Those are ‘vulnerabilities’ being exploited, and software will always have those, and when found, in Linux, they are patched, rather quickly in some cases. Microsoft develops Windows with the intention of making it vulnerable, so it is effectively commercial malware.
They will be patched. There is also no indication that they 'be been known and exploited till recently.
Two of the three are being used in the wild, with Copy Fail being retroactively found at least 9 days before the disclosure.
What are the indications that the BitLocker vulnerability is already being utilised?
This was allegedly deliberately non patched to be exploited.
Alleged by a guy who was fired from Microsoft. I’d take that with a pinch of salt.
Getting a system without bugs and security issues is impossible, you can at least avoid intentional compromise.
I agree! But other than one angry dude, not much else is pointing towards this being intentional - so far! Let’s see how things go.
That being said, open source repos are being attacked constantly with attempts at intentional malicious code injection - I’m sure you’ve heard of XZ Utils? How many others went through and are being exploited without anyone noticing?
What are the indications that the BitLocker vulnerability is already being utilized?
Microsoft shipping a vulnerable version of the recovery environment. It is the ‘exploit’.
Alleged by a guy who was fired from Microsoft. I’d take that with a pinch of salt.
Such is the nature of closed source software. You select people who will remain complicit till they have a grievance against you. Even if they don’t and talked for moral reasons do you think they would not been fired for it?
That being said, open source repos are being attacked constantly with attempts at intentional malicious code injection - I’m sure you’ve heard of XZ Utils? How many others went through and are being exploited without anyone noticing?
Who knows. How many more went through at closed source software a limited amount of people can test in the same way?
Dude, enjoy your Windows then. This is not Twitter (or X or whatever) where you can go do your master’s bidding of creating noise to try and control the normies. Here most of us know how to do research and have the ability to differentiate bots (human or otherwise) from actual thinking individuals with a modicum of common sense and more than 2 functioning brain cells.
Look at your down-votes and take a hint. That bullshit has no effect here.
This is not Twitter (or X or whatever) where you can go do your master’s bidding of creating noise to try and control the normies
Of course you can! Just like on every other social media! What are you even talking about? :D
Here most of us know how to do research and have the ability to differentiate bots (human or otherwise) from actual thinking individuals with a modicum of common sense and more than 2 functioning brain cells.
You’d think that, but if you actually know a bit about tech, this community is hilariously ignorant most of the time - on all the matters you mentioned. :D
Look at your down-votes and take a hint. That bullshit has no effect here.
The hint is that this community is extremely aggressive towards language that goes against the hive-mind. The bullshit has no effect because people can’t differentiate what’s bullshit and what isn’t, so they just automatically assume any statement that isn’t violently anti-MS is bullshit spewed by bots at their master’s bidding.
Those are potential vulnerabilities that can be patched. This is an indication that MS intends for bitlocker which you really need to be secure to bother using windows on a laptop to never be secure by design.
They dont require physical access, but they require access to a non-root account on the machine. How often do you create accounts on your local machine for malicious actors to use?
When you do a new OS install, do you create a separate user account for guests and then share the login details with random people?
I’ll gladly take over. The statement is stupid because it is already well known across the board that Microsoft is, by all intents and purposes, a malware developer. The Linux kernel on the other hand, and therefore Linux distros (most of them anyway), by being open source, at least give you the ability to look at the code and see if something IA broken, assuming you have the knowledge and the will, evidently.
Now, blocking you when you’re evidently on Lemmy to spread misinformation, be it of your own will or because you were planted (irrelevant) would be a disservice to people that come in here to interact in ways that may help them escape the grasp big tech and governments currently have on them.
This is not Twitter (or X) where most people just follow the “normy” trends. In here most of us are all too aware of moat of the truth out there, and keep digging ro help each other have the best life we can in these technologically dark times.
So, if you don’t want your easily disproven bullshit comments countered and being downvoted to the point that people will just scroll past your shit, you’re going ro have ro block us. Otherwise, keep them coming, any of us will knock down your sheep-like pushes with sound logic and facts each and every time. Of course, if your comments are accurate, they will be upvoted as well. Cause and effect, you know?
The statement is stupid because it is already well known across the board that Microsoft is, by all intents and purposes, a malware developer
Hahahahahaha, and you call my comments “stupid”? XD
OK, I’m not even reading the rest, mate. I get it! I really do - “Microsoft bad!”, that’s all there is to it for you. There’s no discussion to be had here, unless someone is also a member of the cult, and then everyone can chant “Microsoft bad! Microsoft bad!”.
How many more people need to tell you exactly why your comments are ‘stupid’? I also think your comments are stupid, but more than that, I think you’re planted here to throw dirt on open source software in an attempt to lead people to big tech (which is a waste of time on your part).
Like my fellow Lemmy smart users here, your comments also piss me off, just a bit, but there’s going ro be some people here that are looking for reasons and ways to get away from MS, Google, Apple and all other bullshit malware and spyware corporations, and I want to be able to counter bullshit like yours by clarifying how wrong those are and why, so blocking you is not the beat course of action for me. You are, however, welcome to block me, and I will stop following your ill-intended comments to counter them then.
Copy Fail, Dirty Frag and Fragnesia exist. What are you going to switch to now?
Those are ‘vulnerabilities’ being exploited, and software will always have those, and when found, in Linux, they are patched, rather quickly in some cases. Microsoft develops Windows with the intention of making it vulnerable, so it is effectively commercial malware.
Those are 2 entirely different things.
The intention is currently suggested by a disgruntled ex-employee. I’d say that warrants caution before making such broad statements.
No microsoft bad. /s
They will be patched. There is also no indication that they 'be been known and exploited till recently.
This was allegedly deliberately non patched to be exploited.
Getting a system without bugs and security issues is impossible, you can at least avoid intentional compromise.
Two of the three are being used in the wild, with Copy Fail being retroactively found at least 9 days before the disclosure.
What are the indications that the BitLocker vulnerability is already being utilised?
Alleged by a guy who was fired from Microsoft. I’d take that with a pinch of salt.
I agree! But other than one angry dude, not much else is pointing towards this being intentional - so far! Let’s see how things go.
That being said, open source repos are being attacked constantly with attempts at intentional malicious code injection - I’m sure you’ve heard of XZ Utils? How many others went through and are being exploited without anyone noticing?
Microsoft shipping a vulnerable version of the recovery environment. It is the ‘exploit’.
Such is the nature of closed source software. You select people who will remain complicit till they have a grievance against you. Even if they don’t and talked for moral reasons do you think they would not been fired for it?
Who knows. How many more went through at closed source software a limited amount of people can test in the same way?
Dude, enjoy your Windows then. This is not Twitter (or X or whatever) where you can go do your master’s bidding of creating noise to try and control the normies. Here most of us know how to do research and have the ability to differentiate bots (human or otherwise) from actual thinking individuals with a modicum of common sense and more than 2 functioning brain cells.
Look at your down-votes and take a hint. That bullshit has no effect here.
Well, I’m a Linux user so I can’t.
Of course you can! Just like on every other social media! What are you even talking about? :D
You’d think that, but if you actually know a bit about tech, this community is hilariously ignorant most of the time - on all the matters you mentioned. :D
The hint is that this community is extremely aggressive towards language that goes against the hive-mind. The bullshit has no effect because people can’t differentiate what’s bullshit and what isn’t, so they just automatically assume any statement that isn’t violently anti-MS is bullshit spewed by bots at their master’s bidding.
Take your comment as example…
Those are potential vulnerabilities that can be patched. This is an indication that MS intends for bitlocker which you really need to be secure to bother using windows on a laptop to never be secure by design.
“Potential”? They are actively being exploited. And they don’t require physical access to the device.
They dont require physical access, but they require access to a non-root account on the machine. How often do you create accounts on your local machine for malicious actors to use?
When you do a new OS install, do you create a separate user account for guests and then share the login details with random people?
Right, because it’s impossible to get a person’s credentials in this day and age.
I always wonder whether to block people like you.
Sometimes I see your comments and get angry at how stupid you are.
Other times I see your comments and become really aware of how intelligent I am compared to… whatever the hell you are.
I mean, if you have nothing of value to say, why even make a comment? Just block me and move on, mate.
Or, I don’t know, engage and tell say why you think this comment was stupid?
I’ll gladly take over. The statement is stupid because it is already well known across the board that Microsoft is, by all intents and purposes, a malware developer. The Linux kernel on the other hand, and therefore Linux distros (most of them anyway), by being open source, at least give you the ability to look at the code and see if something IA broken, assuming you have the knowledge and the will, evidently.
Now, blocking you when you’re evidently on Lemmy to spread misinformation, be it of your own will or because you were planted (irrelevant) would be a disservice to people that come in here to interact in ways that may help them escape the grasp big tech and governments currently have on them.
This is not Twitter (or X) where most people just follow the “normy” trends. In here most of us are all too aware of moat of the truth out there, and keep digging ro help each other have the best life we can in these technologically dark times.
So, if you don’t want your easily disproven bullshit comments countered and being downvoted to the point that people will just scroll past your shit, you’re going ro have ro block us. Otherwise, keep them coming, any of us will knock down your sheep-like pushes with sound logic and facts each and every time. Of course, if your comments are accurate, they will be upvoted as well. Cause and effect, you know?
Pathetic response
Hahahahahaha, and you call my comments “stupid”? XD
OK, I’m not even reading the rest, mate. I get it! I really do - “Microsoft bad!”, that’s all there is to it for you. There’s no discussion to be had here, unless someone is also a member of the cult, and then everyone can chant “Microsoft bad! Microsoft bad!”.
Weak sauce, mate. Cheers!
How many more people need to tell you exactly why your comments are ‘stupid’? I also think your comments are stupid, but more than that, I think you’re planted here to throw dirt on open source software in an attempt to lead people to big tech (which is a waste of time on your part).
Like my fellow Lemmy smart users here, your comments also piss me off, just a bit, but there’s going ro be some people here that are looking for reasons and ways to get away from MS, Google, Apple and all other bullshit malware and spyware corporations, and I want to be able to counter bullshit like yours by clarifying how wrong those are and why, so blocking you is not the beat course of action for me. You are, however, welcome to block me, and I will stop following your ill-intended comments to counter them then.
You have no idea how hilarious this sounds aimed at a Linux user. :D
But I learned to expect nothing else from this community! :D
XD
deleted by creator
And yet you replied again…