Having your own domain is key to owning your digital identity. I migrated from google to proton seamlessly and I can migrate away if (or when) Proton turns to shit. 80% of mailboxes are owned by ether Google, Yahoo, or Microsoft. We know they can’t be trusted with that much power.

Somebody on twitter “reverse engineered” the exploit. Apparently ms shipped debug code in production. At least it’s not called Backdoor_FBI outright.

How it works:

1. Recovery tools look for a config file called RecoverySimulation.ini on the OS drive
2. If Active=Yes, it enables “test mode” for the recovery tools
3. Test mode unlocks your BitLocker drive but a flag called FailRelock tells it to skip relocking
4. cmd.exe spawns with full access to your “encrypted” drive

Apparently they are amazing aides for the visually impaired.

full thread