I am so worried about this : "Windows 11 24H2 will enable BitLocker encryption for everyone"

“Windows 11 24H2 will enable BitLocker encryption for everyone, happens on both clean installs and reinstalls. Thousands of Windows Users Will Lose Their Data.”

https://www.reddit.com/r/technology/comments/1cmzl13/windows_11_24h2_will_enable_bitlocker_encryption/

How will this effect MSFS for us please? How can we avoid this? Anyone knows these things great can help and guide us so we don’t lose data and msfs files please? I am really worried about this 24H2 bitlocker thingy.

It can be amazing if Community Managers, Mods can helps us about what to do with win11 24H2 with guides etc. I never ever used bitlocker, i don’t know how this will effect MSFS. My friend told me forexample if my mainboard dies or i change it i am doomed with my storages if bitlocker enabled. Told me about TPM2 or something also and no idea what is that. I am just a gamer, simmer, i don’t wanna lose my msfs data and others. Thanks.

edit: i am also told this will effect system/game performance? Since i use my community folder on 2nd nvme drive.

Hello @DrewmorKuZy,

My work laptop has had BitLocker enabled for as long as I’ve had it. This is obviously anecdotal with a sample size of one, but I haven’t noticed any negative effect on my ability to use MSFS on that computer.

If you have a hardware failure with your motherboard, disk drive, etc., you shouldn’t lose any of your MSFS settings or Marketplace purchases or anything like that since those are synced to the cloud. When you re-install MSFS, those items will carry over to your new install as long as you use the same Microsoft account.

Thanks,
MSFS Team

6 Likes

Thanks a lot Seedy <3 , have a wonderful day.

My understanding is that as of now, 24H2 will be an optional update, available to GenPop in September/October. I will not install it.

When I’m forced to update I’ll edit my registry to disable BitLocker.

Normally I wouldn’t care about this, but Tom’s Hardware tested the effect of BitLocker on drive performance, and found up to a 45% reduction. Not good…

5 Likes

This article may be of interest…

6 Likes

Thank you for this!

2 Likes

I read that article, and didn’t fully understand this:

Systems that upgrade to Windows 11 24H2 automatically have the Device Encryption flag turned on, but it only takes effect (for some reason) once Windows 11 24H2 is reinstalled on the machine.

Does that mean that the first time I upgrade to 24H2 it will turn BitLocker on, but NOT lock my files? And if I change the “PreventDeviceEncryption” key to 1, then reinstalling the 24H2 update won’t encrypt my files?

I have images of all my drives, so I’m not too worried about it. I just don’t want to do the upgrade later this year if I can’t disable BitLocker.

Sorry Microsoft, but encrypting all my files without my permission is ransomware.
Yeah, I’ve got the key, but that doesn’t matter. You’re trying to force me into encryption, and I don’t like that - not one bit.

10 Likes

I suspect that enabling this functionality by default is going to cause confusion & worry to many users. There are a couple of Microsoft websites that provide information here & here, but IMO, many users will finish reading them as confused & worried as they were before.

The Zendesk folks might want to proactively think about writing a clear, simple FAQ response to BitLocker-related questions as it relates to MSFS 2020 & 2024 that are bound to come up as the broader release of 24H2 approaches.

Right now, you can see if Bitlocker is on or off on your PC - Just search for “Bitlocker” in the Start Menu or go to Control Panel\All Control Panel Items\BitLocker Drive Encryption.

You can see if the Bitlocker Drive Encription Service (BDESVC) is running by looking at System | Services as an administrator (search for “Services” in the Start Menu). You should be able to disable it from the properties page of the service (change the startup type to “Disabled”)

4 Likes

Thank you all for links, informations. I disabled Service, it was running even though Bitlocker was disabled all on drives. My sister’s husband will help me when they release 24H2 with everything. I hope we will get a zendesk FAQ related to 24H2 also, for msfs and msfs2024 users. I am sure community will also put some guides for all of us for this. Have a great day you all.

edit: Also checked TPM thingy in bios it says Trusted Computing enabled etc, but on windows it shows as disabled when i search. I hope this thing do not effect msfs when 24H2 released. I don’t wanna touch TPM, bitlocker and bios settings.

edit2: it shows as enabled now all of a sudden… really strange. Anyway back to flying until 24H2 arrives and we have more informations about it. Thx to all again.

Neowin also did a run down on how to disable it.

3 Likes

The TPM or Trusted Platform Module is a small security processor which does things like validate signing keys and perform encryption and decryption for, among other things, full-disk encryption. Because it’s dedicated crypto hardware, with modern disks that support on-controller encryption the performance impact should be minimal. I haven’t read the Tom’s Hardware test that @BegottenPoet228 refers to but I have to figure those cases were using older drives, because 45% performance loss seems extreme.

Having a TPM 2.0 feature on your motherboard is a requirement for installing Windows 11, and has been from the start. Pretty much all but the oldest PCs in use will have a TPM; in fact current Intel and AMD CPUs provide an on-die TPM (‘soft TPM’), so separate TPM chips on the motherboard are pretty much gone. You can turn the soft TPM on and off in the BIOS, but you need it on for Windows 11 to boot.

There’s a lot of FUD floating around about all of this right now, and the original linked article reeks of clickbait, but the simple message is that if you sign in to Windows 11 with a Microsoft account - and it’s increasingly hard to not do so - then any Bitlocker / Device Encryption keys are backed up to your cloud account, so you won’t suddenly find yourself unable to decrypt a drive if you have to move it to another machine or a new motherboard. You can also manually back up the key locally (and this is a good idea, though you should store it securely). And if you have the key backed up, most drive recovery utilities or Linux distros have support for mounting a Bitlocker encrypted disk.

From what I can see, this only applies to clean installs (or in-place installs) of the operating system; just updating to 24H2 on a 23H2 machine which doesn’t have drive encryption turned on will not turn it on silently, as far as I can see. The Device Encryption flag is set when Windows has evaluated your hardware as meeting the requirements to use it, which means that you can use it, but encryption will only be applied by default for a fresh install. You can decrypt your freshly encrypted drive and turn Device Encryption off afterwards if you want to.

It’s a storm in a teacup IMHO, and the majority of people should not have any issues. Which is not to say that I approve of the heavy-handed way Microsoft is going about this. ‘People don’t do it of their own accord so we’ll do it for them’ is what I expect from Apple, not Windows, but it’s increasingly the case that your PC is not under your full control any more than your phone is.

8 Likes

You are so right, thanks for detailed explanations. I am not worrying anymore, i checked again TPM2 enabled (no idea it said no TPM available when 1st time i checked on windows, bug maybe, trusted computing was enabled on bios already, 2nd time it said available when i checked again, maybe i need new bios?). Windows 11 pro, 7800x3D Asus tuf gaming b650m plus, 4070 2x16gb 2tbx2 . I don’t think they will force bitlocker on us at update. I am logging in with microsoft account also to windows 11, it is great to hear key backed up there in cloud if something happens also. Time to relax. Thanks again.

edit: Good news is today i learned there will be a great feature on 24H2
“Windows 11 24H2 to include DirectX-level AI Super Resolution”
https://www.reddit.com/r/ROGAlly/comments/1aocqcl/windows_11_24h2_to_include_directxlevel_ai_super/

I’m not going to be too worried about this for now. On Android, encryption is turned on by default and works seamlessly so that no data is at risk of loss. It’s been like this for years, and I wouldn’t be surprised if most people don’t even realize it. I would guess that the same would be true for Windows as well. That it would only encrypt on a re-install or fresh install (where no personal data is yet on the drive) would indicate how little risk there is.

2 Likes

Windows 11 PRO 24H2 BitLocker Drive Encryption Only
Windows 11 Home 24H2 No BitLocker Drive Encryption

2 Likes

Bitlocker has been working relatively ok for something like 20 yrs now, hasn’t it?

I used windows 11 on my work device and I quite like it, but on my Flight Sim device I’m sticking with Windows 10, you may ask why … well the only reason is that on my home device I like the task bar on the side of my ultra wide monitor and not on the bottom. Its that simple why I’ve not upgraded lol :slight_smile:

You can put it on the left it seems. Check this.
https://answers.microsoft.com/en-us/windows/forum/all/moving-the-taskbar-left-side-windows-11/5b75025a-5ffc-49f5-bc09-d700ca37525f

1 Like

What happens when you a have dual boot system and it encrypts all your drives? Last time I tried turning it on (because it’s tried and tested right and the right thing to do?) it resulted in a BSOD on boot and I was forced to restore from a backup because the recovery key didn’t work. Never again and now they want to force this on everyone?

Ah yes, the it’s only a minority that will have issues. Those are still real people with real data. Not simply a percentage number on a poll.

The bigger question is why MS is forcing this on us and storing the keys to our data on their servers? What is their agenda here?

2 Likes

I think the reasons for encrypting are important to keep in mind. It helps prevent unauthorized access to data on a computer. If you can get physical access to a computer, you “pwn” it. Similar with remote access but it depends. Encryption can help prevent many of the data breaches we unfortunately keep hearing about.

Only thing is I don’t have customer information, confidential information, banking, or anything else on my Windows computer. It’s used only for flight simulation and a few other totally non-critical things. It has zero need for encryption. I don’t even buy things on it.

Luckily it looks like we can disable encryption for now. I hope Microsoft understands not everyone needs or wants encryption and continues to let us disable it. Encryption may seem benign but it still robs performance. Especially in disk intensive things, it can really slow down a less powerful system.

In applications where performance is everything like it is with FS, we must retain the ability to turn things like encryption off but it’s also incumbent on users to understand the risks, benefits, and consequences to make the best decisions for themselves. Encryption still provides a degree of protection in a hostile world. Those who use their systems for financial things and for work should make sure they learn the details enough to make their best decisions because there really can be consequences.

4 Likes
1 Like