oh lovely, so there's a new evil maid attack vector in 'yellowkey'?
well. that's decidedly unpleasant for y'all windows folks.
1
Post
Replies:
8
@munin to my understanding, the backdoor cannot work if you have a password on bitlocker itself (most people don’t, but if evil maids are a nonhypothetical concern for you, you really should)
3
@0xabad1dea @munin I've seen this debated back and forth and it's unclear if the boot PIN actually blocks this attack.
What I do know is, it's virtually unworkable in a large enough business. The idea of helpdesk talking users through resetting bitlocker boot time PINs which are different to the user passwords they already can't remember just isn't tenable.
@0xabad1dea @munin yeah and it really doesn't look like a backdoor. it's just a bad design.
@Rairii found a second one too, but for leaking files into memory.
1
@gsuberland @munin @Rairii the fundamental problem here with judging if it's malicious is that if you *wanted* to design a highly deniable backdoor that would nonetheless work on 98% of installations, this would be a really good way to do it 😩
1
@[email protected] @[email protected] @[email protected] @[email protected] "They tried to bribe me to add a backdoor, but jokes on them - it's already rushed and full of bugs."
1
@mavnn @0xabad1dea @gsuberland @munin i wouldn't say it's *rushed*, rather not all feature interactions were considered
yellowkey happened because they added a new thing and a winpe boot-time recovery tool for that, which can be abused to get winpe init to reach a code path that just pops a shell with derived bitlocker keys still in memory
yellowkey happened because they added a new thing and a winpe boot-time recovery tool for that, which can be abused to get winpe init to reach a code path that just pops a shell with derived bitlocker keys still in memory
1
@[email protected] @[email protected] @[email protected] @[email protected] My comment was mostly a joke, but if you want to take it more seriously I don't see an unintended interaction between a boot time feature and your own OS's disk encryption as distinct from it seeming rushed. That's exactly the type of interaction you should be spending the time to think about when delivering this type of feature. Of course, sometimes something slips through even if you have put all the time and effort in but... it's not inspiring from the outside.
@0xabad1dea @munin REALLY glad I'm not in charge of vuln management for fleets of endpoints right now.
But, really sad that I'm not in charge of fleets of endpoints right now.
