A security researcher says Microsoft secretly built a backdoor into BitLocker, releases an exploit to prove it

Shoutout to the security researcher whose threat model is apparently "nation-state actor with physical access to your machine and a USB drive" — which, if that's your situation, BitLocker was already the least of your problems. Still wild that it exists though.
 
Microsoft's official response will be a CVE rated 6.8 Medium with the mitigation advice of "consider not having sensitive files."
 
Fair enough. In a case like this, if this was intentional, I would ascribe it to incompetence, a poor decision, and a poor implementation, rather than malice. Only Microsoft can come up with things like this.

The culture of criticism that enthusiasts direct towards Microsoft is excellent; if Redmond makes one wrong move, people make a din (rightly so). As we've seen of late, it's working. From what I see of the Linux community, people are more diffident to criticise out of fear of being slammed, that so and so is not actually a problem, etc.
There's not much to criticize in Linux, because Linux is just the kernel. The rest is up to each distro, and I can guarantee that criticism is much higher than in windoze. For example, people complained when 32bit support was partially dropped in some distros recently, knowing that virtually noone is using it anymore. That is how it's supposed to be : freedom of speech, freedom to use the software you want to, freedom to access and modify the source code, freedom to fork it.... FOSS is the only viable way in computing as open source hardware should be in every aspect of life.
 
There's not much to criticize in Linux, because Linux is just the kernel. The rest is up to each distro, and I can guarantee that criticism is much higher than in windoze. For example, people complained when 32bit support was partially dropped in some distros recently, knowing that virtually noone is using it anymore. That is how it's supposed to be : freedom of speech, freedom to use the software you want to, freedom to access and modify the source code, freedom to fork it.... FOSS is the only viable way in computing as open source hardware should be in every aspect of life.
Criticism is good, and users should point out the flaws in their OS of choice. Regarding the FOSS vs. proprietary/closed-source debate, it is one of ideology and very like religion, political party, etc., so either side will believe their choice correct and the other's wrong.

I will note, though, that there is a scale of freedom in FOSS licences, the GPL being, for example, much more restrictive than the permissive MIT. Many projects avoid or can't use GPL code because of the control or implications it entails. Ironically, we have a number of Windows components under MIT, meaning people can do what they want with it.
 
Criticism is good, and users should point out the flaws in their OS of choice. Regarding the FOSS vs. proprietary/closed-source debate, it is one of ideology and very like religion, political party, etc., so either side will believe their choice correct and the other's wrong.

I will note, though, that there is a scale of freedom in FOSS licences, the GPL being, for example, much more restrictive than the permissive MIT. Many projects avoid or can't use GPL code because of the control or implications it entails. Ironically, we have a number of Windows components under MIT, meaning people can do what they want with it.
Lol
 
MS doesn't need a damn backdoor into bitlocker since they hold the keys to the kingdom - Remember how the Govt. Asked MS o decrypt Bin Laden's laptop? They were able to do that because they have the master key.
 
MS doesn't need a damn backdoor into bitlocker since they hold the keys to the kingdom - Remember how the Govt. Asked MS o decrypt Bin Laden's laptop? They were able to do that because they have the master key.
Now everyone has the master key, no one could have guessed that would happen.
 
Back