Ein Sicherheitsforscher sagt, Microsoft habe heimlich eine Hintertür in BitLocker eingebaut und einen Exploit veröffentlicht, um dies zu beweisen
https://www.techspot.com/news/112410-security-researcher-microsoft-secretly-built-backdoor-bitlocker-releases.html
33 Kommentare
Maybe it’s time to use LUKS.
> just can’t come up with an explanation beside the fact that this was intentional
Please can we not promote speculative clickbait here.
PoC works, but the „intentional backdoor“ framing is a stretch. Win10 isn’t affected, only the Win11 WinRE image, so according the article, something specific got added to recovery that breaks encryption when you plug a USB folder in. Could be a sloppy regression, could be worse, but no way to tell from outside Microsoft. Important to note this needs physical access either way.
The researcher explained that they „just can’t come up with an explanation beside the fact that this was intentional. Also for whatever reason, only windows 11 (+Server 2022/2025) are affect, windows 10 is not.“
Surprised? Business as usual.
I think its more likely the slop did it without a human verifying that there should be one
This can only access drives that have been accessrd recently right? Ive got ywo external drives that locked me out months ago that id love yo be able to access again.
Engineer that was forced to vibe-code Win11’s BitLocker using Copilot by Microsoft Execs: yes…. Yes, we meant for that backdoor to be there 🫥
IMHO I bet the government asked Microsoft for it. Like CISCO as recently revealed during the Iran invasion attempt.
And the government wants a backdoor to every single device. For what, for state actors to take over your device, government devices are not immune to this either.
Haven’t they been doing this since like pgp3 basically everything has to be accessible by the government.
Operating systems are too important to be closed source.
There has never been a better time to ditch Microsoft products and services
Sensationalist title, but it could just be a genuine fuckup and incompetence, which is just as bad.
To make sure you don’t have too much freedom from government and a certain blue flagged country.
I always considered Bitlocker more of a deterrent than real security.
It’s obvious they did this on purpose. Windows 11 has been nothing but a complete disaster, which perfectly explains why nobody wants to upgrade from Windows 10.
So…. people will still insist that Chinese companies are bigger threat to user privacy than American big tech?
this is why people just use linux now
yeah that tracks with how they do things
Why is Abus on the illustration?
Breaking news: fork found in kitchen
no wonder my files keep disappearing at night
For those not terribly averse to it, with some Claude credits you can make a really good Ubuntu distro that smoothes out the weird Linux ui hang ups.
And ya know…sail the high seas for code that it can reverse engineer to make it run like Windows….if you wanted to.
NSA requested?
Nooooo you dont say….😲
Can’t have a backdoor exploited if you don’t use bitlocker *taps temple*
This makes sense
The US government was trying to pressure various companies to put backdoors in and we only found out when some companies refused
Snowden leaks told us this in 2013. The whole world should be moving away from American software like France is doing
This might help explain why various European entities are ditching Microsoft and other American technologies.
This should surprise no one.
Everyone should’ve known this when truecrypt went down, „suggested“ using it, and gave no explanation. They gave the best warning they could that they were being told „put in a backdoor or be shut down, if you tell anyone you’ll go to prison.“
I’ve known for years that Intel/NVIDIA hardware has had hidden management engines, telemetry, and potential backdoor-level access built in, and almost nobody cared because either people didn’t notice or felt powerless to do anything about it. So when stories like this BitLocker thing come out, I’m honestly not even surprised anymore.
What really makes me question everything is how governments claim there are laws to protect privacy, while at the same time other laws allow mass surveillance and secret access “for security reasons.” How does that even make sense? You can’t seriously say users are protected while also normalizing built-in spying capabilities and backdoors everywhere.