The recent shocking "Zhang Wen random assault case" has sparked heated discussions not only about the case itself, but also about the details of the investigation into his laptop. Initial reports indicated that Zhang Wen's ASUS laptop was protected by Microsoft's BitLocker encryption, but the police later successfully "crashed" it with official assistance, raising concerns about cybersecurity.
But then, to everyone's surprise, ASUS issued a statement clarifying that the laptop actually "did not have encryption enabled," making the question of whether BitLocker can securely protect privacy data a hot topic of discussion.
Microsoft: BitLocker keys can be handed over to law enforcement agencies if required by regulations.
Not long after the incident, Microsoft coincidentally admitted yesterday (24th) that it would hand over the BitLocker recovery key for Windows 11 to law enforcement agencies when it complies with legal orders.
This claim stems from an incident in early 2025 when the FBI, during a case in Guam, used a court search warrant to directly request the encryption key from Microsoft and successfully unlocked a suspect's laptop. The incident suggests that by logging into a new computer with a Microsoft account, the encryption key may have already been backed up to the cloud, making it easier for governments to obtain data than ever before.
The FBI's Guam case begins.
In 2025, the FBI investigated a case involving fraudulent claims of unemployment benefits during the pandemic. Instead of struggling to crack the password, agents submitted a search warrant to Microsoft. The company complied, handing over the BitLocker key, unlocking the hard drive on the spot, and obtaining the evidence. Microsoft later confirmed that it receives approximately 20 similar requests annually.
Although the number is small, it means that legitimate backdoors do exist.
How does the key backup mechanism work?
According to Windows Central, if users log into their Microsoft account during the new machine setup process, BitLocker will be automatically enabled, and the 48-digit recovery key will be synced to the Microsoft cloud. Microsoft spokesperson Charles Chamberlayne stated:
This is a security feature to prevent users from losing data because they forget their passwords.
The problem is that the key is stored in a form readable by Microsoft employees and the courts, rather than being end-to-end encrypted. Windows Central commented that this practice is a "nightmare" for privacy because any legitimate request could allow a third party to directly obtain the key.
What can users do?
Crypto users generally have high demands for privacy and security. If you don't want to keep your cryptocurrency keys in the cloud, you can take the following actions:
Check backup: Log in to
account.microsoft.com/devices, check and delete the BitLocker key that has been backed up to the cloud.Use a local account instead: Log in with a local account in Windows 11 to avoid automatic synchronization of your security key.
Group policy settings: Prevent the key from being uploaded to Microsoft servers through the group policy in Windows Professional.
Of course, the cost of doing so is that if you forget your password and do not keep your key safe, your data will be permanently lost. Please assess the risks yourself.
A different choice from Microsoft
In contrast, Apple refused to assist the FBI in unlocking the phone during the 2016 San Bernardino shooting. Furthermore, while Meta stores encryption keys in the cloud, it uses a zero-knowledge architecture and encrypts the keys on the server side, so only users can access these keys.
