The basic design of the most common mode of operation for bitlocker, where the TPM hands over the deception keys to the drive when Windows boots without requiring a PIN or anything, indicates how unserious they are.
Along with other facets of this, what are the odds a "bug" would also automatically erase evidence of itself from the bootable USB stick when it activates?
It seems undeniably a backdoor, why on earth would a very specific folder/file name and a specific boot combination just "magically" open up an encrypted drive.
It also doesn't help this comes from a person who likely was close to the development at Microsoft (one way or another) as their recent disclosures are quite alarming.
Of course, this could technically be the stars aligning type bug, but it seems like a purposefully planted backdoor to me.
Just booting opens up the encrypted drive. Windows gets the key out of the TPM.
Which leaves an enormous attack surface. If you can break Windows before logging in, you can effectively bypass bitlocker.
"Windows loads some file in System Volume Information automatically" is not evidence of a backdoor. And you have to put specific exploit files in there to turn this into an attack. You don't just make the folder.
It's still possible this is a backdoor, I guess, but there's nothing as blatant as you're implying.
The basic design of the most common mode of operation for bitlocker, where the TPM hands over the deception keys to the drive when Windows boots without requiring a PIN or anything, indicates how unserious they are.
There's no way this is not a backdoor
Along with other facets of this, what are the odds a "bug" would also automatically erase evidence of itself from the bootable USB stick when it activates?
The blog author calls it that but given there’s no root cause yet it’s foolish to jump to conclusions.
[flagged]
It seems undeniably a backdoor, why on earth would a very specific folder/file name and a specific boot combination just "magically" open up an encrypted drive.
It also doesn't help this comes from a person who likely was close to the development at Microsoft (one way or another) as their recent disclosures are quite alarming.
Of course, this could technically be the stars aligning type bug, but it seems like a purposefully planted backdoor to me.
Just booting opens up the encrypted drive. Windows gets the key out of the TPM.
Which leaves an enormous attack surface. If you can break Windows before logging in, you can effectively bypass bitlocker.
"Windows loads some file in System Volume Information automatically" is not evidence of a backdoor. And you have to put specific exploit files in there to turn this into an attack. You don't just make the folder.
It's still possible this is a backdoor, I guess, but there's nothing as blatant as you're implying.
*in your opinion.