upvote

points

by ranger_danger26 days ago |
comments
upvoteby navigate831026 days ago|
next
[-]
There's no way this is not a backdoor
reply
upvoteby thewebguyd17 days ago|
parent|
[-]
Given that the other two vulns were silently patched, no CVE, basically screams this is a backdoor.

If this is a fed mandated backdoor, I guarantee Microsoft/Windows isn't the only one either, they are just the only/first ones to get caught. I'd be suspicious about every single commercial, closed source operating system or encryption product in the US right now.

reply
upvoteby Terr_26 days ago|
prev|
next
[-]
Along with other facets of this, what are the odds a "bug" would also automatically erase evidence of itself from the bootable USB stick when it activates?
reply
upvoteby ranger_danger26 days ago|
parent|
[-]
If it's replaying a filesystem transaction like others have said, I can see where it makes sense to erase the files afterwards. You don't want the same transaction replayed twice.
reply
upvoteby forestry26 days ago|
prev|
next
[-]
The blog author calls it that but given there’s no root cause yet it’s foolish to jump to conclusions.
reply
upvoteby JeremyNT26 days ago|
prev|
next
[-]
The basic design of the most common mode of operation for bitlocker, where the TPM hands over the deception keys to the drive when Windows boots without requiring a PIN or anything, indicates how unserious they are.
reply
upvoteby Our_Benefactors26 days ago|
prev|
[-]
[flagged]
reply
upvoteby HDBaseT26 days ago|
parent|
next
[-]
It seems undeniably a backdoor, why on earth would a very specific folder/file name and a specific boot combination just "magically" open up an encrypted drive.

It also doesn't help this comes from a person who likely was close to the development at Microsoft (one way or another) as their recent disclosures are quite alarming.

Of course, this could technically be the stars aligning type bug, but it seems like a purposefully planted backdoor to me.

reply
upvoteby Dylan1680726 days ago|
parent|
[-]
Just booting opens up the encrypted drive. Windows gets the key out of the TPM.

Which leaves an enormous attack surface. If you can break Windows before logging in, you can effectively bypass bitlocker.

"Windows loads some file in System Volume Information automatically" is not evidence of a backdoor. And you have to put specific exploit files in there to turn this into an attack. You don't just make the folder.

It's still possible this is a backdoor, I guess, but there's nothing as blatant as you're implying.

reply
upvoteby forestry26 days ago|
parent|
prev|
[-]
*in your opinion.
reply
upvoteby Our_Benefactors26 days ago|
parent|
next
[-]
This is a bad faith comment. Both positions are an opinion.
reply
upvoteby 26 days ago|
parent|
prev|
[-]
deleted
reply