HN
Today

Microsoft Abruptly Terminates VeraCrypt Account, Halting Windows Updates

Microsoft abruptly terminated the account VeraCrypt uses for Windows driver signing, crippling its ability to deliver crucial updates and leaving its developer without explanation. This incident highlights the precarious reliance of open-source projects on major tech platforms and their often opaque, automated decision-making processes. Hacker News users are expressing significant frustration over Microsoft's perceived unaccountability and control over the software supply chain.

103
Score
14
Comments
#9
Highest Rank
5h
on Front Page
First Seen
Apr 8, 3:00 PM
Last Seen
Apr 8, 7:00 PM
Rank Over Time
191291115

The Lowdown

Microsoft has unexpectedly terminated the account of VeraCrypt, a widely used open-source disk encryption software, disrupting its capability to provide Windows updates. The developer, Mounir Idrassi, stated he received no prior warning or clear explanation for the action, jeopardizing the project's future for its primary user base.

  • VeraCrypt, an open-source data encryption tool, uses Microsoft accounts to sign Windows drivers and bootloaders, essential for updates.
  • Developer Mounir Idrassi discovered the termination in mid-January, receiving only a vague message stating his organization "does not currently meet the requirements" with no appeals.
  • This termination prevents Idrassi from releasing Windows updates for VeraCrypt, severely impacting its user base, while Linux and macOS updates remain unaffected.
  • Idrassi expressed frustration over Microsoft's lack of communication and the use of what he believes are AI-generated, unhelpful responses from support.
  • The article notes that WireGuard, another popular open-source project, has reportedly faced a similar abrupt account suspension from Microsoft. The incident underscores the vulnerabilities in the open-source software supply chain, where vital projects can be unexpectedly crippled by the unilateral decisions of large tech corporations, often without clear recourse or explanation.

The Gossip

Microsoft's Malice and Monopoly

Commenters lambasted Microsoft for its perceived arbitrary power, "crappy" services, and consistent history of "holding back the tech industry." Many expressed a desire to ditch Microsoft, equating its practices to other large, unaccountable tech giants like Google, but with a paid product.

The Futility of 'Fix-It-Yourself' Solutions

When some users proposed complex technical workarounds like disabling Secure Boot or enrolling custom certificates for driver signing, others quickly pointed out the absurdity and impracticality of such suggestions for the average user, likening it to asking "Grandma" to manage a PKI infrastructure.

Secure Boot's Sneaky Surveillance

A significant point of discussion centered on the irony and potential danger of Microsoft controlling the secure boot chain while simultaneously terminating the account for a crucial disk encryption tool. Commenters highlighted the inherent conflict and the power Microsoft wields over what software can run on "their" operating system, even if it's the user's hardware.