[somenameforme]

Read the write up on YellowKey. [1] It sounds like, in at least some instances, he's publishing official Microsoft backdoors probably used by US intelligence agencies et al. It turns out that Bitlocker is insecure and backdoored. Something noooobody expected after TrueCrypt just mysteriously and suddenly shut their doors one day, removed all downloads, and recommended everybody move to Microsoft's BitLocker. lol.

[1] - https://www.tomshardware.com/tech-industry/cyber-security/mi...

[Dylan16807]

If you were using bitlocker to replace truecrypt, you'd have a boot password and this would not affect you at all.

I'm still far from thinking this is a backdoor. It tricks the boot environment into deleting a file and then it doesn't ask for a password. The exploit is nowhere near bitlocker, the problem is that bitlocker without a boot password requires the whole OS to preserve security from boot through the login screen.

And where's the claimed version that works when a PIN is set?

[embedding-shape]

> And where's the claimed version that works when a PIN is set?

Maybe it was on GitHub/GitLab before the author was banned by both Microsoft and GitLab, not really sure we'd know. The authors last post on their blog is from yesterday (28th of May, https://deadeclipse666.blogspot.com/) so seems they aren't fully gone. But yeah, been a lot of "promises" but besides the initial 0days, not so much released AFAIK.

[ChocolateGod]

It's not a backdoor, Microsoft doesn't need a backdoor to bypass BitLocker because they can sign payloads that'll pass the TPM.

[kristjank]

Why would it not be? Microslop doesn't need to make such a backdoor, but it's still a lot more convenient to make one generic backdoor than many signed ones.

[ChocolateGod]

They'd only need to make one payload that keeps the TPM happy, unlocks the disk and provides the files for export some way.

Far safer than a backdoor and no evidence.

But the slop in your comment here indicates you're arguing in bad faith.