The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea I'm sure Copilot will be very apologetic once it's called out.
-
R relay@relay.publicsquare.global shared this topic
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea The charitable interpretation also assumes that in choosing the trigger for this debug behavior, they'd select a filename including a very large number of apparently random digits.
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea it already stored the passkeys to the cloud and they give to authorities when asked i guess one bypass wasnt enough
-
@0xabad1dea The charitable interpretation also assumes that in choosing the trigger for this debug behavior, they'd select a filename including a very large number of apparently random digits.
@rst well, yes actually, having seen tons of firmware code, that’s quite normal and non-suspicious functionality does this all the time. it’s presumably just a guid
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea i am sorry WHAT
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea It's microsoft. They get no charity at all; they should be paying alms to the lot of us, everyone who ever booted 95 or higher...
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea
> windows 10 is not [affected]
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea shiiiiiiiiiit that's cool
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea Maybe their new LLM forgot to remove the code before shipping a new production version.
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea this is what you get when you do disk encryption without user input
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
I already went through the hassle of configuring my laptop to get secure boot and encryption on my Windows and Linux partitions, and then I learned the NTFS encryption key gets automatically submitted to Microsoft so decrypting it is as easy as stealing my Outlook account. I'm yet to rekey my hard drive with a local-only key, as I fear I'd have to format and reinstall. Does this exploit make local-only keys equally unsafe, too? -
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea This would be pretty serious if BitLocker was a security feature, not a user annoyance one.
-
@kallisti @0xabad1dea well by asking Microsoft nicely for the decryption keys they store in plain text among account data on their server of course
(fck microsoft) -
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea To be honest, I had a Huawei phone for a long time, because I trust the human rights record of the PRC more than I trust the US tech companies.
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea MS has been known - from the start with their first windows versions that they distribute beta versions that come with bugs galore. The user/customer then hands in all those problematic situations which (with luck) get repaired and updated every other day. Those repair updates will happen as long as the version is distributed and only stop when there is a new and "better" version... again, of course, beta, full of bugs.
Microsoft customers are used to being used as beta testers. -
@0xabad1dea To be honest, I had a Huawei phone for a long time, because I trust the human rights record of the PRC more than I trust the US tech companies.
@rrb Well you got a point there. At least it wouldn't be worse than a US tech phone @0xabad1dea
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea oh I'm sure if was the merest accidental oversight and that they're very very sorry and feel so foolish now.
-
@rrb Well you got a point there. At least it wouldn't be worse than a US tech phone @0xabad1dea
@energisch_ @0xabad1dea and I don't live in China, so their ability to mess with me is limited
-
@energisch_ @0xabad1dea and I don't live in China, so their ability to mess with me is limited
@rrb exactly! @0xabad1dea
