Technology

84733 readers

4037 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

696

A security researcher says Microsoft secretly built a backdoor into BitLocker, releases an exploit to prove it (www.techspot.com)

submitted 18 hours ago by Itwasntme223@discuss.online to c/technology@lemmy.world

81 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[+] Alaknar@sopuli.xyz -18 points 2 hours ago (3 children)

Copy Fail, Dirty Frag and Fragnesia exist. What are you going to switch to now?

[–] freeman@sh.itjust.works 17 points 2 hours ago (1 children)

They will be patched. There is also no indication that they 'be been known and exploited till recently.

This was allegedly deliberately non patched to be exploited.

Getting a system without bugs and security issues is impossible, you can at least avoid intentional compromise.

[–] Alaknar@sopuli.xyz 0 points 44 minutes ago

They will be patched. There is also no indication that they 'be been known and exploited till recently.

Two of the three are being used in the wild, with Copy Fail being retroactively found at least 9 days before the disclosure.

What are the indications that the BitLocker vulnerability is already being utilised?

This was allegedly deliberately non patched to be exploited.

Alleged by a guy who was fired from Microsoft. I'd take that with a pinch of salt.

Getting a system without bugs and security issues is impossible, you can at least avoid intentional compromise.

I agree! But other than one angry dude, not much else is pointing towards this being intentional - so far! Let's see how things go.

That being said, open source repos are being attacked constantly with attempts at intentional malicious code injection - I'm sure you've heard of XZ Utils? How many others went through and are being exploited without anyone noticing?

[–] michaelmrose@lemmy.world 4 points 2 hours ago (1 children)

Those are potential vulnerabilities that can be patched. This is an indication that MS intends for bitlocker which you really need to be secure to bother using windows on a laptop to never be secure by design.

[–] Alaknar@sopuli.xyz 0 points 50 minutes ago

Those are potential vulnerabilities that can be patched

"Potential"? They are actively being exploited. And they don't require physical access to the device.

[–] 87Six@lemmy.zip 3 points 2 hours ago (1 children)

I always wonder whether to block people like you.

Sometimes I see your comments and get angry at how stupid you are.

Other times I see your comments and become really aware of how intelligent I am compared to... whatever the hell you are.

[–] Alaknar@sopuli.xyz 0 points 43 minutes ago (1 children)

I mean, if you have nothing of value to say, why even make a comment? Just block me and move on, mate.

Or, I don't know, engage and tell say why you think this comment was stupid?

[–] 87Six@lemmy.zip -2 points 36 minutes ago (1 children)

engage and tell say why you think this comment was stupid?

Nah, waste of keystrokes

[–] Alaknar@sopuli.xyz 1 points 24 minutes ago

And yet you replied again...