@arstechnica It also needs to be off by default with a group policy option to remove the functionality altogether, especially for any machine dealing with proprietary or personal information. Which, I guess, is probably most of them.
Alternately, I guess I'd be happy with keeping unencrypted data like that (it's encrypted only when the machine is off) if they made the system 100% infiltration-proof. Since that isn't possible, of course, I'm never going to be happy with that feature.