this post was submitted on 17 May 2026
834 points (99.3% liked)

Technology

84733 readers
3368 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
834
A security researcher says Microsoft secretly built a backdoor into BitLocker, releases an exploit to prove it (www.techspot.com)
submitted 1 day ago by Itwasntme223@discuss.online to c/technology@lemmy.world
113 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] freeman@sh.itjust.works 1 points 4 hours ago

What are the indications that the BitLocker vulnerability is already being utilized?

Microsoft shipping a vulnerable version of the recovery environment. It is the 'exploit'.

Alleged by a guy who was fired from Microsoft. I’d take that with a pinch of salt.

Such is the nature of closed source software. You select people who will remain complicit till they have a grievance against you. Even if they don't and talked for moral reasons do you think they would not been fired for it?

That being said, open source repos are being attacked constantly with attempts at intentional malicious code injection - I’m sure you’ve heard of XZ Utils? How many others went through and are being exploited without anyone noticing?

Who knows. How many more went through at closed source software a limited amount of people can test in the same way?