Cornballer

joined 4 days ago
sorted by: new top controversial old
Microsoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoor in c/technology@lemmy.world
[–] Cornballer@lemmy.zip 11 points 1 hour ago* (last edited 1 hour ago)

Somebody on twitter “reverse engineered” the exploit. Apparently ms shipped debug code in production. At least it’s not called Backdoor_FBI outright.

How it works:

  1. Recovery tools look for a config file called RecoverySimulation.ini on the OS drive
  2. If Active=Yes, it enables "test mode" for the recovery tools
  3. Test mode unlocks your BitLocker drive but a flag called FailRelock tells it to skip relocking
  4. cmd.exe spawns with full access to your "encrypted" drive
Smart glasses are 'an invasion of privacy' - Meta's are selling better than ever in c/technology@lemmy.world
[–] Cornballer@lemmy.zip 5 points 5 hours ago* (last edited 5 hours ago) (2 children)

Apparently they are amazing aides for the visually impaired.

full thread