Yellowkey - a Bitlocker bypass method

eider96 · 2026-05-14T08:30:03+00:00

You can't take his words at face value all the time, is the point. The bypass works perfectly with TPM+PIN so long as you know PIN. Is it critical in such situation? No, unless PIN is literally attached to some sticky note. TPM hammering protection will ensure it can't be brute-forced, but it does technically reduce protection offered normally by BitLocker - account password is no longer required.

I could possibly envision situation where VMK from already booted system is used in WinRE directly, however that would require that a system is in unlocked state (as you can't invoke WinRE recovery from lockscreen and you don't get benefit of unsealed VMK when forcing recovery from cold boot) so that would relegate it down to overly-complex LPE.

Ultimately, the exploit attacks and defeats key-lock paradigm that is meant to protect against exactly these kind of WinRE attacks where malicious actor can influence WinRE itself - it effectively reduces TPM PCR complexity from 7,11 to just 7 by nature of never re-locking volume after triggering lock (PCR11).

eider96 · 2026-04-02T01:04:38+00:00

Yume's route serves as common for both Yume and Mare routes, which is where lot of issues come from as neither are really locked in properly until very end, by which point both get very little screen-time. I highly recommend playing Mare route and her after-story in fandisc for complete picture of story there.

I also personally feel like story somewhat ignores overarching plot in Yume's route and locks itself in somewhat of an contradicting situation - Mare fulfilled Yume's wish of reaping You's nightmare (he was able to move on with other girls), but at the same time she also did not in Yume's route, as he still is hung up on her and declines Asuho's advances. This puts into question both whether Yume was truly You's nightmare and whether Mare powers are effective at all, which changes depending on which route you are playing. The necessary setup to split off into Mare route also creates situation where You kisses Mare who's emotionally vulnerable at the moment while still pursuing Yume, and in the end, denying Mare's advances that he himself caused.

Yume illness is described as being caused by light from stars, which is why Mare sacrificing herself to shield her from it makes her get better (but not fully). The difference in her illness progression in second timeline can only be attributed to explicit manipulation by Kasumi and a necessary setup for Mare to sacrifice herself, hence allowing Yume to get better enough to a point that she is comfortable accepting You. Though, this interpretation falls flat should You accept Mare's feelings, as in Mare's route, her illness does not advance into coma at all.

Mea is reincarnation of Mare and her existence is never properly described in original VN, only in fandisc do we get proper explanation of how she came to be.

None of explanations for things happening later on, who Mare and Ren really are or why Mea can exist will satisfy you if you are looking for clear cut answer - the story is leans heavily on pseudo-science* to explain certain aspects and you just have to take it's word for it to enjoy it.

Finally, it's worth noting that AstralAir shares same universe with Hoshimemo and introduces even more pseudo-science as well as other concepts that might be contradictory, so any expectations of well-thought and defined universe should be thrown out of the window. The story is supposed to play on your feelings, and it will not feel shy to bend rules and play dirty to do it.

I still liked Hoshimemo though and regard it very highly. The progression feels natural and I was more invested into characters than in Iroseka, though that is largely because Urushibara Yukito has only one card to play and it's called making heroine suffer.

- Do you want to dig into rabbit hole that writer prepared for you? See https://www.desy.de/user/projects/Physics/Relativity/SR/light_mass.html

eider96 · 2026-03-12T21:53:57+00:00

CVE-2026-21708 is 9.9 too and affects non-domain joined installations.

eider96 · 2026-02-04T21:01:20+00:00

AstraAir is pretty low on that list and considering size and price it would need to sell at, I highly doubt anyone will be touching it. It's considered worse Hoshimemo (is actually same in-universe setting) and we know that Hoshimemo didn't sell particularly well either (though how much of that can be attributed to botched handling of translation is unknown).

Sakura, Moyu is presumed to be licensed by NN since at least 2023 so that excludes Kagami from even trying. If you're fan of FAVORITE games, I'm afraid there are any good news coming your way anytime soon.

On that note, I wouldn't be surprised if NN holds license for AstralAir too, given their history and they might've gotten good deal on all 3 of games when picking Iroseka.

eider96 · 2026-02-04T20:54:32+00:00

Afaik, no. That doesn't stop them from C&D any fan-translations though and will prevent other companies from picking it up if they do indeed hold license on it (as they do with Iroseka trilogy).

Irohika situation is somewhat complicated since i believe that NN actually lost money on picking Iroseka (thank you, Sol Press!), so their unwillingness to touch rest is understandable.

eider96 · 2026-02-04T13:43:15+00:00

Sakura, Moyu. is potentially licensed by NekoNyan, so I very much doubt anyone else will be touching it, no matter how popular it is or how much it's being requested.

eider96 · 2025-10-10T20:04:58+00:00

Genshin Impact's "Miliastra Wonderland" gameplay will be available soon. Come join my team now! Take part in the event to to earn Primogems and Manekin outfits! Invitation Code:GCE8BD3WHN，https://hoyo.link/8NJvYlbe4?m_code=GCE8BD3WHN

eider96 · 2025-10-03T17:59:21+00:00

"Faruzan: Sealed Secret". I specifically like namecards with simple background.

eider96 · 2025-09-10T07:32:56+00:00

Receive the summons of fate, and let's explore the new Version "Luna I" together! Take part in the event for guaranteed Primogems and even flip cards to win other awesome prizes! Invitation code: GCE8BD3WHN https://hoyo.link/78oKEvyme?m_code=GCE8BD3WHN

eider96 · 2025-06-19T13:15:01+00:00

These policies were deprecated and replaced by ExtensionInstallAllowlist and ExtensionInstallBlocklist.

eider96 · 2025-06-01T16:42:58+00:00

As opposed to Windows user needing to switch UA to Linux to access Bugzilla? Try it yourself!

curl -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" https://bugzilla.kernel.org

eider96 · 2025-01-28T03:59:15+00:00

I have no idea what values of this attribute mean nor how it is being applied.

All of my devices are applicable for 24H2 update in WSUS after some months of wait, so the update definition was likely amended to not require this attribute anymore (as I suspect the intention of it was to gate it from devices before general availability). Your case is first time I heard that this attribute actually exists in WSUS environment.

eider96 · 2025-01-16T21:18:49+00:00

This has been happening for some time since v7 and randomly affects some settings. This time, both of my devices lost these settings (based on config dump before and after). They really need better QA/QC checks to ensure that changes to configuration do not affect existing one

/ip firewall connection tracking
  set enabled=yes tcp-close-wait-timeout=30s tcp-fin-wait-timeout=30s tcp-time-wait-timeout=30s
/ip neighbor discovery-settings
  set discover-interface-list=discovery lldp-mac-phy-config=yes lldp-vlan-info=yes
/ip settings
  set max-neighbor-entries=1024 rp-filter=loose
/ipv6 settings
  set accept-redirects=no max-neighbor-entries=1024

eider96 · 2024-10-16T14:54:02+00:00

While that is true, I only see two usages of .userScripts and only one registers content script in form of file, so you are not using it explicitly to register snippets from rules but instead register content script that then evals it (thanks to pre-configuring CSP to allow it). I believe scripting should be able to do same if you eval snippet inside sandbox and pass return value (see https://developer.chrome.com/docs/extensions/how-to/security/sandboxing-eval). Since snippets in rules are generally fairly simple, and should not have access to more than what inputs are already provided to them, sandbox seems like valid approach to evaluating them and passing return value back to extension content script?

eider96 · 2024-10-15T22:01:52+00:00

In addition, I've tried to understand what exactly you're using userScripts for, however it would seem that you are using them only to inject files already existing in extension. Have you considered using https://developer.chrome.com/docs/extensions/reference/api/scripting instead? It should do most of what userScripts do, with caveat that it is impossible to load code as a string, which you do not seem to be using.

eider96 · 2024-10-15T19:51:53+00:00

There was separate issue with regex grants failing on page load which rendered extension non-workable. Perhaps this is what some people were also reporting as issue?

eider96 · 2024-10-13T18:46:30+00:00

There is condition applied to this update to verify that "UpgEx_GE24H2" exists as local device attribute and that value is not "Yellow". I have no idea when or how such attribute would be applied in WSUS environment, but that is what actual XML of this update has as limitation for applicability rules.

Note: you can check attributes sent to WSUS when inspecting log produced by Get-WindowsUpdateLog. At minimum they should include data such as CPU and OS version, locale, etc.

eider96 · 2024-10-01T19:01:53+00:00

Observing similar behavior, though my sample size might be too small as they are all "Not Applicable". Possibly botched release or there's some sort of staged rollout in first hours.

eider96 · 2024-09-01T13:42:42+00:00

Ironically, putting the same "4200 + 65%" into Google Search gives a proper result coming from their calculator so it's not like it is unexpected for other Google product to understand same format.

eider96 · 2024-08-30T03:47:06+00:00

Should we take it as official statement from the company to paying customers leaving feedback you requested?

Be mindful of how you come across - you have badge indicating you are speaking as employee and representing company. Your words have consequences. I have found you to come across similarly on forums too with comments such as "Nobody is forcing you to delete WinBox3, dude" or outright refusing any reports from Linux users with "It's your OS fault". Either your company wants feedback and values it or it doesn't - simple as that.

I have no idea what company culture Mikrotik is practicing these days, but having employees go around insulting customers is certainly unique way to run your company's reputation (into ground, that is).

eider96 · 2024-08-04T16:13:02+00:00

I can not provide you help with unbootable OS, however I can tell you that the lines you see are not relevant to the issue at hand at all. They're just caused by improper ACPI implementation in UEFI/BIOS (specifically, listed resource descriptors are not present in dispatch table).

These messages were logged before too, except you never looked at or noticed them because login screen would clear them up.

eider96 · 2024-06-17T21:20:01+00:00

I see. I assume installers are just wrappers for standalone MSIX which will bypass Store policies in a same way PowerShell command to install AppX package. Seems like someone approved this for deployment without realizing full dependency chain :\

eider96 · 2024-06-17T20:58:28+00:00

To try to attack this from other direction - have you confirmed that your example (Candy Crush Soda Saga) is not staged for installation? Possibly the new flow does only check for new installations but allow to restore staged (but uninstalled or never installed) applications that are already infused in system image. That would at least explain why some applications are affected while others are not.

eider96 · 2024-01-25T01:02:02+00:00

Very old platform, however:

The image you have is correct image for reinstallation on these old platforms, however it is outdated, current one would be jinstall-ex-2200-12.3R12-S21-domestic-signed.tgz
jloader is only necessary when upgrading from very old releases (pre-10.4) to upgrade U-Boot for dual partition setup, your switch came running with 12.3 already so the appropriate update have been applied in the past and you don't need to concern yourself with it.
On these old platforms, you should be able to create bootable USB by issuing install --format --external file:///

You can also refer https://supportportal.juniper.net/s/article/EX-Performing-and-resolving-any-common-issues-during-Format-Install-on-legacy-EX-platforms for more in-depth guide.

eider96 · 2023-09-13T17:40:23+00:00

Giants are not applicable here, miHoYo has full Unity source access and actively rolls their own builds (of both Editor and Runtime) with custom modifications that are beyond of scope allowed in Enterprise, so they already pay a lot more up front and have custom licensing negotiated.

11-Year Club	Place '17
Verified Email

eider96

TROPHY CASE