← Back to context

Comment by AnonC

8 hours ago

The BitLocker exploit seems simple and very dangerous. Companies and individuals have been relying on BitLocker to protect information if the device is lost. Despite promises, Microsoft doesn’t seem to be serious about security.

What will it take for more companies to truly understand their risks with Windows and being locked into Microsoft’s platforms?

20 comments

AnonC

Reply
londons_explore  1 hour ago

Microsoft has never seemed to treat bitlocker seriously.

Back in the windows 7 days you could stick a windows installer CD in and press Shift+F7 or something and get a system command prompt with the drive unlocked.

Surely when someone said 'we're gonna let the installer unlock bitlocker' they immediately thought 'That means the whole installer needs to be as secure as the login screen' right? Seemingly not.

  • Imustaskforhelp  10 minutes ago

    > Back in the windows 7 days you could stick a windows installer CD in and press Shift+F7 or something and get a system command prompt with the drive unlocked.

    On my birthday iirc once long time ago I think in 5-6th class not sure, my brother gave me his laptop, I wanted to do python but python wanted admin password on windows to install properly. So what I did was I dont even remember how, but download one operating system which could then crack the windows password so that I can set new and I used that to then set a new password to then install python. to then only print hello world :D (I think only because one of the cousins I really admire mentioned that he made 2k loc of python once and I thought during that time, python is the endgame). We are talking about windows 7 but I think that windows 10 security must've gotten better. So these are some things that I have done, I wouldn't call it coding as much as tinkering but I love doing these things from as long as I can remember :D

    I just remembered this paragraph from one of the comments that I had written sometime ago, source: https://news.ycombinator.com/item?id=47663383

cookiengineer  6 hours ago

Note that RedSun and Bluehammer were silently patched, with no response to the CVEs by Microsoft, and not accrediting the researcher's work.

That's what this is about. Microsoft doing bad security practices while trying to get away with it, leading to this outcome.

The researcher also claims to have another version ready which allows to also bypass TPM+PIN via a similar backdoor, which I'm inclined to believe.

Why do I believe that? 5 ring 0 zero days within 3 months are so statistically unlikely to be found, by the same person, in such a short time. Whoever this person is really knows their exploits, and must be in the league of Juan Sacco.

  • aiscoming  6 hours ago

    the only way to bypass PIN would be an actual backdoor in Bitlocker. no way around that. an actual backdoor in microsoft encryption was never documented, and there are Snowden documents showing FBI pressing Microsoft into introducing one and Microsoft refusing

    so I call bullshit on the PIN bypass

    • cookiengineer  6 hours ago

      > the only way to bypass PIN would be an actual backdoor in Bitlocker. no way around that. an actual backdoor in microsoft encryption was never documented, and there are Snowden documents showing FBI pressing Microsoft into introducing one and Microsoft refusing

      A USB stick containing a masterkey to decrypt a bitlocker volume is literally the definition of a backdoor.

      Go on, try it out. It works.

      6 replies →

ranger_danger  8 hours ago

How does a bug equate to "not serious about security"?

  • JeremyNT  1 minute ago

    The basic design of the most common mode of operation for bitlocker, where the TPM hands over the deception keys to the drive when Windows boots without requiring a PIN or anything, indicates how unserious they are.

  • Terr_  6 hours ago

    Along with other facets of this, what are the odds a "bug" would also automatically erase evidence of itself from the bootable USB stick when it activates?

  • forestry  8 hours ago

    The blog author calls it that but given there’s no root cause yet it’s foolish to jump to conclusions.

  • Our_Benefactors  8 hours ago

    [flagged]

    • HDBaseT  7 hours ago

      It seems undeniably a backdoor, why on earth would a very specific folder/file name and a specific boot combination just "magically" open up an encrypted drive.

      It also doesn't help this comes from a person who likely was close to the development at Microsoft (one way or another) as their recent disclosures are quite alarming.

      Of course, this could technically be the stars aligning type bug, but it seems like a purposefully planted backdoor to me.

      1 reply →