2.5 Admins 2.5 Admins 284: BooTooth
18 snips
Jan 29, 2026 They dig into Windows encryption key backup risks and how keys can end up in Microsoft accounts. They discuss Bluetooth Fast Pair flaws that let accessories be hijacked and tracked. They tell a cautionary tale about losing years of research to a cloud-setting mistake and urge solid backup habits. They also map out a practical mail server stack and delivery best practices.
AI Snips
Chapters
Transcript
Episode notes
Cloud Backup Creates Government Access Risk
- Microsoft-backed BitLocker recovery keys stored in users' Microsoft accounts create a real avenue for government access.
- Allan Jude and Jim Salter note this is a tradeoff of convenience versus designing zero-knowledge systems that prevent lawful or unlawful disclosure.
Avoid Uploading BitLocker Keys To Microsoft
- Do use Windows 11 Pro and decline automatic cloud backup if you want to avoid uploading BitLocker recovery keys to Microsoft.
- Also export and store scratch codes or manually managed keys offline to ensure recoverability without cloud custody.
Published Key Releases Understate Real Control
- Companies that keep keys can comply with legal compelled disclosure, and published counts may underreport secret requests.
- Jim Salter warns you must decide how much you trust a vendor's custody and transparency practices.
