers. Dad would at least notice the search and seizure, right?
What is just as crazy as cloud storage, is how you "go paperless" with all your service providers. Such as health care, utility bills, banks, etc. They don't print a paper statement and send it to your snail mail box anymore. They produce a PDF and store it in their cloud storage and then you need to go get it when you want/need it.
The typical consumer may never go get their paperwork from the provider's cloud. It is as if they said "Hey this document's in our warehouse! You need to drive across town, prove your identity, and look at it while you're here! ...You may not be permitted to take it with you, either!"
So I've been rather diligent and proactive about going to get my "paperless documents" from the various providers, and storing them in my own cloud storage, because, well, at least it's somewhere I can access it. I care a lot more about paying my medical bills, and accounting for my annual taxes, than someone noticing that I harbor anti-jew sentiment. I mean, I think they already figured that part out.
> Well, for a consumer notebook or mobile device, the threat model typically envisions a thief grabbing it from a coffeehouse or hotel room.
...in which case having a cloud backup of the full disk encryption key is pointless, because you don't have access to the disk any more.
Exactly. Being again and again surprised that corporations will defend you for literally no reason is kinda delusional.
That's a reductionist view. Apple, at least, based a big portion of their image on privacy and encryption. If a company does that and is then proven otherwise, it does a tremendous damage to the brand and stock value and is something shareholders would absolutely sue the board and CEO for. Things like these happened many times in the past.
This isn't that simple.
A Proton model makes this very simple: full cooperation and handover and virtually nothing to be extracted from the data. Size is somewhat of a metadata, ip connection points and maybe date of first use and when data changes occurred... I'm all for law enforcement, but that job has to be old-school Proof of Work bound and not using blanket data collection and automated speeding ticket mailer.
But I guess it's not done more because the free data can't be analyzed and sold.
The major OS vendors (apple, google, ms) are complicit in data turnover and have been for over ten years now. It has been reported multiple times so I'm struggling to see the angle being projected here. This feels like click harvesting got the HN "Microsoft bad" crowd.
The segment of the population that is the target of political vindictiveness from the FBI seems to have changed somewhat with this administration so it makes sense to remind people of the vulnerabilities from time to time.
The San Bernardino iPhone case proves that Apple is very much so not complicit.
The Apple that offers gold statues to authoritarian regimes would certainly behave differently.
People also forget how they kind of always played ball in similar governments.
This was a decade ago, before the big tech went to brown nose Trump on live TV. We live in different reality nowadays. Apple doesn't even market their encryption and safety anymore, like they did on massive billboards all over the world.
They've only done more since 2016.
Lockdown mode: https://support.apple.com/en-us/105120
Advanced Data Protection for iCloud: https://support.apple.com/en-us/108756
Sure, but these are all mere statements. You don't know if they fully back that until there's a public standoff with law enforcement/administration and there weren't any in recent years. Yet at the same time it's hard to believe there were no attempts from that government to decrypt some devices they needed. So the fact we hear nothing about it is also an information to me. Sure, this is all speculation, but all things considered...
Besides, they fully comply with Chinese requirements, so...
PS. Others report Filevault keys are also being backed to iCloud since September and they didn't tell anyone: https://sixcolors.com/post/2025/09/filevault-on-macos-tahoe-...
Everybody should have access to your hard drive, not just the FBI, so please do not encrypt your hard-drive.
If you encrypt your drive and upload the key to Microsoft, you are engaging in anti-competitive behavior since you give them access to your data, but not also to the local thief.
Just don't encrypt your drive if you cant be bothered to secure your key. Encryption-neutrality.
Duplicate story. Previous discussion here. https://news.ycombinator.com/item?id=46735545
Edit: Nevermind.
No it isn't. This is an evolution of that story.
The problem is not that they will give the key (government can force them - this is expected), but that they even have the key in the first place.. I bet this is done without proper consent, or with choice like "yes" vs "maybe later"..
Yes and this is a good thing. No organization, no matter how large or powerful, should be beyond the reach of the law.
That's a false dichotomy. You can hold an organization accountable to the law without requiring them to maintain a "master key" to your private data.
It isn't required.
Ideally they wouldnt even have this key / the private data in the first place
The user can opt out of this if they want.
Apple will do this too. Your laptop encryption key is stored in your keychain (without telliing you!). All is needed is a warrant for your iCloud account and they also have access to your laptop.
sixcolors.com/post/2025/09/filevault-on-macos-tahoe-no-longer-uses-icloud-to-store-its-recovery-key/
Thanks, that's good to know. I suspect WhatsApp's "we're fully E2E encrypted" would be similar too.
It's most software. Cryptography is user-unfriendly. The mechanisms used to make it user friendly sacrifice security.
There's a saying that goes "not your keys not your crypto" but this really extends to everything. If you don't control the keys something else does behind the scenes. A six digit PIN you use to unlock your phone or messaging app doesn't have enough entropy to be secure, even to derive a key-encryption-key.
If you pass a KDF with a hardness of ~5 seconds a four digit PIN to derive a key, then you can brute force the whole 10,000 possible PINs in ~13 hours. After ~6.5 hours you would have a 50% chance of guessing correctly. Six digit PIN would take significantly longer, but most software uses a hardness nowhere near 5 seconds.
Wrong.
You can (and should) watch all of https://www.youtube.com/watch?v=BLGFriOKz6U&t=1993s for the details about how iCloud is protected by HSMs and rate limits to understand why you’re wrong, but especially the time-linked section… instead of spreading FUD about something you know nothing about.
Very different phrasing between the headline and the subtitle:
> Microsoft confirms it will give the FBI your Windows PC data encryption key if asked
> Microsoft says it will hand those over to the FBI if requested via legal order
Microsoft complying with legal orders is not news. But why hire actual journalists when you can just lie in your headlines and still get clicks?
Honestly I have no problem with this but I do remember a lot of gaslighting about how America is free and Europe a totalitarian state.