[luke-stanley]

I'm not sure that copying a key after unlocking the system counts as a backdoor? If the OS promises to lock access to the key and fails to do so then I can see the logic that people might then call that a backdoor. But it's different from there being a key bypass, or a pre-shared key (or such), which it seems like the article suggests? For the record, I don't use Windows (so glad).

[bri3d]

Right, this is a Windows auth bypass that works with Bitlocker enabled; using TPM-only Bitlocker you are vulnerable to _any_ postboot authentication bypass or memory content extraction technique, this is just a particularly stupid / weird auth bypass technique that has been spun really hard by the author and press.

For what it's worth, any OS using only hardware identity to unseal disk encryption is vulnerable to the same class of attack; there are all sorts of ways to misconfigure or exploit Linux FDE setups to enter a recovery shell as well. It's still a huge step above "no disk protection" (especially since it protects against every scenario where the disk is separated from the hardware), but the postboot surface area is enormous and nobody should be considering this class of protection as much more than a speed bump for a serious attacker.