Seems this traces back almost a week, from Nightmare-Eclipse who is the researcher who found this:
Tuesday, 12 May 2026 - "Here are the links, yes, two vulnerabilities this time [YellowKey] [GreenPlasma] [...] Next patch tuesday will have a big surprise for you Microsoft"
Wednesday, 13 May 2026 - "I can't wait when I will be allowed to disclose the full story, I think people will find my crashout very reasonable and it definitely won't be a good look for Microsoft."
First post in March 2026 is "[...] someone violated our agreement and left me homeless with nothing. They knew this will happen and they still stabbed me in the back anyways, this is their decision not mine."
I'm not sure what to make of it, is this someone essentially "leaking" things from the inside? Sure sounds like it, and others are able to reproduce the results.
I read it as the author is / was going through the vulnerability disclosure process with Microsoft and they're annoyed for unclear reasons and decided to publicly disclose, rather than being an insider.
Dude. It’s been like 30+ years. You can drop M$. Yes, they exist to make money. They’re shitty and they make money. Yes. That’s ok. Microslop if you must, but must you?
Yeah man we've been saying negative things about them for like 40 years must we constantly dwell on what they do wrong? It's time we find positive angles
They keep doing negative things that influence the industry and infringe upon the freedoms of hundreds of millions of people. Yes we should keep dwelling on that.
But nothing has changed. It's fair to say it's silly, jeuvenile, but it's also fair to say MS deserve absolutely no normal respect you would pay a turd. Maybe the poster actually is 12 and we all have a right to be 12 for a while. There's always a new generation discovering today what we discovered 30 years ago.
The published exploit doesn’t affect Bitlocker with a PIN, without which Bitlocker isn’t secure anyway. The original author claims they have an exploit that also works with a PIN, but hasn’t provided any proof of that.
>In a normal WinRE session, you have a X:\Windows\System32 directory that has a winpeshl.ini file in it
>However, with the YellowKey exploit, it looks like Transactional NTFS bits on a USB Drive are able to delete the winpeshl.ini file on ANOTHER DRIVE
Interesting. I dont know about this environment - some kind of naive file handle contructing/passing? But then, why require a key press during winre reboot?
I wonder how patachable this is. The thousands of winre thumb drives are certainly out of reach; maybe the bitlocker side update the access permissions? Would it require unenc/reenc?
>The thousands of winre thumb drives are certainly out of reach; maybe the bitlocker side update the access permissions? Would it require unenc/reenc?
The part that isn't mentioned is that the win re is privileged because windows stores a decryption key in the TPM that allows win re to decrypt the disk even without the recovery key. That's why the attack requires win re in the first place, rather than booting into an ubuntu live cd or whatever. This also means you don't have to patch all the winRE thumbdrives out there because their secureboot signatures can simply be revoked, meaning they can't pass TPM validation anymore, therefore they won't be able to decrypt any disks.
This doesn't sound bitlocker specific, sounds more like a login bypass. If you rely on TPM without PIN then it gets decrypted automatically. This should be fine normally as attackers shouldn't be able to get past login screen. But this exploit shows a way allegedly to get a unrestricted shell in the recovery environment.
The researcher claims a way to bypass PIN too but hasn't revealed it.
"Security professionals generally recommend avoiding reliance on any single encryption system and instead evaluating well-reviewed full-disk encryption alternatives such as VeraCrypt".
If they put a backdoor into FDE it would make more sense to advise people to stop using windows at all and using Linux instead. If they put a backdoor in FDE you can be sure there is not just one backdoor in the operating system itself. You shouldn't trust proprietary software at all. You shouldn't even trust open source if it isn't properly audited.
Curious to see this take from you! I followed TrueCrypt for years, but always thought it was very strange that they were anonymous, and then the mysterious shutdown happened, and I have no idea what to make of VeraCrypt. It's been in my "possibly good, but too many weird flags around the whole project" bucket.
Anything in particular that makes you wary? I'm aware of the 2016 and 2020 audits (https://ostif.org/the-veracrypt-audit-results/ is the 2016 one, I believe), but those seemed to suggest things were getting better over time. Curious what other signals to look for.
Is there a brand you do have trust in? I’ve kind of thrown my hands up, considered my attack surface is dude stealing my laptop and not the state department wants my 4chan history, and just use the encryption tools provided by Apple and Microsoft
As opposed to iOS, which does iCloud backups that are not E2E encrypted by default, so that law enforcement can request your chats (except Signal because they opt out), browser history, etc.?
You can enable ADP for E2E encrypted backups, but it's probable not going to help you much, because the people you are communicating with likely didn't.
This is not to defend Microsoft, more to say that all these companies were part of PRISM.
>You can enable ADP for E2E encrypted backups, but it's probable not going to help you much, because the people you are communicating with likely didn't.
That just sounds like a fundamental issue with security in general, not specific to Apple/Microsoft.
My point is that these defaults that look secure to a non-expert, but do not hold up to scrutiny, are probably intentional.
I have found that even many tech people have incorrect beliefs about these things, like assuming that iCloud Backups are E2E encrypted by default or that disabling Allow Apps to Request to Track disables trackers inside apps.
But you are defending MS, conflating a bunch of things, mainly full disk encryption and cloud backups.
There's a big difference between Apples cloud backup which has documented behavior and a backdoor. I'm also fairly confidant in Apple's full disk encryption, they've gone to court to defend it. There also a lot more data points we can use to judge Apple vs Microsoft on privacy and security, and MS comes out looking bad.
I think my message wooshed. I was not comparing disk encryption and iCloud backups. My point is that insecure defaults are Apple and other's alternative to backdoors. They give plausible deniability ("how is someone able to recover their data if they lost their credentials and we used E2E?"), while at the same time satisfying law enforcement, because the vast majority of people is not aware of them.
Another example is WhatsApp on Android, by default when backups are enabled, they are stored unencrypted in Google Drive. A good counter-example is Signal, which opts out of backups on iOS and Android and the only option is to do E2E backups to their own servers.
I'm also fairly confidant in Apple's full disk encryption, they've gone to court to defend it.
FWIW, in the last leaked report, iPhone was not an issue AFU for Cellebrite (macOS is most likely even easier due to looser security):
You are confused. They are not "security" roles, they are compliance roles. That's all most enterprise customers really care about. They satisfied all of the compliance rules, and are following "best practices" (influenced by MS), anything that happens is not their fault.
For enterprise, there seems to be so much money in doing it, that I don't think people are going to start turning it down just because it's troublesome.
I just digged into the exploit a little bit more and what it does it targets BitLocker in TPM only mode. That means that there is no preboot authentication or anything. What happens is secure boot validates the boot chain and the TPM gives out the encryption keys by itself. When you have physical access, it doesn't really make a difference. If there is a stick you can boot from and drop into an emergency shell or if you have to buy a $5 microcontroller and solder it to certain pins on the main board to sniff the TPM keys. What Microsoft is doing here in general they are selling something that is not secure. They are selling it as as full disk encryption but it's not. Someone who can flash a flash drive with an exploit and drop to a shell and use it to browse and copy files. Can also just buy that microcontroller and watch your YouTube with you How to solder. So the "exploit" isn't The problem here the problem is the false sense of security that Microsoft is selling.
>If there is a stick you can boot from and drop into an emergency shell
This won't work because the TPM will only give you the keys if you're booting an "approved" OS, specifically the PCR states that the encryption keys are bound to.
>or if you have to buy a $5 microcontroller and solder it to certain pins on the main board to sniff the TPM keys.
That only works with dTPMs. fTPMs aren't vulnerable to this, and are far more popular than dTPMs.
I was talking about the signed recovery shell the article is talking about. Sadly most business laptops still use dtpms. Also if they use ftpms you can simply use a ram scraper. The attack surface is huge either way.
Ubuntu also released TPM based FDE a few versions ago. I had these thoughts then and decided against using it. Typing my passphrase on boot is muscle memory and gives me simple security I can trust.
Also can recover data without my mainboard.
Maybe a hybrid (secureboot-TPM+phrase) slot for day to day to also prevent against evil maid attacks, and another slot with a backup passphrase would be acceptable.
>Typing my passphrase on boot is muscle memory and gives me simple security I can trust.
It's not an either-or. You can combine TPM with passwords which makes it far more secure than password alone. A TPM can enforce password guessing limits, otherwise a password needs to be absurdly long to be secure against GPU bruteforcing attacks. It also prevents someone from swapping out the bootloader with a backdoored version that steals your passwords.
>Also can recover data without my mainboard.
You're supposed to keep a backup of the encryption key when using TPM, in case it fails.
Sounds good - which software supports this? Specifically I'd prefer if it would do a composite key derivation in-time rather than "just a pw prompt but TPM has the full key"
> The vulnerability may also work without a USB drive if the FsTx files are copied to the Windows EFI partition and the encrypted disk is temporarily disconnected from the system. After placing the FsTx folder, an attacker would need to reboot a BitLocker-protected machine, enter the Windows Recovery Environment, and follow a specific sequence of inputs.
At the point where you're able to mount the EFI partition and effectively modifying the bootloader, it's game over anyway - just run `manage-bde -unlock`, you already have to be root to mount the EFI partition.
Title sounds conspiratorial, but it lines up well with the controversy around TrueCrypt's discontinuation which, I believe, specifically called out BitLocker as an alternative to use in future.
Long time ago TrueCrypt suddenly and abruptly shut down with a vague goodbye message saying "everyone please move on and use bitlocker instead"
Prevailing theory is they were pressured to put in a backdoor and couldn't disclose it, so they had to make a seemingly ridiculous statement (because who in their right mind would trust bitlocker) to call attention that "something is very wrong"
>so they had to make a seemingly ridiculous statement (because who in their right mind would trust bitlocker) to call attention that "something is very wrong"
Alternately, they don't want people to rely on abandonware for security.
Also, despite the conspiracy theories of backdoors I'm not aware of any bitlocker exploits that work on TPM + pin, which is the intended "secure" configuration[1]. All exploits rely on TPM-only (ie. ez-mode), which is basically the security equivalent of running https/ssh without certificates and blindly accepting whatever keys shows up.
> Security professionals generally recommend avoiding reliance on any single encryption system and instead evaluating well-reviewed full-disk encryption alternatives such as VeraCrypt.
What does this even mean? Nobody is using multiple encryption schemes on top of each other, are they?
I've heard this before, so what I think it means is this:
If you want to encrypt some data that gets stored persistently somewhere on your machine, rather than invent an application-specific encryption scheme for that data alone, instead use a mainstream full-partition encryption mechanism, then store the data as plaintext within said partition.
Maybe I’m an outlier but I don’t want my drives encrypted at all. I rather have all my data be accessible if things go catastrophic, I.E. having to pull the drive out of a broken computer and put it in another computer to access the files. I just want it to be plug and play.
Cool. Everyone's threat model is different. As long as we're not writing passwords on sticky notes attached to the monitor, I don't think there's any need to be throwing stones.
Sensitive data written down on a sticky note is arguably more secure than that same data sitting on an unencrypted hard drive, at least in a home setting.
Secure rot* variants require UTF-8 and mappings that shift characters between {1,2,3,4}-byte encoded-character-sizes. That varies the message length, which prevents any message-length or traffic analysis.
The Snowden leaks revealed that the NSA is flummoxed on how to tackle variable character lengths. However, they've cracked rot26 using custom ASIC supercomputers, so it should be considered insecure even though it's twice as good as rot13.
Are you saying you bring your desktop on a train ride as well? Laptops with encryption make sense; if you need to encrypt your desktop, I have questions.
My inference machine is the only drive I leave unencrypted, but that's because it has the models on it, llama.cpp, and nothing else, and I want it back up and running services after a power-failure. My other desktops are encrypted to make hard drive disposal easy.
Simple hypothetical: "A disaster hits and the workstation owner is unable to return to the location the workstation is stored. During that time period the workstation is stolen by a gang of looters."
Also a reason to have off-site backups. Many people have done backups to local servers, only to discover that they have no way to recover their data because thieves stole everything.
My data is mundane and mostly my art projects and photography. I don’t believe I am important or interesting enough for someone to do anything with my data if they somehow managed to get it also I don’t have emails, saved passwords, banking info or that kind of sensitive info on my computers so meh I guess.
If "things go catastrophic" your hard drive is not usable at all anymore. At the very least some files can't be recovered at all. So you need backups in any case. Once you have backups, you might as well encrypt your hard drives, especially if you store these in different locations (which you should).
An advantage of encryption is that it makes it easier to give away or resell devices. With recent encryption schemes (well the ones on Linux, given this article), I feel confident that overwriting the encryption keys gets me close enough to not leaking my data once I get rid of an old hard drive.
That’s not true. I’ve had many computers that refuse to turn on and I was able to recover the files by removing the drive and loading it into a USB hard drive reader and recover the files.
Additional problem is if physical access is obtained, illegal material could be covertly added to the drive then picked up by the built in scanners in your OS. Depends on how important you are.
I was happy to give up my side-hobby of drilling drives after FDE became standard everywhere. Plug and play is great, but you don't want it to be plug and play for whoever pulls your drive out of the trash.
Same here. If anything happens I want a decent chance to be able to recover my data. The most I may do is create encrypted files, and some of them I've forgotten the passwords for, which makes me even more wary.
I mean... you can use an encryption scheme compatible with this (if you know the password).
I suppose this makes some sense for home computers (burglars and police raids are rare) but for a laptop, you really don't want thieves getting all your details.
Ironically -- this probably was paranoid a few years ago, but now -- "ChatGPT, use this prepared prompt to extract all useful info from this hard drive"
What's not plug and play if using some sensible fde like idk, dm-crypt? You are only a passphrase away from mounting that drive in any other system you plug it into.
That's my question, because my root is encrypted, I move encrypted disks all the time, and have a couple of encrypted external drives. It's trivial.
But I'm sure that some of the millions of things that I've missed as windows has become what it has become makes this simplicity seem like a scifi absurdity. I don't think that they can even log into their own computers without asking Microsoft for permission over the network. I'm sure the idea of encryption must have been overcomplicated to the point of absurdity in order to trap customers too, I just don't know about it.
I suppose you should just count your blessings (of ignorance) and be available to help your friends with cryptsetup if they decide to flee windows.
As long as Microsoft will continue to use dark patterns to convert local accounts to online accounts and automatically, without user consent, encrypt the storage drives preventing any computer use until the user goes to aka.ms and through the hoops, this is a good thing.
No one should have their data encrypted and kept from them without consent unless they do something. Microsoft does that now. They may not be requring a monetary ransom like others, but it is a ransom nevertheless.
I know this is controversial. Bitlocker helps protect one's property and information when used intentionally. And that being impacted is a shame.
How would a user that never set it up in the first place have a recovery key? I honestly am asking and don't know.
I recently (last week) had to drive over to a parent's house and "fix" their (pre-online accounts) win 11 computer used for sewing because it had become a blue screen saying aka.ms was required. They did not know how it happened and are not very technical users so I imagine they were tricked by some click-through dialog. It is not something they would ever do intentionally. All that computer ever does is run sewing pattern/control software.
I think there's been some miscommunication. If the bitlocker activation happens during tricking the user into going from a local account to online account, it is without the user's consent or real participation. They haven't printed out a copy of the key or moved it to a usb drive. They aren't aware their drives are being encrypted. They can't set up recovery keys now because the computer itself only shows the blue aka.ms screen. None of those 2/4 options are applicable.
There other 2 options are enterprise or online account (the very thing we're talking about) don't apply in this context.
You can set up recovery keys at any point in time, not just at creation. Just because people don't do it doesn't mean it isn't and hasn't been available for almost 2 decades.
And presumably the instructions for this have been on display on our local planning department in Alpha Centauri? If a user isn't even aware that their local disk is being encrypted without their knowledge or consent then why would they think to set up recovery keys?
This doesn't surprise me at all. Microsoft is a Chinese company and Chinese companies have to work with the government on such matters. Oh sorry, I meant an US company, whatever..
Another way to look at this is that Microsoft, Google, Apple, et al are in the business of providing products and services to regular people, for a low cost. This means they end up providing ways to escrow keys, recover locked accounts and so on that are weak. Not because they want to provide back doors for TLAs but because to provide strong security would be so expensive they couldn't meet the price point for regular customers. If, for example, MS only provided disk encryption that relied on a smart card or a memorized strong passphrase at boot/wake, they'd go out of business providing support to people who forgot their passphrase and being sued by people who lost their data.
Well I doubt anyone would be surprised with a backdoor in MS product, there have been many of them already, I frankly doubt anyone with "disk encryption" on Windows would think that it's NSA-proof (or script-kiddy clever, as shown in this article :))
Seems this traces back almost a week, from Nightmare-Eclipse who is the researcher who found this:
Tuesday, 12 May 2026 - "Here are the links, yes, two vulnerabilities this time [YellowKey] [GreenPlasma] [...] Next patch tuesday will have a big surprise for you Microsoft"
Wednesday, 13 May 2026 - "I can't wait when I will be allowed to disclose the full story, I think people will find my crashout very reasonable and it definitely won't be a good look for Microsoft."
Author's blog: https://deadeclipse666.blogspot.com/
First post in March 2026 is "[...] someone violated our agreement and left me homeless with nothing. They knew this will happen and they still stabbed me in the back anyways, this is their decision not mine."
I'm not sure what to make of it, is this someone essentially "leaking" things from the inside? Sure sounds like it, and others are able to reproduce the results.
I read it as the author is / was going through the vulnerability disclosure process with Microsoft and they're annoyed for unclear reasons and decided to publicly disclose, rather than being an insider.
How would that leave them homeless?
Presumably, not paying out for these bugs which often take weeks of research to find.
Who in their right mind bets on bug bounties to cover their basic needs? They should be highly employable with these kind of skills.
> Who in their right mind bets on bug bounties to cover their basic needs?
Someone with a vulnerability worth as much as a two bedroom apartment?
people with values different from yours, presumably
This is one it those answers that seems on the surface like it contains insight but on closer inspection it’s vacuous.
This could be rewritten as “because they aren’t you”, which is true but not a meaningful or educational answer.
Can’t wait to read the blogpost of what have truly happened and motivated this person to expose M$ like this
Dude. It’s been like 30+ years. You can drop M$. Yes, they exist to make money. They’re shitty and they make money. Yes. That’s ok. Microslop if you must, but must you?
Micro$lop it is from now on :)
Micro$lop it is!
Yeah man we've been saying negative things about them for like 40 years must we constantly dwell on what they do wrong? It's time we find positive angles
They keep doing negative things that influence the industry and infringe upon the freedoms of hundreds of millions of people. Yes we should keep dwelling on that.
>Yeah man we've been saying negative things about them for like 40 years
Well gee, I wonder why people have been saying negative things about them for so long?
Perhaps if it's been that long there's a kernel of truth to the matter.
Perhaps they're a shitty company who does shitty things selling shitty products.
But nothing has changed. It's fair to say it's silly, jeuvenile, but it's also fair to say MS deserve absolutely no normal respect you would pay a turd. Maybe the poster actually is 12 and we all have a right to be 12 for a while. There's always a new generation discovering today what we discovered 30 years ago.
Better writeup: https://infosec.exchange/@wdormann/116565129854382214
The published exploit doesn’t affect Bitlocker with a PIN, without which Bitlocker isn’t secure anyway. The original author claims they have an exploit that also works with a PIN, but hasn’t provided any proof of that.
From: https://infosec.exchange/@wdormann/116565129854382214
>In a normal WinRE session, you have a X:\Windows\System32 directory that has a winpeshl.ini file in it
>However, with the YellowKey exploit, it looks like Transactional NTFS bits on a USB Drive are able to delete the winpeshl.ini file on ANOTHER DRIVE
Interesting. I dont know about this environment - some kind of naive file handle contructing/passing? But then, why require a key press during winre reboot?
I wonder how patachable this is. The thousands of winre thumb drives are certainly out of reach; maybe the bitlocker side update the access permissions? Would it require unenc/reenc?
Seems like lots more to follow
>The thousands of winre thumb drives are certainly out of reach; maybe the bitlocker side update the access permissions? Would it require unenc/reenc?
The part that isn't mentioned is that the win re is privileged because windows stores a decryption key in the TPM that allows win re to decrypt the disk even without the recovery key. That's why the attack requires win re in the first place, rather than booting into an ubuntu live cd or whatever. This also means you don't have to patch all the winRE thumbdrives out there because their secureboot signatures can simply be revoked, meaning they can't pass TPM validation anymore, therefore they won't be able to decrypt any disks.
This doesn't sound bitlocker specific, sounds more like a login bypass. If you rely on TPM without PIN then it gets decrypted automatically. This should be fine normally as attackers shouldn't be able to get past login screen. But this exploit shows a way allegedly to get a unrestricted shell in the recovery environment.
The researcher claims a way to bypass PIN too but hasn't revealed it.
"Security professionals generally recommend avoiding reliance on any single encryption system and instead evaluating well-reviewed full-disk encryption alternatives such as VeraCrypt".
If they put a backdoor into FDE it would make more sense to advise people to stop using windows at all and using Linux instead. If they put a backdoor in FDE you can be sure there is not just one backdoor in the operating system itself. You shouldn't trust proprietary software at all. You shouldn't even trust open source if it isn't properly audited.
I don't use Microsoft products generally but not with even with your computer would I run VeraCrypt.
Curious to see this take from you! I followed TrueCrypt for years, but always thought it was very strange that they were anonymous, and then the mysterious shutdown happened, and I have no idea what to make of VeraCrypt. It's been in my "possibly good, but too many weird flags around the whole project" bucket.
Anything in particular that makes you wary? I'm aware of the 2016 and 2020 audits (https://ostif.org/the-veracrypt-audit-results/ is the 2016 one, I believe), but those seemed to suggest things were getting better over time. Curious what other signals to look for.
this crypto solution got their driver licence pulled afaik they cant update their program anymore / get new drivers loaded properly
Ever since the TrueCrypt fiasco years ago, I have no trust in that brand.
Fiasco? You mean where they voluntarily shut down rather than compromise themselves? Or are you referring to another matter?
Is there a brand you do have trust in? I’ve kind of thrown my hands up, considered my attack surface is dude stealing my laptop and not the state department wants my 4chan history, and just use the encryption tools provided by Apple and Microsoft
What? Why?
At what point will Security professionals start turning down roles that involve “securing” MS Products? I’m already at this point.
Securing Microsoft products is busy work while waiting to have it undercut by the next wave of MS’s insane tech debt and greed. And now backdoors!
As opposed to iOS, which does iCloud backups that are not E2E encrypted by default, so that law enforcement can request your chats (except Signal because they opt out), browser history, etc.?
You can enable ADP for E2E encrypted backups, but it's probable not going to help you much, because the people you are communicating with likely didn't.
This is not to defend Microsoft, more to say that all these companies were part of PRISM.
>You can enable ADP for E2E encrypted backups, but it's probable not going to help you much, because the people you are communicating with likely didn't.
That just sounds like a fundamental issue with security in general, not specific to Apple/Microsoft.
My point is that these defaults that look secure to a non-expert, but do not hold up to scrutiny, are probably intentional.
I have found that even many tech people have incorrect beliefs about these things, like assuming that iCloud Backups are E2E encrypted by default or that disabling Allow Apps to Request to Track disables trackers inside apps.
> This is not to defend Microsoft
But you are defending MS, conflating a bunch of things, mainly full disk encryption and cloud backups.
There's a big difference between Apples cloud backup which has documented behavior and a backdoor. I'm also fairly confidant in Apple's full disk encryption, they've gone to court to defend it. There also a lot more data points we can use to judge Apple vs Microsoft on privacy and security, and MS comes out looking bad.
I think my message wooshed. I was not comparing disk encryption and iCloud backups. My point is that insecure defaults are Apple and other's alternative to backdoors. They give plausible deniability ("how is someone able to recover their data if they lost their credentials and we used E2E?"), while at the same time satisfying law enforcement, because the vast majority of people is not aware of them.
Another example is WhatsApp on Android, by default when backups are enabled, they are stored unencrypted in Google Drive. A good counter-example is Signal, which opts out of backups on iOS and Android and the only option is to do E2E backups to their own servers.
I'm also fairly confidant in Apple's full disk encryption, they've gone to court to defend it.
FWIW, in the last leaked report, iPhone was not an issue AFU for Cellebrite (macOS is most likely even easier due to looser security):
https://discuss.grapheneos.org/d/14344-cellebrite-premium-ju...
Signal won't let us download our own data and back it up using our own secure systems. Whatever its other merits it gets 0% for backup policy.
Though I suppose then I have to give a negative % to all the systems that have insecure online backups. This whole area is a train wreck really.
> ‘Signal won't let us download our own data and back it up using our own secure systems.
Signal is slowly, very slowly, moving toward providing real backups and cross-device transfers
I understand why you’d believe Signal still can’t deliver that, because they had been ignoring the user demands for years.
But there is real progress now
https://support.signal.org/hc/en-us/articles/9708267671322-S...
You are confused. They are not "security" roles, they are compliance roles. That's all most enterprise customers really care about. They satisfied all of the compliance rules, and are following "best practices" (influenced by MS), anything that happens is not their fault.
For enterprise, there seems to be so much money in doing it, that I don't think people are going to start turning it down just because it's troublesome.
I just digged into the exploit a little bit more and what it does it targets BitLocker in TPM only mode. That means that there is no preboot authentication or anything. What happens is secure boot validates the boot chain and the TPM gives out the encryption keys by itself. When you have physical access, it doesn't really make a difference. If there is a stick you can boot from and drop into an emergency shell or if you have to buy a $5 microcontroller and solder it to certain pins on the main board to sniff the TPM keys. What Microsoft is doing here in general they are selling something that is not secure. They are selling it as as full disk encryption but it's not. Someone who can flash a flash drive with an exploit and drop to a shell and use it to browse and copy files. Can also just buy that microcontroller and watch your YouTube with you How to solder. So the "exploit" isn't The problem here the problem is the false sense of security that Microsoft is selling.
>If there is a stick you can boot from and drop into an emergency shell
This won't work because the TPM will only give you the keys if you're booting an "approved" OS, specifically the PCR states that the encryption keys are bound to.
>or if you have to buy a $5 microcontroller and solder it to certain pins on the main board to sniff the TPM keys.
That only works with dTPMs. fTPMs aren't vulnerable to this, and are far more popular than dTPMs.
I was talking about the signed recovery shell the article is talking about. Sadly most business laptops still use dtpms. Also if they use ftpms you can simply use a ram scraper. The attack surface is huge either way.
Ubuntu also released TPM based FDE a few versions ago. I had these thoughts then and decided against using it. Typing my passphrase on boot is muscle memory and gives me simple security I can trust.
Also can recover data without my mainboard.
Maybe a hybrid (secureboot-TPM+phrase) slot for day to day to also prevent against evil maid attacks, and another slot with a backup passphrase would be acceptable.
>Typing my passphrase on boot is muscle memory and gives me simple security I can trust.
It's not an either-or. You can combine TPM with passwords which makes it far more secure than password alone. A TPM can enforce password guessing limits, otherwise a password needs to be absurdly long to be secure against GPU bruteforcing attacks. It also prevents someone from swapping out the bootloader with a backdoored version that steals your passwords.
>Also can recover data without my mainboard.
You're supposed to keep a backup of the encryption key when using TPM, in case it fails.
Sounds good - which software supports this? Specifically I'd prefer if it would do a composite key derivation in-time rather than "just a pw prompt but TPM has the full key"
They claim they have TPM + PIN exploit too, though how credible it is remains to be seen.
https://deadeclipse666.blogspot.com/2026/05/were-doing-silen...
That should be the fastest way to make them patch it.
> The vulnerability may also work without a USB drive if the FsTx files are copied to the Windows EFI partition and the encrypted disk is temporarily disconnected from the system. After placing the FsTx folder, an attacker would need to reboot a BitLocker-protected machine, enter the Windows Recovery Environment, and follow a specific sequence of inputs.
At the point where you're able to mount the EFI partition and effectively modifying the bootloader, it's game over anyway - just run `manage-bde -unlock`, you already have to be root to mount the EFI partition.
Title sounds conspiratorial, but it lines up well with the controversy around TrueCrypt's discontinuation which, I believe, specifically called out BitLocker as an alternative to use in future.
I'm not aware of the connection between truecrypt and bitlocker, want to enlighten us?
Long time ago TrueCrypt suddenly and abruptly shut down with a vague goodbye message saying "everyone please move on and use bitlocker instead"
Prevailing theory is they were pressured to put in a backdoor and couldn't disclose it, so they had to make a seemingly ridiculous statement (because who in their right mind would trust bitlocker) to call attention that "something is very wrong"
>so they had to make a seemingly ridiculous statement (because who in their right mind would trust bitlocker) to call attention that "something is very wrong"
Alternately, they don't want people to rely on abandonware for security.
Also, despite the conspiracy theories of backdoors I'm not aware of any bitlocker exploits that work on TPM + pin, which is the intended "secure" configuration[1]. All exploits rely on TPM-only (ie. ez-mode), which is basically the security equivalent of running https/ssh without certificates and blindly accepting whatever keys shows up.
[1] https://learn.microsoft.com/en-us/windows/security/operating...
That was my immediate first thought. "Oh, is Bitlocker Not Safe Anymore?"
You're probably thinking of VeraCrypt, which is a fork of TrueCrypt. I don't think BitLocker is related.
https://en.wikipedia.org/wiki/TrueCrypt#End_of_life_announce... - they are referring to this event, and the SourceForge page is still displaying the message along with a guide on how to enable BitLocker.
> Security professionals generally recommend avoiding reliance on any single encryption system and instead evaluating well-reviewed full-disk encryption alternatives such as VeraCrypt.
What does this even mean? Nobody is using multiple encryption schemes on top of each other, are they?
I've heard this before, so what I think it means is this:
If you want to encrypt some data that gets stored persistently somewhere on your machine, rather than invent an application-specific encryption scheme for that data alone, instead use a mainstream full-partition encryption mechanism, then store the data as plaintext within said partition.
Maybe I’m an outlier but I don’t want my drives encrypted at all. I rather have all my data be accessible if things go catastrophic, I.E. having to pull the drive out of a broken computer and put it in another computer to access the files. I just want it to be plug and play.
My harddrives (laptop, work laptop, desktop, server) contain emails, browser sessions, saved passwords, personal data from family and friends.
I do not want someone stealing my laptop on a train ride potentially being able to have all of that data.
With a proper real backup strategy, i have everything save. I do not need easy access to a hard drive from a broken computer.
But hey you do you :)
Cool. Everyone's threat model is different. As long as we're not writing passwords on sticky notes attached to the monitor, I don't think there's any need to be throwing stones.
> Everyone's threat model is different.
Everyone's threat model is different, but some are better than others, and maybe we shouldn't equate taking time to explain why with throwing stones.
Sensitive data written down on a sticky note is arguably more secure than that same data sitting on an unencrypted hard drive, at least in a home setting.
I did not throw a stone, i only clarified my counter position for others to understand why I encrypt.
Hey now, I use rot13 on my sticky notes.
Gotta bump that encryption up - rot26 is twice as secure.
Secure rot* variants require UTF-8 and mappings that shift characters between {1,2,3,4}-byte encoded-character-sizes. That varies the message length, which prevents any message-length or traffic analysis.
The Snowden leaks revealed that the NSA is flummoxed on how to tackle variable character lengths. However, they've cracked rot26 using custom ASIC supercomputers, so it should be considered insecure even though it's twice as good as rot13.
Are you saying you bring your desktop on a train ride as well? Laptops with encryption make sense; if you need to encrypt your desktop, I have questions.
My inference machine is the only drive I leave unencrypted, but that's because it has the models on it, llama.cpp, and nothing else, and I want it back up and running services after a power-failure. My other desktops are encrypted to make hard drive disposal easy.
I have one safety concept for everything and not random ones for random devices.
Every machine is encrypted, unlocked per login.
Encryption is basically free so.
Simple hypothetical: "A disaster hits and the workstation owner is unable to return to the location the workstation is stored. During that time period the workstation is stolen by a gang of looters."
Ah yes a typical Tuesday for me
Burglars are a thing.
Also a reason to have off-site backups. Many people have done backups to local servers, only to discover that they have no way to recover their data because thieves stole everything.
My data is mundane and mostly my art projects and photography. I don’t believe I am important or interesting enough for someone to do anything with my data if they somehow managed to get it also I don’t have emails, saved passwords, banking info or that kind of sensitive info on my computers so meh I guess.
If "things go catastrophic" your hard drive is not usable at all anymore. At the very least some files can't be recovered at all. So you need backups in any case. Once you have backups, you might as well encrypt your hard drives, especially if you store these in different locations (which you should).
An advantage of encryption is that it makes it easier to give away or resell devices. With recent encryption schemes (well the ones on Linux, given this article), I feel confident that overwriting the encryption keys gets me close enough to not leaking my data once I get rid of an old hard drive.
That’s not true. I’ve had many computers that refuse to turn on and I was able to recover the files by removing the drive and loading it into a USB hard drive reader and recover the files.
Additional problem is if physical access is obtained, illegal material could be covertly added to the drive then picked up by the built in scanners in your OS. Depends on how important you are.
I was happy to give up my side-hobby of drilling drives after FDE became standard everywhere. Plug and play is great, but you don't want it to be plug and play for whoever pulls your drive out of the trash.
That's called LUKS2 and it's the default on Linux. You just type passphrase on boot. It's not tied to the motherboard.
What if you forget the passphrase after not using it for many years and you suddenly need a file on the drive?
Print it on a piece of paper and put it in a lock box.
Same here. If anything happens I want a decent chance to be able to recover my data. The most I may do is create encrypted files, and some of them I've forgotten the passwords for, which makes me even more wary.
But it's also plug&play for anyone stealing your laptop, see for instance
https://news.ycombinator.com/item?id=39941021
So long as you've backed up the key you can fairly easily decrypt on any machine.
I mean... you can use an encryption scheme compatible with this (if you know the password).
I suppose this makes some sense for home computers (burglars and police raids are rare) but for a laptop, you really don't want thieves getting all your details.
Ironically -- this probably was paranoid a few years ago, but now -- "ChatGPT, use this prepared prompt to extract all useful info from this hard drive"
the point is having a choice and the choice actually doing what it claimed.
What's not plug and play if using some sensible fde like idk, dm-crypt? You are only a passphrase away from mounting that drive in any other system you plug it into.
That's my question, because my root is encrypted, I move encrypted disks all the time, and have a couple of encrypted external drives. It's trivial.
But I'm sure that some of the millions of things that I've missed as windows has become what it has become makes this simplicity seem like a scifi absurdity. I don't think that they can even log into their own computers without asking Microsoft for permission over the network. I'm sure the idea of encryption must have been overcomplicated to the point of absurdity in order to trap customers too, I just don't know about it.
I suppose you should just count your blessings (of ignorance) and be available to help your friends with cryptsetup if they decide to flee windows.
As long as Microsoft will continue to use dark patterns to convert local accounts to online accounts and automatically, without user consent, encrypt the storage drives preventing any computer use until the user goes to aka.ms and through the hoops, this is a good thing.
No one should have their data encrypted and kept from them without consent unless they do something. Microsoft does that now. They may not be requring a monetary ransom like others, but it is a ransom nevertheless.
I know this is controversial. Bitlocker helps protect one's property and information when used intentionally. And that being impacted is a shame.
The nagging to upgrade is insane. Even the 'dismissal' option is a dark pattern still designed to make you click the wrong thing
You only need to use the aka.ms link if you lost your recovery key. That feature also can be disabled without disabling Bitlocker as a whole.
How would a user that never set it up in the first place have a recovery key? I honestly am asking and don't know.
I recently (last week) had to drive over to a parent's house and "fix" their (pre-online accounts) win 11 computer used for sewing because it had become a blue screen saying aka.ms was required. They did not know how it happened and are not very technical users so I imagine they were tricked by some click-through dialog. It is not something they would ever do intentionally. All that computer ever does is run sewing pattern/control software.
The non-cloud methods for recovering the key have been the same since Bitlocker was released 19 years ago.
https://support.microsoft.com/en-us/windows/find-your-bitloc...
I think there's been some miscommunication. If the bitlocker activation happens during tricking the user into going from a local account to online account, it is without the user's consent or real participation. They haven't printed out a copy of the key or moved it to a usb drive. They aren't aware their drives are being encrypted. They can't set up recovery keys now because the computer itself only shows the blue aka.ms screen. None of those 2/4 options are applicable.
There other 2 options are enterprise or online account (the very thing we're talking about) don't apply in this context.
You can set up recovery keys at any point in time, not just at creation. Just because people don't do it doesn't mean it isn't and hasn't been available for almost 2 decades.
And presumably the instructions for this have been on display on our local planning department in Alpha Centauri? If a user isn't even aware that their local disk is being encrypted without their knowledge or consent then why would they think to set up recovery keys?
This doesn't surprise me at all. Microsoft is a Chinese company and Chinese companies have to work with the government on such matters. Oh sorry, I meant an US company, whatever..
Another way to look at this is that Microsoft, Google, Apple, et al are in the business of providing products and services to regular people, for a low cost. This means they end up providing ways to escrow keys, recover locked accounts and so on that are weak. Not because they want to provide back doors for TLAs but because to provide strong security would be so expensive they couldn't meet the price point for regular customers. If, for example, MS only provided disk encryption that relied on a smart card or a memorized strong passphrase at boot/wake, they'd go out of business providing support to people who forgot their passphrase and being sued by people who lost their data.
Well I doubt anyone would be surprised with a backdoor in MS product, there have been many of them already, I frankly doubt anyone with "disk encryption" on Windows would think that it's NSA-proof (or script-kiddy clever, as shown in this article :))