Some EDRs do some decryption, this could be a problem if your key is weak. Although imo the biggest issue is that XOR is transitive and associative, so without using a nonce, it is vulnerable to known clear text attacks. Like clear ^ key = enc so clear ^ enc = key

❤❤❤❤

Have the passkey long enough and xor is good to go 😂