this post was submitted on 27 May 2026
843 points (99.2% liked)

Technology

84980 readers
3547 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 3 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
843
Microsoft's GitHub bans security researcher who posted zero-day Windows exploits because company 'ruined their life' — expert claims action is vindictive and promises further retaliation (www.tomshardware.com)
submitted 1 day ago by throws_lemy@reddthat.com to c/technology@lemmy.world
128 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] SuiXi3D@fedia.io 52 points 1 day ago (2 children)

I wonder if the dude happened to find an internally documented backdoor intended for use by government actors? Or most likely they just don’t wanna deal with it and the perceived fastest way to deal with it is to try and bury it. Both could be true, but I’m just speculating.

[–] starshipwinepineapple@programming.dev 32 points 1 day ago* (last edited 1 day ago) (2 children)

Their april 15th blog post explicitly calls it a backdoor and mentions it was very well hidden. I'm interested to see what comes of this

[–] drmoose@lemmy.world 2 points 10 hours ago

Did you see the last post?

[–] SnotFlickerman@lemmy.blahaj.zone 2 points 1 day ago (1 children)

Whatever the last part of the link is it is getting caught in the content filter and being replaced with "removed".

Can anyone actually share the actual end of the link without triggering the content filter?

[–] starshipwinepineapple@programming.dev 3 points 1 day ago (1 children)

Might be your instance. Try blog and spot and .com without spaces. The blog is also linked within OPs article

[–] SnotFlickerman@lemmy.blahaj.zone 3 points 1 day ago* (last edited 1 day ago)

Interesting, I wonder why the choice to remove blog spot dot com specifically, this is actually the first time I have ever seen a "removed" from this instance, which is why I assumed at first it must be remote (also I had just woken up). Now that I'm more awake I realize, you're right, it must be my instance. Maybe I'll ask my admin sometime if there's a reason why they block that phrase.

[–] Chais@sh.itjust.works 10 points 1 day ago (1 children)

I was wondering that myself.
I mean, a mechanism that allows you to get the malware scanner to place whatever software you want on a machine, give it system access and then execute it, feels like a prime suspect for "lawful source interception" bullshit.

[–] Bazoogle@lemmy.world 3 points 1 day ago (1 children)

I do feel like it's entirely possible it was a bug. I would imagine if they wanted to do a backdoor, they would require some form of key. There would need to be a form of revocation. If an employee, either for the government or Microsoft, went rogue then they could abuse that, or at the very least whistleblow and it would be easily verifiable for other entities.

[–] Chais@sh.itjust.works 10 points 1 day ago

I do feel like it's entirely possible it was a bug. I would imagine if they wanted to do a backdoor, they would require some form of key.

That would negate plausible deniability.