yellowkey happened because they added a new thing and a winpe boot-time recovery tool for that, which can be abused to get winpe init to reach a code path that just pops a shell with derived bitlocker keys still in memory
@[email protected] @[email protected] @[email protected] @[email protected] My comment was mostly a joke, but if you want to take it more seriously I don't see an unintended interaction between a boot time feature and your own OS's disk encryption as distinct from it seeming rushed. That's exactly the type of interaction you should be spending the time to think about when delivering this type of feature. Of course, sometimes something slips through even if you have put all the time and effort in but... it's not inspiring from the outside.