Lee Duna@lemmy.nz to Technology@lemmy.worldEnglish · 21 hours agoMicrosoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoorwww.tomshardware.comexternal-linkmessage-square103fedilinkarrow-up1731arrow-down11file-text
arrow-up1730arrow-down1external-linkMicrosoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoorwww.tomshardware.comLee Duna@lemmy.nz to Technology@lemmy.worldEnglish · 21 hours agomessage-square103fedilinkfile-text
minus-squareCornballer@lemmy.ziplinkfedilinkEnglisharrow-up11·edit-22 hours agoSomebody on twitter “reverse engineered” the exploit. Apparently ms shipped debug code in production. At least it’s not called Backdoor_FBI outright. How it works: Recovery tools look for a config file called RecoverySimulation.ini on the OS drive If Active=Yes, it enables “test mode” for the recovery tools Test mode unlocks your BitLocker drive but a flag called FailRelock tells it to skip relocking cmd.exe spawns with full access to your “encrypted” drive
Somebody on twitter “reverse engineered” the exploit. Apparently ms shipped debug code in production. At least it’s not called Backdoor_FBI outright.