cross-posted from: https://poptalk.scrubbles.tech/post/4133762
A researcher known as “Nightmare-Eclipse” recently released YellowKey, a security vulnerability that allegedly enables a full bypass of BitLocker’s full-volume encryption. The researcher described YellowKey as one of the most “insane” flaws they have ever encountered and has also accused Microsoft of potentially embedding a legitimate backdoor in BitLocker’s data protection system.
To no-one’s surprise
A second backdoor. Windows also uploads your BitLocker keys to Microsoft’s servers by default, just in case somebody needs to get in later.