Seems unlikely.

That’s what I’m saying. Not impossible though to hide key weakening info somewhere.

? They always were. Just less dumb morons.

That clarification of yours is massively important. Your initial comment sounds as if there is a PoC from Canada on how to circumvent the PIN for the Bitlocker keys.

Maybe that’s why you got downvoted?

I agree the “security researcher” sounds bitter, but also they found a proven critical backdoor, so it’d be negligent to just ignore their comment about circumventing the PIN. And the only way they could put microSLOP at fault for that would be if they could find that microSLOP was backing up encryption keys in the recovery environment / boot files somewhere.

I hope all people who have a problem with trans LGBTQ people die peacefully in their sleep. Tonight.

Thank you - it appears I stopped reading just one comment short of that, assuming that the “TPM+PIN is insecure” was a new comment, and not expecting it deeper down in the past.

Chaotic Eclipse posted the following with the disclosure of Yellowkey:

Second thing is, No, TPM+PIN does not help, the issue is still exploitable regardless, I asked myself this question, can it still work in a TPM+PIN environment ? Yes it does, I’m just not publishing the PoC, I think what’s out there is already bad enough.

Additional info:

The YellowKey is caused by the binary “autofstx.exe” which propagates all present volumes for transaction files, a researcher (unsure if they want to be named) told me that this binary is also present in windows update WinRE images and I think they will definitely have the same vulnerability as well. However, I’m unsure if it’s possible to trigger the controlled file deletion when windows is updating. If it’s true, then it means disabling WinRE is not a solution for the problem, which also means it’s a good thing that I kept the PIN+TPM PoC a secret.

Would you happen to have a source link for those claims? I’d like to forward them to a few organisations I work with, warning them that devices currently lost/stolen/left unsupervised despite having TPM+PIN configured will have to be considered compromised even if a future patch comes out.

Taste is almost identical, so I would assume “like KitKat” - however I have never spent a second thinking about chocolate quality in chocolate-biscuit-bars.

https://www.ulker.com.tr/en/brands/dido#product-popup-content-170

Get your fix there.

Fuck Nestle. Eat Dido from your local Turkish market if you are lucky enough to have one.

is this it? is the bubble finally about to burst? Don’t give me false hopes!

*millions

not the mosquito’s fault, is it?

Damn, finally a good demo of what I suggested around 2010 for monitoring multiple displays in 3D - instead of moving 2D windows around all the time and forgetting which part of the screen you put them…

Had to scroll too far for this :)

paid, not been paid - that’s a difference, and also not voluntarily. Arguably, those who don’t pay taxes (i.e. took many times 10000) are causing the deaths of millions by their lobbying to become richer.

Kinda funny that they’re targeting Microsoft and yet using GitHub to share the PoCs.

This is the part I don’t get either. Although - maybe it is because it protects other platforms from legal action by microSLOP? Also, it adds to the Streisand effect should microSLOP remove the proof of concept from its own platform.

I just got home to use a proper calculator instead of estimating in my head, and with 700 quintillion (as per the screenshot / meme), and gold density less “roundabouted”, at 19000 kilos / cubic metre, this would be the same as a solid gold sphere of 8.9 kilometres in diameter (3rd root of 700 is 8.88 - and wow, my rough estimate of 1km for 1 quintillion was spot on! :)

And yes, that would absolutely be a planet killer asteroid. I don’t see how anything but primitive life forms on Earth could survive that: https://www.space.com/asteroid-apocalypse-how-big-can-humanity-survive

Not if that size is accurate. gold price at 10^5 EUR/kg, a quintillion being 10^18, makes 10^13 kilos, at ~20000 kilos per cubic metre 5*10^8 cubic metres, or a block of 1000x1000x500 meters (~ sphere of 1km diameter), and that’s only for a single quintillion, and assuming it’s all gold, no rock. Nothing of that size burns up on atmospheric entry

Muhaha. Those morons were never software engineers in the first place. A software engineer would neither benefit from LLM any more than from a deterministic assistant (tenplates), nor would they be stupid enough to label a stochastic slop generator as “AI”.

(Yes, this is a “no true scotsman” kind of argument, yet I stand by it. People who call this bullshit AI, as well as people who claim it is better than coding stuff yourself, should not be let anywhere near any kind of software more relevant than a mobile game, and probably not even those)

Yeah, I was hesitant to encrypt backups for a long time, and now I have the problem that you can’t store backups of encryption headers on the encrypted device(s)