This is the same problem I'm currently facing with WireGuard. No warning at all, no notification. One day I sign in to publish an update, and yikes, account suspended. Currently undergoing some sort of 60 days appeals process, but who knows. That's kind of crazy: what if there were some critical RCE in WireGuard, being exploited in the wild, and I needed to update users immediately? (That's just hypothetical; don't freak out!) In that case, Microsoft would have my hands entirely tied.
If anybody within Microsoft is able to do something, please contact me -- jason at zx2c4 dot com.
Now this is even more alarming! Wireguard's creator has their Microsoft account suspended...
<Tin foil hat on>
Microsoft doesn't want to allow software that would allow the user to shield themselves, either by totally encrypting a drive, or by encrypting their network traffic!
</Tin foil hat on>
They need to get some tech site like Arstechnica to write about it, like they did when neocities couldn't get ahold of bing. The only way to contact these tech companies to speak to a real human being and not a chatbot is if you know somebody who works there or if the media writes about it.
This is worrying on many levels. So Microsoft force you to create an account to use Windows and then they reserve the right to block you from your own account, thereby potentially making you lose access to all your OWN data. This is crazy and yet another reason to stop using Windows as soon as possible.
You can, but it's more than a warning. VeraCrypt has a signed kernel driver, which has higher requirements. You'll need to boot into a special Windows mode and disable Driver Signature Enforcement.
As someone who is just planning to publish signed desktop software for Windows, this is deeply worrying. What reasons could there be for cancelling a certificate, especially when it has been used for years and the identity is already established?
Are there some ways to combat such decisions legally?
Realistically speaking - anything could be a reason. A shakedown or blocking based on some "nudge" (this might come across as tin-foiled though). Some flag/trip-wires going wrong, more worryingly due to a bug/false alarm - and this is more worrying because in this case semi-incompetent large orgs like MSFT find it really hard to accept it, fix, and move on. Some change in OP's account that either they don't see or haven't realised - some edge case, you never know.
And of course, it doesn't affect their earnings and there are no consequence, or significant, so they won't care and won't respond or tell what went wrong.
Can one move legally? Sure. But then it effectively is a combo of who blinks first and who can hold their breath longer.
This is a concern and risk that has realised itself multiple times over the past decades. There have been multiple stories linked to multiple developers in the past.
If you publish to any closed platform including ios, mac, win, android, this is the risk you run and a condition of operating you will need to accept.
There's more to it. Signed desktop software can be signed by any CA.
Veracrypt has kernel drivers. Microsoft's ability to control what you can sign is specific to kernel drivers, and Microsoft's trigger finger around bans exists in the world where bad drivers BSOD machines.
Seeing this kind of friction makes me more confident in VeraCrypt. The tools that never seem to run into trouble with platform gatekeepers are the ones I'd worry about.
As much as I like bashing Microsoft, never underestimate people's capacity for incompetence, especially where large organizations are involved. I don't see how they would gain anything from this move.
True, however, that has been the case for quite a while. This particular incident doesn't change that, except for the VeraCrypt developer, who is in a crappy situation now (not just regarding VeraCrypt, he mentions he was using the certificate for his main job as well, so this sucks a lot for him).
maybe an old vulnerable signed driver can be used to load the new version :D. on a more seirous note, i think contact with a person at MS, likely via socials triggering that, might help here. It all depends on the reason for the ban/block/cancel.
if they had a reason other than 'oops mistake' its likely just going to remain in place.
(sadly, that is how MS is. if you care for privacy maybe go to BSD)
That's especially ridiculous because this whole security mechanism that Microsoft is forcing on Windows user doesn't even work. There are tons of leaked certificates and on forums dedicated to game hacking you can find guides on how to get your hands on one yourself. People there use them to write kernel drivers for cheating in games. Game developers often blacklist these in their anti-cheat software so that the game no longer launches on a computer using a driver with that certificate. Microsoft however does not do this and malware developers can then simply use the certificates for their own purposes.
So all this nonsense is basically just a restriction on regular users and honest developers while the “bad guys” can get around it.
We need a better way to sign and verify software. Clearly companies like Microsoft and Apple have not been good for the open source communities and are inhibiting innovation.
What would be the point? How would you prevent malware from being signed? Currently, code signatures are used as a signal for trustworthiness of the code.
It's perhaps naive, but could he create a new organisation, like a "TotallyNotVeraCrypt" French loi 1901 association, at a different address, and create a new microsoft account by making sure it passes all the requirements.
Yeah but isn't the point of these certificates to express trust?
The point isn't (or: shouldn't be) to forcefully find your way through some back alley to make it look legit. It's to certify that the software is legit.
Trust goes both ways: we ought to trust Microsoft to act as a responsible CA. Obfuscating why they revoked trust (as is apparently the case) and leaving the phone ringing is hurting trust in MS as a CA and as an organization.
That's what VeraCrypt is, a fork of the original TrueCrypt after all drama, security doubts, and eventual discontinuation. It took a long time and two independent audits to establish trust in it.
It wasn’t always scummy… but there was a definite shift after they got bought. It’s kept getting worse since then.
Then again, this was something like 20 years ago. Back then, Sourceforge was something closer to GitHub today. It was the de facto public source repository. You could even get an on-premise version, IIRC.
Actually, this is sounding a lot like GitHub these days… not sure what that means.
If anybody within Microsoft is able to do something, please contact me -- jason at zx2c4 dot com.
<Tin foil hat on> Microsoft doesn't want to allow software that would allow the user to shield themselves, either by totally encrypting a drive, or by encrypting their network traffic! </Tin foil hat on>
Microsoft even supports Wireguard in Azure Kubernetes Service.
Switch to Linux if you can, and come give Shufflecake a try ;)
https://shufflecake.net/
https://x.com/i/status/2041698657368703484
Are there some ways to combat such decisions legally?
And of course, it doesn't affect their earnings and there are no consequence, or significant, so they won't care and won't respond or tell what went wrong.
Can one move legally? Sure. But then it effectively is a combo of who blinks first and who can hold their breath longer.
If you publish to any closed platform including ios, mac, win, android, this is the risk you run and a condition of operating you will need to accept.
Veracrypt has kernel drivers. Microsoft's ability to control what you can sign is specific to kernel drivers, and Microsoft's trigger finger around bans exists in the world where bad drivers BSOD machines.
In general this isn't your problem.
if they had a reason other than 'oops mistake' its likely just going to remain in place. (sadly, that is how MS is. if you care for privacy maybe go to BSD)
The point isn't (or: shouldn't be) to forcefully find your way through some back alley to make it look legit. It's to certify that the software is legit.
Trust goes both ways: we ought to trust Microsoft to act as a responsible CA. Obfuscating why they revoked trust (as is apparently the case) and leaving the phone ringing is hurting trust in MS as a CA and as an organization.
The burden of usage/access is now solely on the customers and the feeling is that regular customers are just a nuisance to be ignored.
Then again, this was something like 20 years ago. Back then, Sourceforge was something closer to GitHub today. It was the de facto public source repository. You could even get an on-premise version, IIRC.
Actually, this is sounding a lot like GitHub these days… not sure what that means.