oh lovely, so there's a new evil maid attack vector in 'yellowkey'?
well. that's decidedly unpleasant for y'all windows folks.
Post
Replies:
4
@munin to my understanding, the backdoor cannot work if you have a password on bitlocker itself (most people don’t, but if evil maids are a nonhypothetical concern for you, you really should)
@0xabad1dea @munin yeah and it really doesn't look like a backdoor. it's just a bad design.
@Rairii found a second one too, but for leaking files into memory.
@gsuberland @munin @Rairii the fundamental problem here with judging if it's malicious is that if you *wanted* to design a highly deniable backdoor that would nonetheless work on 98% of installations, this would be a really good way to do it 😩
@0xabad1dea@infosec.exchange @gsuberland@chaos.social @munin@infosec.exchange @Rairii@labyrinth.zone "They tried to bribe me to add a backdoor, but jokes on them - it's already rushed and full of bugs."
