Microsoft does on Home Edition without even asking, and it doesn’t provide the users with a choice to store the key locally OR put it on the Cloud account, like Windows Pro does. I’m sure Microsoft has a master key to an account as well. But one can hope they do not, and they are also storing those BitLocker keys in an encrypted fashion in whatever database runs the backend.
Also agree with you on TPMs. They are useful when invoked by the user, like for passkey or secrets storage. DRM on content and software is, and always will be, anti-consumer. As for now secure TPMs are, I know Infineon did have that Random Number Generator bug which basically broke the TPMs. So there’s that.
Microsoft does on Home Edition without even asking, and it doesn’t provide the users with a choice to store the key locally OR put it on the Cloud account, like Windows Pro does. I’m sure Microsoft has a master key to an account as well. But one can hope they do not, and they are also storing those BitLocker keys in an encrypted fashion in whatever database runs the backend.
Also agree with you on TPMs. They are useful when invoked by the user, like for passkey or secrets storage. DRM on content and software is, and always will be, anti-consumer. As for now secure TPMs are, I know Infineon did have that Random Number Generator bug which basically broke the TPMs. So there’s that.