this post was submitted on 17 May 2026
299 points (99.0% liked)

Technology

84731 readers
4429 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
299
A security researcher says Microsoft secretly built a backdoor into BitLocker, releases an exploit to prove it (www.techspot.com)
submitted 6 hours ago by Itwasntme223@discuss.online to c/technology@lemmy.world
20 comments fedilink hide all child comments
all 21 comments
sorted by: hot top controversial new old
[–] hperrin@lemmy.ca 9 points 50 minutes ago

Of course they did. They have no interest in protecting your privacy and every interest in making you think they do. I would’ve been way more surprised to learn there wasn’t a backdoor.

[–] hperrin@lemmy.ca 2 points 37 minutes ago

For anything I want to actually keep private, I only trust the software that I wrote. But LUKS is good enough for most stuff.

[–] DeathsEmbrace@lemmy.world 35 points 3 hours ago

The entire Microsoft, Apple and Google ecosystem is USA backdoors. That's why I call it American spyware.

[–] Dalraz@lemmy.ca 45 points 4 hours ago (1 children)

Seems like every week there is another reason why I'm thankful I switched to Linux a few years ago.

[–] tomiant@piefed.social 6 points 4 hours ago* (last edited 3 hours ago) (1 children)

Only thing I find annoying with full volume LUKS encryption is that it makes it difficult to resize partitions, it's a whole thing, but it's a minor hassle and not something I'd do every day anyway.

[–] slowbyrne@lemmy.zip 1 points 22 minutes ago

I like to use btrfs subvolumes inside a luks lvm volume for this reason.

[–] Miller@lemmy.world 84 points 6 hours ago (1 children)

You mean that thing everyone knew about since the authorities derailed open-source TrueCrypt and forced them to message their users that they should migrate to BitLocker?

[–] WesternInfidels@feddit.online 45 points 5 hours ago* (last edited 5 hours ago) (2 children)

There's an open-source successor to TrueCrypt called VeraCrypt. For that matter, as far as I know, one can still download the last version of TrueCrypt. It hasn't been disappeared.

It's true that the TrueCrypt developers retired and said that commercial packages like BitLocker were finally good enough and available enough that they didn't feel compelled to maintain TrueCrypt. I remember that. I think it's plausible that Microsoft has (or has provided to someone) back-door access to BitLocker, but I don't remember any hint that the TrueCrypt developers had been coerced; have you got something you can link to?

[–] Creat@discuss.tchncs.de 1 points 35 minutes ago

These days, if you're not on Windows you can use luks or just zfs with encryption enabled. Code is open and can be audited by anyone. But yes, VeraCrypt to my knowledge is also still a viable option.

[–] Miller@lemmy.world 9 points 5 hours ago (1 children)

Certainly at the time there was talk of coercion, there was talk the developers had been asked to put in a backdoor, had refused and then been encouraged to cease and desist their work on TrueCrypt and provide written recommendation of BitLocker, the wording of which did not seem to be their own. But people like conspiracies, maybe the authors did just move on, and if that was encouraged it probably was not as sinister as suggested. Security and privacy will always be duking it out.

[–] tomiant@piefed.social 4 points 3 hours ago* (last edited 3 hours ago)

But people like conspiracies,

In spite of the fact that they never happen and that government mass surveillance isn't a thing and hasn't been exposed repeatedly for decades and that we all know they have not been aiming to do this exact thing for the better part of a century and that they are genuinely evil and literally never prove themselves to be over and over and over.

[–] bitteroldcoot@piefed.social 39 points 5 hours ago (1 children)

Good.

We always knew it was there. They sold their soul to the NSA decades ago.

https://www.smithsonianmag.com/smart-news/how-the-nsa-stopped-trying-to-prevent-the-spread-of-encryption-and-decided-to-just-break-it-instead-4569969/

[–] tomiant@piefed.social 3 points 3 hours ago

I remember the day I saw the "Intel! Inside" commercial and the logo, and I thought, I don't fucking trust this company.

Yeah no shit Intel inside, you've got every fucking three letter agency inside.

I knew it was over the day they introduced UEFI and TPM.

[–] Carmakazi@piefed.social 53 points 6 hours ago

Tech megacorps are the fifth estate of their home countries, trusting your data to Microsoft or Google is essentially the same as handing it directly to the FBI and CIA.

[–] in_my_honest_opinion@piefed.social 14 points 5 hours ago (2 children)

LUKS, never had these problems...Too bad Win11 won't boot from it.

[–] iopq@lemmy.world 12 points 3 hours ago (1 children)

Okay, but what's the downside

[–] tux7350@lemmy.world 2 points 48 minutes ago

Cold boot attacks?

[–] FrederikNJS@piefed.zip 14 points 4 hours ago (1 children)

Dunno... Somehow that seems like a feature to me 😉

[–] tomiant@piefed.social -2 points 4 hours ago

I am so shocked! Well I instantly fucking knew it the second I learned about BitLocker back when and never EVER trusted it, but still, it is shocking!