Bitlocker is a disk #encryption feature shipped with #Windows.

missconstrue@mefi.social

Bitlocker is a disk #encryption feature shipped with #Windows. It is designed to protect sensitive data by encrypting entire drives, ensuring that information remains secure, especially if a device is lost or stolen. Many, many, many enterprises use it to protect portable media.

A #vulnerability has just been published, that backdoors #Bitlocker completely on Win11. (Doesn't work on 10, previous versions untested.)

Researchers posit that it is a backdoor because it is undocumented, and only enabled on certain configurations.

What does this mean for you as an enduser? If you use bitlocker as your encryption, and someone has access to your system, they can jailbreak it. Is it likely? No.

What does it mean if you're corporate IT? My hair is on fire, my hair is on fire!

The bigger question is: who put the access there and why.

https://github.com/Nightmare-Eclipse/YellowKey

#infosec #security #backdoor #yellowkey