this post was submitted on 13 May 2026
930 points (99.6% liked)

Technology

84646 readers
4308 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
930
Microsoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoor (www.tomshardware.com)
submitted 1 day ago by throws_lemy@lemmy.nz to c/technology@lemmy.world
155 comments fedilink hide all child comments
 

YellowKey reportedly works in Windows 11, Windows Server 2022 and 2025, but not in Windows 10.

you are viewing a single comment's thread
view the rest of the comments
[–] SleeplessCityLights@programming.dev 34 points 23 hours ago (2 children)

BitLocker is basically malware, so who fucking cares. Far more people have it accidentally on and get locked out than people that have purposefully activated it.

[–] Squizzy@lemmy.world 5 points 20 hours ago

You have just reminded me I could use this on the laptop my mother set up like five years ago and immediately forgot the password for.

[–] TheEighthDoctor@lemmy.zip 3 points 22 hours ago (2 children)

Companies care

[–] freely1333@reddthat.com 3 points 16 hours ago

Companies care that you have access to it. The “companies that care” literally wrote the backdoor.

[–] SleeplessCityLights@programming.dev 7 points 20 hours ago (1 children)

When I worked at an MSP, BitLocker cost companies thousands of dollars when it did something strange. User error has very catastrophic consequences with BitLocker and nobody that actually cares about security uses BitLocker. From my professional experience it is malware. The places where I have seen it used on purpose was because of policy bullshit and everyone agreed that it was a hindrance rather than an advantage.

[–] TheEighthDoctor@lemmy.zip 5 points 16 hours ago* (last edited 16 hours ago) (1 children)

And from my experience in banking, healthcare and others; every company uses bitlocker on workstations, I saw EncFS once in dozens of companies audited.

[–] SleeplessCityLights@programming.dev 1 points 13 hours ago

Using encryption on files systems is fine, but the Microslop Bitlocker implementation is awful. In any ecosystem that is not fully regulated BitLocker is a liability. I have had colleagues that could beat it.