this post was submitted on 13 May 2026
973 points (99.7% liked)

Technology

84798 readers
4806 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
973
Microsoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoor (www.tomshardware.com)
submitted 6 days ago by throws_lemy@lemmy.nz to c/technology@lemmy.world
166 comments fedilink hide all child comments
 

YellowKey reportedly works in Windows 11, Windows Server 2022 and 2025, but not in Windows 10.

you are viewing a single comment's thread
view the rest of the comments
[–] Bazoogle@lemmy.world 4 points 6 days ago (1 children)

They said in the article they recreated it on their own. So it couldn't just be the proof of concept.

If some FBI agent is using a USB drive to unlock a laptop at work, what’s the point of making the drive single use?

Under cover/covert operations do actually happen.

[–] ExLisper@lemmy.curiana.net 1 points 5 days ago (1 children)

They said in the article they recreated it on their own. So it couldn’t just be the proof of concept.

This could mean they just put the files from the exploit on a drive and reproduced it. The author of the exploit claims it's very complex and no one knows how it works yet.

Under cover/covert operations do actually happen.

So what's the scenario they are protecting themselves against? Someone catching the agent right after they unlocked some encrypted drive with the USB drive still on them? It sounds very far fetched to me that FBI would request a backdroor from Microsoft with this very specific requirement. I think it's more likely they would cover it on their side with some easily erasable USB drive. Plus such a solution would also let them get rid of the backdoor if they are caught before they used it.

[–] Bazoogle@lemmy.world 1 points 5 days ago (1 children)

It's possible this was just added by the guy for his proof of concept, so I guess we'll see when more information is released.

So what’s the scenario they are protecting themselves against?

I mean, if you had a USB backdoor why wouldn't you automate the removal of evidence? It would make disposal a lot faster. You can just unplug it and physically destroy it to be safe.

I think it’s more likely they would cover it on their side with some easily erasable USB drive.

Why not both? Redundancy never hurt.

[–] ExLisper@lemmy.curiana.net 1 points 5 days ago

It's definitely possible to add a feature like that to a backdoor but I don't see how that's a proof it's a backdoor. It's definitely not something backdoors always do and we don't know if this functionality is in Windows or it's part of the exploit. So am I missing something? Or are people just jumping to conclusions?