this post was submitted on 17 May 2026

676 points (99.3% liked)

Technology

84733 readers

4037 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

676

A security researcher says Microsoft secretly built a backdoor into BitLocker, releases an exploit to prove it (www.techspot.com)

submitted 17 hours ago by Itwasntme223@discuss.online to c/technology@lemmy.world

76 comments fedilink hide all child comments

top 50 comments

sorted by: hot top controversial new old

[–] Aceticon@lemmy.dbzer0.com 3 points 19 minutes ago* (last edited 18 minutes ago)

If you're running Windows, always assume that if the US Authorities or Microsoft itself want to spy on you as an individual or on do a little industrial espionage on your company (which US agencies also do), they'll just use a backdoor already present or at worse push an update to your machines(s) to create said backdoor.

Treat any and all software made by US companies as a foreign agent.

All the shit that the US Government and companies say about China, is pure Projection - the result of a mental process of "what would we do if we were the ones making those devices". (And, yeah, China probably does that shit too)

If it ain't Open Source, you got it as a binary or can self-update that software is somebody else's agent and you're trusting their ethics and goodwill when you have it running in your system outside a sandbox.

[–] an0nym0us_dr0ne@europe.pub 4 points 40 minutes ago

No Shit Sherlock. Not as if it would be required by US law to have a backdoor or anything…

No no, PatriotACT, CloudACT and stuff like PRISM just do not exist…

[–] SabinStargem@lemmy.today 32 points 5 hours ago (1 children)

Yet another reason to switch to Linux.

[+] Alaknar@sopuli.xyz -15 points 1 hour ago (3 children)

Copy Fail, Dirty Frag and Fragnesia exist. What are you going to switch to now?

[–] freeman@sh.itjust.works 12 points 1 hour ago

They will be patched. There is also no indication that they 'be been known and exploited till recently.

This was allegedly deliberately non patched to be exploited.

Getting a system without bugs and security issues is impossible, you can at least avoid intentional compromise.

[–] 87Six@lemmy.zip 3 points 1 hour ago

I always wonder whether to block people like you.

Sometimes I see your comments and get angry at how stupid you are.

Other times I see your comments and become really aware of how intelligent I am compared to... whatever the hell you are.

[–] michaelmrose@lemmy.world 2 points 1 hour ago (1 children)

Those are potential vulnerabilities that can be patched. This is an indication that MS intends for bitlocker which you really need to be secure to bother using windows on a laptop to never be secure by design.

[–] Alaknar@sopuli.xyz 1 points 2 minutes ago

Those are potential vulnerabilities that can be patched

"Potential"? They are actively being exploited. And they don't require physical access to the device.

[–] Cantaloupe@lemmy.fedioasis.cc 15 points 5 hours ago

Yeah, Copy Fail, Dirty Frag and Fragnesia are bad but holy fuck.

[–] Deebster@infosec.pub 51 points 9 hours ago (3 children)

This Chaotic Eclipse/Nightmare Eclipse is the same one whose opening post read:

I never wanted to reopen a blog and a new github account to drop code...

But someone violated our agreement and left me homeless with nothing. They knew this will happen and they still stabbed me in the back anyways, this is their decision not mine.

I'm guessing there's plenty more to come.

Kinda funny that they're targeting Microsoft and yet using GitHub to share the PoCs.

[–] raspberriesareyummy@lemmy.world 2 points 1 hour ago

Kinda funny that they’re targeting Microsoft and yet using GitHub to share the PoCs.

This is the part I don't get either. Although - maybe it is because it protects other platforms from legal action by microSLOP? Also, it adds to the Streisand effect should microSLOP remove the proof of concept from its own platform.

[–] KyuubiNoKitsune@lemmy.blahaj.zone 2 points 2 hours ago

Seems. Like bløgspot is a banned word..

[–] muusemuuse@sh.itjust.works 9 points 7 hours ago (1 children)

Isn’t this the blue hammer guy?

[–] Deebster@infosec.pub 3 points 2 hours ago

Yup: https://deadeclipse666.blogspot.com/2026/04/public-disclosure.html

[–] melfie@lemmy.zip 59 points 10 hours ago (1 children)

I guess anyone who uses ShitLocker is shit out of LUKS.

load more comments (1 replies)

[–] sturmblast@lemmy.world 25 points 8 hours ago (1 children)

Bitlocker is TEMU encryption

[–] muusemuuse@sh.itjust.works 19 points 7 hours ago (1 children)

It really isn’t. The encryption itself still hasn’t been defeated. The implementation is the problem. Microsoft just can’t get out of their own way. If they ignored all the business majors, nobody would be able to stop them.

load more comments (1 replies)

[–] thethunderwolf@lemmy.dbzer0.com 5 points 6 hours ago

more evidence that michaelslop binbows is trash

linux is better

luks wouldnt do this to u

[+] Greyghoster@aussie.zone -17 points 2 hours ago (3 children)

Copy Fail in Linux sounds similar.

[–] agelord@lemmy.world 8 points 1 hour ago (1 children)

One is a backdoor, another is a bug. How are they similar?

[–] Greyghoster@aussie.zone -1 points 22 minutes ago

Both allow access to secure systems both were introduced years ago. I don’t know the Linux developer so I have no access to as to what was influencing so it can be just a bug, however it the type of bug that a lot of people would like to introduce into the kernel. Given that, they look very similar to me.

[–] michaelmrose@lemmy.world 3 points 1 hour ago (1 children)

Why are you lying? One is a privilege exploit that has been patched. It lets someone who can already run software on your machine do more. This is a backdoor that could allow hostile governments or thieves to steal your files from any machine in their possession. Things what would always have been secure on any Linux machine from the last 20 years.

[–] Greyghoster@aussie.zone 0 points 42 minutes ago

Lying? Copy Fail is big news and was introduced into the kernel years ago. Sounds very similar in the way it was introduced and the ease of exploitation if you have access to a machine.

[–] homik@slrpnk.net 11 points 2 hours ago (1 children)

It does not.

[–] Greyghoster@aussie.zone 2 points 19 minutes ago

It’s very similar in that it was introduced years ago, requires access to a machine, allows privileged access and is easy to exploit. There are a lot of people that would love it.

[–] lechekaflan@lemmy.world 18 points 8 hours ago

Install Linux, Problem Solved.

More than ever.

[–] hperrin@lemmy.ca 45 points 12 hours ago (1 children)

Of course they did. They have no interest in protecting your privacy and every interest in making you think they do. I would’ve been way more surprised to learn there wasn’t a backdoor.

[–] smeenz@lemmy.nz 10 points 6 hours ago (1 children)

I'm left puzzed as to how this works ...like.. the data on the disk should be encrypted sector by sector...it takes forever to encrypt or decrypt a disk which is consistent with that understanding.

When you boot into PE, I don't understand how that OS can read anything off the disk, yellowkey or not, without knowing the encryption key..so how does it get that key. Is the vulnerability here that the key is stored in the TPM and win PE can be convinced to retrieve it without the proper credentials being provided ?

If that's the case, and the TPM can just provide the key on request...then... where is the security here ?

[–] hperrin@lemmy.ca 6 points 5 hours ago

My guess is that the key to decrypt the disk is stored on the disk, encrypted by a Microsoft-known key. This seems to unlock that copy of the key rather than the copy encrypted by your own key.

Though he did say to put the disk back in the original system in part of the instructions, so it might be TPM based. The way to check would be to try this on a system with a disk from another system, or with a wiped TPM.

TPM is not security, it’s security theatre. If you don’t need to type a password in or insert a device with a key on it during boot, then it’s not secure, period.

[–] DeathsEmbrace@lemmy.world 81 points 15 hours ago (1 children)

The entire Microsoft, Apple and Google ecosystem is USA backdoors. That's why I call it American spyware.

[–] 1984@lemmy.today 6 points 2 hours ago (1 children)

And they tell us to worry about China. :)

[–] msage@programming.dev 3 points 1 hour ago

It's called misdirection, every magician and thief knows about it :D

[–] Miller@lemmy.world 159 points 17 hours ago (5 children)

You mean that thing everyone knew about since the authorities derailed open-source TrueCrypt and forced them to message their users that they should migrate to BitLocker?

[–] helpImTrappedOnline@lemmy.world 1 points 54 minutes ago

Well, there's a big difference between "knowing" something and knowing something (i.e proof your intuition is right).

load more comments (4 replies)

[–] Dalraz@lemmy.ca 89 points 16 hours ago (4 children)

Seems like every week there is another reason why I'm thankful I switched to Linux a few years ago.

load more comments (4 replies)

load more comments