A great piece by Micah Lee on the Elephant diffuser used in Bitlocker being removed from Windows 8 onwards, to Microsoft’s Secure Boot implementation which makes third-party full-disk encryption alternatives difficult.
“In addition to sometimes sharing user data from Skype and Outlook.com, Microsoft also reportedly shares information on bugs with security implications. Such bugs, before they are fixed, can be used in much the same way as backdoors. In fact, in many situations disguising a backdoor as a security bug is a great way to hide it because it provides plausible deniability. If your backdoor is ever discovered, you can claim that it wasn’t a backdoor at all but rather a bug that you didn’t know about. Bloomberg reported in 2013 that “Microsoft Corp., the world’s largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix.” These bugs, if weaponized, could be used to access any computer running vulnerable Microsoft products.”