| ▲ | ungreased0675 2 hours ago |
| Remarkable. Does MS take a huge reputational hit for having a backdoor, or are they so essential to most places this won’t matter? |
|
| ▲ | avazhi 3 minutes ago | parent | next [-] |
| I think anybody who has been paying attention has assumed for at least 20 years that their shit is backdoored anyway. I mean, the original Snowden revelations made that abundantly clear. Businesses use Microsoft because they figure if it’s backdoored that won’t affect them (because they aren’t terrorists or child pornographers or whatever, and they’d comply with a subpoena regardless of if Bitlocker is backdoored or not) and individuals who care about security and privacy put their shit on a Veracrypt drive somewhere else. |
|
| ▲ | peroids 2 hours ago | parent | prev | next [-] |
| I’m assuming the EU speeds up the uncoupling cause of some of this. |
|
| ▲ | charcircuit an hour ago | parent | prev | next [-] |
| It's not an actual backdoor. An attacker found a way to exploit Windows after booting it up in this recovery mode. The security of files on the device depends on it being impossible for Windows to be pwned by an attacker on any surface exposed before the user is unlocked. This is why operating systems like GrapheneOS disable the USB port on the initial boot to limit the attack surface that an attacker has. |
| |
| ▲ | tsimionescu 10 minutes ago | parent [-] | | Having a specific file name trigger the decryption to happen automatically, while also removing said files after this is achieved, is an extremely unlikely bug. I think for most people evaluating this, the onus is now on anyone thinking this is not a backdoor to prove how a mistake in the code can trigger this very specific scenario. This is like finding out that an OS accepts an SSH private key circulating online that the sysadmin for those OS boxes never authorized, and saying "wait, we don't know that this is a backdoor into that system, the attackers just found a bug". | | |
| ▲ | charcircuit a few seconds ago | parent [-] | | >Having a specific file name trigger the decryption That is not what happens. There is nothing wrong with decrypting the drive. If you just powered on the computer normally, it will "trigger the decryption." There just isn't way to read a file from the lock screen. This exploit is getting you to a state where the drive is unlocked but the user has access to a command prompt. A command prompt, unlike a basic login screen gives the user the ability to actually see the contents of arbitrary files. >specific file name It's a specific file name because Windows stores transaction logs under that name. >also removing said files after this is achieved It doesn't seem farfetched for a transaction log to be deleted after it is successfully replayed. |
|
|
|
| ▲ | ranger_danger 2 hours ago | parent | prev [-] |
| As far as I can tell, there's no concrete evidence that it is actually an intentional "backdoor." |
| |
| ▲ | 3eb7988a1663 16 minutes ago | parent | next [-] | | What would you require to feel confident it is a backdoor? Nadella gives a press release, "Alright guys, you got us fair and square. Backdoor on Bootlocker. Various versions of it for years on behalf of the spooks." You are unlikely to ever get a confirmation of wrong doing. That being said, for a first line security posture, there is no way external media should have anything to do with the encryption process. Even if the OS chose to read a USB drive, to also delete the magical files is ridiculously suspect. It could always be plain old incompetence, but that is a damning level of technical ineptitude assigned to such critical infrastructure. This is not a project you assign to the intern, but paranoid security experts. Multiple levels of code review and red-teaming. | |
| ▲ | skeptic_ai an hour ago | parent | prev [-] | | lol it’s an obvious backdoor. No way a security system would ever allow this blatant workaround to bypass all encryption. Backdoor is the only answer | | |
|
