Jonathan Kamens 86 473d ago
#Microsoft locks account that #VeraCrypt maintainer uses to sign #Windows bootloaders with no explanation or route for appeal. If they don't fix this, in a few months every Windows computer that uses VeraCrypt whole-disk encryption will stop being able to boot and all the data on it that isn't backed up elsewhere will be lost. 🤦
If this doesn't convince you big tech has too much control, I don't know what will.
h/t @zackwhittaker
https://techcrunch.com/2026/04/08/veracrypt-encryption-software-windows-microsoft-lock-boot-issues/
#infosec #privacy #TechIsShitDispatch
Developer of VeraCrypt encryption software says Windows users may face boot-up issues after Microsoft locked his account | TechCrunch

The maker of the popular open-source file encryption software VeraCrypt said Microsoft locked his online account, which may prevent device owners from booting up their computers.

TechCrunch
Show threadManawyrm | Sarah3d ago
@jik @zackwhittaker
Weeeelll, that's a bit too much panic!
Yes, the machines might not boot anymore, but the data is still there.
It can still be read on a normal Linux Live-ISO just fine.
Show threadAndrew Zonenberg3d ago
@manawyrm @jik @zackwhittaker wait, so if the certificate expires *existing signed binaries* will no longer run? Does this mean any signed bootloader has an inherent shelf life and will need to be re-signed every so many years even if no changes are being made to it?
Show threadGraham Sutherland / Polynomial3d ago
@azonenberg @manawyrm @jik @zackwhittaker afaik no. the expiry usually isn't enforced.
Show threadManawyrm | Sarah3d ago

@gsuberland @azonenberg @jik @zackwhittaker that's what I would've expected as well, but I'm not 100% sure about how Windows driver signing works.

Either way, the data is perfectly fine :)

Show threadJeff Codes3d ago

@manawyrm @gsuberland @azonenberg @jik @zackwhittaker

The data may be fine; however, not everyone who may use VeraCrypt has the same knowledge and skill base to know to pull up a Linux Live USB and go get their data back. I've encouraged non-technical users to use easy breakthroughs to add encryption to their Windows Home environments. They definitely will not have the knowledge do just go do this. Many may not have another device to create the Linux Live USB either.
This is still a problem, whether or not the data is still available through other means.

Show threadManawyrm | Sarah3d ago
@jeffcodes @gsuberland @azonenberg @jik @zackwhittaker I'm very sorry, but users that aren't capable of getting help with recovering such data from someone that can handle a Linux Live ISO shouldn't be using VeraCrypt to begin with.
It's extremely likely to just cause your system to stop booting (and that has happened to me 5+ times in the years I was using it) -- it's just a regular occurance and you'll need to deal with these things as a user.
Show threadmossman

@manawyrm @jeffcodes @gsuberland @azonenberg @jik @zackwhittaker I used VeraCrypt (and before that TrueCrypt) on the main home desktop for over a decade (and used it on a couple of other machines) yet never once had a problem with it. I had problems with stupid Windows Update not updating because it didn't like the encrypted volume being there, but that was a different thing.

That ancient machine is now using Linux (and is actually running better than ever, fit as a fiddle) *precisely* because of MS pulling stunts like this, otherwise I'd be cursing them yet again now. I'm still using VeraCrypt volumes on an external disk for backup since that allows secure access with both OSes. Assuming MS doesn't screw that up on our windows laptops as well...

Apr 8 at 9:53pmWeb