A security researcher says Microsoft secretly built a backdoor into BitLocker, releases an exploit to prove it

Submitted ⁨⁨4⁩ ⁨weeks⁩ ago⁩ by ⁨scrubbles@poptalk.scrubbles.tech⁩ to ⁨technology@beehaw.org⁩

https://www.techspot.com/news/112410-security-researcher-microsoft-secretly-built-backdoor-bitlocker-releases.html

cross-posted from: poptalk.scrubbles.tech/post/4133762

A researcher known as “Nightmare-Eclipse” recently released YellowKey, a security vulnerability that allegedly enables a full bypass of BitLocker’s full-volume encryption. The researcher described YellowKey as one of the most “insane” flaws they have ever encountered and has also accused Microsoft of potentially embedding a legitimate backdoor in BitLocker’s data protection system.

To no-one’s surprise

source

Comments

Sort:hotnew top

i_am_not_a_robot@discuss.tchncs.de ⁨4⁩ ⁨weeks⁩ ago
A second backdoor. Windows also uploads your BitLocker keys to Microsoft’s servers by default, just in case somebody needs to get in later.

source
themurphy@lemmy.ml ⁨4⁩ ⁨weeks⁩ ago
The legally have to because of the US Cloud Act.

Every single US company has a backdoor because of this.

source
- scrubbles@poptalk.scrubbles.tech ⁨4⁩ ⁨weeks⁩ ago
  And this just proved why it’s impossible to have a backdoor
  
  source
SaharaMaleikuhm@feddit.org ⁨4⁩ ⁨weeks⁩ ago
Wait a second, are you saying Microslop isn’t my friend?

source
Dymonika@beehaw.org ⁨3⁩ ⁨weeks⁩ ago
Move to Linux! I would be happy to personally help anyone here who is interested yet unsure.

source