Ripple’s former chief know-how officer, David Schwartz, issued a pointy public warning this week over a newly surfaced Home windows BitLocker vulnerability, describing it as one of the vital severe safety flaws he has encountered in years.
His remarks landed alongside a separate alert a few wave of scams focusing on XRP Ledger customers, signaling rising stress on each client gadget safety and on-chain belief.
Schwartz Points Stark Safety Warning Over BitLocker Flaw
Schwartz mentioned the exploit permits attackers to bypass Microsoft’s full-disk encryption utilizing a fundamental USB-based technique. The shortage of authentication prompts has fueled hypothesis that the mechanism resembles a backdoor greater than a traditional bug, given how little technical effort the reported entry path requires.
The flaw issues for anybody storing delicate materials on a Home windows gadget, together with personal keys, restoration phrases, or work paperwork. Schwartz’s prior commentary on protocol-level safety and incentive design has drawn broad business consideration, lending weight to his evaluation of the BitLocker problem.
The disclosure provides to broader concern about software-level assaults shifting into crypto-adjacent territory, the place personal key publicity can set off direct, irreversible loss for retail holders counting on disk encryption to guard chilly storage backups.
Ripple CTO Extends Alert Over XRPL Rip-off Surge
In a separate publish, Schwartz flagged a pointy rise in rip-off stories focusing on XRPL customers. Faux airdrops and impersonation accounts are the commonest patterns. Impersonators usually clone verified profiles and immediate holders to attach wallets to drainer contracts.
The development mirrors a broader rise in scams flagged by monetary regulators in latest months. For XRP holders, the danger is amplified by the ledger’s pseudonymous nature and the absence of recourse as soon as funds transfer.
Schwartz, whose public profile inside the XRP ecosystem makes his advisories broadly circulated, urged customers to disregard unsolicited airdrop prompts and confirm official communications independently earlier than connecting any pockets.
AI-Constructed Exploits Add to Safety Warning
The warnings arrive as Google mentioned it had intercepted a reside AI-built zero-day exploit earlier than mass deployment. The Python-based assault reportedly bypassed two-factor authentication on a broadly used open-source admin software.
Defensive AI techniques comparable to Huge Sleep and CodeMender at the moment are being rolled out in response. Whether or not endpoint encryption and client authentication can hold tempo with that shift is the open query.
The publish Ripple Ex-CTO Sounds Alarm Over ‘One of many Worst Safety Flaws’ He’s Ever Seen appeared first on BeInCrypto.