Europe Pub (PieFed)Microsoft Mysteriously Freezes Accounts for VeraCrypt, WireGuard, Windscribe
www.pcmag.com/news/microsoft-mysteriously-freezâŠ
65 Comments
Comments from other communities
ScrubblesHanselman pointed to a Microsoft blog post noting that, starting in October, the company began requiring âmandatory account verification for all partners in the Windows Hardware Program,â which also covers certifying software drivers. Last month, the company updated the post to say: âAccounts that did not successfully complete account verification and received a Rejected verification status have been suspended from the Windows Hardware Program, and submissions from these accounts are no longer permitted.â
So they didnât hand over their blood and urine samples to Microsoft so they donât get to be developers anymore
Except it notes that the wireguard dev definitely complied with that so while Microslop might be hiding behind that fiction it is just a fiction and not the real cause.
Iâm suspicious if it isnât because the US has discovered something exploitable in both wireguard and veracrypt and want to prevent it being patched while they (the US) unleash it against their enemies over a prolonged period. That or just crushing privacy.
Linux stay winning I guess as this would be the first case in history where Microsoft has used its position as gatekeeper to prevent Windows users from running software they want to run in this manner. Even worse you have to disable driver signature enforcement system-wide to bypass it, itâs more locked down than Apple which can grant per application gate-keeper exemptions. Itâs just up until now Microsoft handed out driver signing like candy.
Itâs interesting both of these are also tools likely be targeted by the âchild safetyâ panic being shopped around to enact ID laws. Encryption without a backdoor is something they really hate whether itâs for data in transit or at rest.
One last thought is that Microsoft mentioned kicking third parties out of the kernel after the Crowdstrike fiasco where they borked a ton of airline computers due to awful practices. Many hoped it would mean kicking anti-cheat out of the kernel but it would be very Microsoft to start with kicking privacy tools out instead and simply insist that using Windows bitlocker is enough and Windows VPN settings are adequate and therefore these software neednât be in the kernel.
hoshikarakitaridiaâNot every âWTF micro$oftâ moment is a slam dunk,â
Brother, your quotas of shit hitting the fan is reaching fecal velocity of new degrees. Your companyâs current state of existence has absolved you of the right to a balanced perspective.
What Iâm trying to say is itâs never gonna Microsoft 100% of the time, but at this point no one trusts you, and youâve earned that, and now you have to live with the consequences. I know this Microsoft contact is probably not the reason, but he is still working there, and that means he deserves some of the blame on a constructive level.
Microsoftâs partner portal website mysteriously said his account had been deactivated, without specifying why.
My money is on Microsoftâs AI based detections causing false positives again. I spend way too much time chasing ghosts from Defender. Their machine learning based signatures are especially egregious. You get an alert with a name like âWin32/Wacatac.b!mlâ. That last âmlâ bit denotes that itâs machine learning based. And then you get fuck all to help you determine why the alert fired. Sure, it might actually be a trojan. More likely, itâs a false positive. But who knows, because Microsoft wonât provide enough information to perform a reasonable analysis of the binary.
And MS has been pushing CoPilot hard. Itâs in everything and itâs happy to slop up answers for you. The accuracy of those answers though can be a bit spotty. Iâd certainly never turn it loose on tools which can have business impact. But, I doubt Microsoft has any such reservations about letting CoPilot slop all over third party devs.
Microslop doing microslop things.
Microsoft Gave FBI Keys To Unlock Encrypted Data, Exposing Major Privacy Flaw
They donât want you to be able to use encryption they canât control.
Probably the government is the one telling them to do it, the governments I should say. By probably I mean absolutely although they will be given their own enticements for doing such things.
Tbf they literally tell you that your keys will be uploadedâŠ
I dunno that âtheyâre open about itâ makes it any better
Doesnât it? You get the option to use it knowing its got extra security against hackers, but no security against Microsoft or state actors who can demand the keys.
When you live in a police/surveillance state, youâre a fool to fear criminals more than the government.
Funny how paperwork never really seems to be a problem for any other OS.
Itâs not a conspiracy, just plain old incompetence.
The older Iâve gotten (or the further into late stage capitalism), the less Iâm inclined to accept âNever attribute to malice, that which can be adequately explained by incompetenceâ (- Napoleon, perhaps) and the more I subscribe to âWhy not both?â.
âItâs probably malice.â
Any sufficiently advanced incompetence is indistinguishable from malice.
Nice.
Thereâs definitely plenty of evidence for both at MS.
No, itâs incompetence to have the hubris to do this on purpose.
Few journals criticize Apple (and Apple doesnât reveal these things that often) and the rest have no mandatory certification.
Wow, thatâs pretty damming. Three of them? This canât be a random absurd error like it plausibly could have been for the first one reported.
There must be a really big flaw in their system if three VPN devs just âmissed an emailâ. Is Microsoft sending the emails from a bullshit sus address?
Eh, it could be just a vibe code blunder, given this hit a suitably large number of others.
Which would be equally damning.
Donât give benefit of the doubt to fascist. They thrive on that.
Hmfhh, quite so, dropped thisâŠ
/s
Introduce mandatory signatures for driver files, they said. Itâs so safe, itâs for your protection against viruses - they said. Keys can always be revoked from unscrupulous developers - they said. It will never be used to fight opensource, they said. It will never be a tool against inconvenient CIA applications - they said.
My guess?
NSA is currently figuring out how to insert backdoors into all these things.
You see, the last backdoor they used all the time, wellâŠ. people figured it out.
So, they had to ban uh, checks notes, apparently all routers, basically.
So, now they need a new backdoor into literally everything.
And ban firmware updates for existing models.
Meanwhile, Russian state hackers use vulnerabilities in old routers to poison DNS and steal credentials through MITM attacks. Agent Krasnow just keeps delivering.
Whoa, I heard about banning non US routers, they also banned firmware updates on existing hardware?
Could you in theory demand a refund from the government if you were willing to switch to their backdoor US hardware now?
@Skankhunt420@sh.itjust.works was faster than me (thanks!). Yes, as of now, firmware updates for existing models are only allowed for yet another year and must be discontinued after. As always in this administration, the reasons given for these measures (Chinese attacks on US infrastructure) are built on lies and misinformation (none of the attacks targeted consumer routers). Hence, this is likely just another shakedown: âpay us a bribe or weâll damage your opportunities to do business in the US.â Depending on whether foreign router vendors opt to go this route and give in to the orange grifterâs demands, things may be different in a yearsâ time.
From a government of the Epstein class, by the Epstein class, for the Epstein class? No. You most certainly cannot.
âWaiver Expiration: This permission to receive updates for existing routers is currently scheduled to last until at least March 1, 2027, at which point the agency will re-evaluate.â
I didnât realize this either until this persons comment you replied to. Scary as fucking hell shit dude. Honestly. We have lost so much freedom over the years.
They didnât get any punishment for that coup and Biden was a piece of shit that lost us abortion while wearing a fucking MAGA hat right before the election like the piece of shit tool he is. The fact no one fucking put two and two together over these established Dems is why weâre here.
Then they beat you down if you dare say this to anyone.
Why the fuck did he wear a MAGA hat? Thatâs why Iâll never trust those fucking assholes.
Yikes! That is insane ontop of the already insaneness of the banning.
Not quite. The way the NSA and CIA usually work with Microsoft for exploits is pretty much just having them hold off on specific updates whenever needed.
In this case it sounds like they have specific targets using windscribe and veracrypt that they need to remain unpatched.
Pretty wild to see them this brazen. They really donât want citizens to have access to encryption of any kind. Whatâs the tipping point?
Stop spreading FUD.
What do you mean no access to encryption of any kind? That phrase makes zero sense.
Of course they want you to use backdoored encryption.
Ok. Since you have no ability to infer let me be a bit more direct: the government does not want you to have properly functioning encryption ciphers (that is, not tampered with, backdoored) applied to virtual tunnels (whether client, server or firewall level) or disks (virtual or physical) and they are incredibly transparent about it.
Furthermore, one could say we are all under reacting to the current assault on human privacy as a whole, including but not limited to, age verification bills being pushed in multiple countries, ai surveillance, operating system level id verification efforts, backdoors (physical or within software), VPN bans, mobile operating system lockdowns, etc.. under blatant authoritarian governments.
To downplay the seriousness of the current state of reality would in itself be disinformation and truly makes me curious as to why you thought about spewing such nonsense in response.
Hahaha. Wosh!
You have zero ability to infer clear sarcasm.
Didnât go the way you thought yeah?
Iâd like to believe that this means that these three pieces of software actually work and that someone in high office has decided that that is unacceptable.
Paranoid authoritarians really do not like ordinary people having access to secure communications and personal privacy. That might be an avenue they can use to organise and elect someone who isnât a paranoid authoritarian, and that wonât do.
On the other hand, these pieces of software might already be compromised and this is all an elaborate double-bluff.
In which case itâs time for a few well placed communications over purportedly secure channels that would be guaranteed to generate an authoritarian response. Which theyâll then have to pretend they didnât read until itâs too late.
Iâm talking organising - horrors - peaceful protests. They really donât like those. They have to use their brains, or someone elseâs, in order to find a good excuse to stick the boot in.
full disk encryption and VPNs wont do anything if the OS just starts snitching on you anywaysâŠ
How many more of these do people really need to just get the fuck out from under Microsoftâs umbrella?
Totaly agree, but dev need to sign their software to run on windows.
Yeah, no, I totally get it. It just blows that people just bends over like this for all the corpo bullshit, users, devs and other companies alike. I have a small business with my wife, and I try to run as much as humanly possible on open source software. I donate to the platforms we use, and for almost 3 years weâve gotten away with not giving any money to Microsoft, Google, Amazon, Apple or any of the other tech giants. It is a Titanic task to keep everything running, for sure, but absolutely worth it. My point is that, if we can do it being so small and barely profitable, I canât imagine larger companies having an issue with moving away from these predatory practices. Then again, Iâm not fully aware of what other businesses might require that we can live without comfortably.
Congrats! I did the same.
You know all those conveniences that Google gives us for âfreeâ that we all of a sudden canât seem to live without? Microsoft does that for âenterprise levelâ companies.
But open source is janky and doesnt Just Work!
Just like with proprietary software, thereâs amazingly dependable FOSS software, and thereâs garbage. In my experience FOSS is much more reliable when compared to itâs proprietary counterparts, with very few exceptions. Seems to me that youâve been dealing with the wrong FOSS projects.
This is a thread about how corpo shit arbitrarily locks you out with no warning.
Is it though? Read it all, see if thatâs really the topic, or just a symptom of the actual issue.
I really hate explicitly explaining the joke, so im not going to. I tried.
Glad I got out when I did.
Iâm happy with Linux Mint, and most Windows users would be too, methinks.
To be honest most could do 99% of their pc work with a foss privacy focused browser.
Same, I moved on about a year ago I game all the time too and I have very little issues. Less than my old windows install.
Probably an âaccidentââ, until CIA got what they want.
Oh, better switch to bitlocker and onedrive thenâŠ
No Such Activity at play.
The NSA would just order Microsoft to give them a direct backdoor, like they did with AT&T. They wouldnât order an account disabled.
If they were run by competent people. The admin is not run by competent people.
My comment got more updoots, but you deserve just as many.
I keep dual boot with Windows available for my wife. About a year ago my Fedora install was stuck in a boot loop and I hadnât used my PC in a good while, nor updated anything the last time I had used it. The only conclusion I can think of is either bitflips corrupted the boot process, or Windows fucked with my Fedora install at some point while â perhaps my wifeâs activity allowed a Windows update through, I donât know. Theyâre on separate drives though, so⊠I recovered my data and reinstalled, kept Windows but I am now extremely sensitive to any shenanigans from that drive. Reading this news has me considering to tell my wife she will have to use Windows from a VM on my PC.
Mysteriously? Really?
The reason was clear, they never got the email for account verification, and were locked out. MS messed up.
I really hate headlines these days.
Thanks for evolving VPN, Wireguard. Hereâs a boot in your face! ~Microsoft
Why the fuck would any of those organizations still being using Microsoft to begin with?
These were the developer accounts to sign their software to run on Windows
I donât understand why they are signing it. I mean we know that Microsoft is hostile, why submit to their signing bullshit.
The more you normalise bad behaviour the worse it gets.
Is this just willful ignorance, or�
Signing it verifies that the software was made by company that it says it was. Itâs a method to avoid installing fake or malicious software.
It is on its face a good thing, with the major caveat being who is in charge of who gets to sign what.
If its not signed its easier to fake and people would be at risk of installing malicious software. Its Microsofts platform so it needs the Microsoft signature.
You dont have to sign it, but signing it has benefits. And while Microsoft can revoke it, that doesnt mean they cant still ship the unsigned software.
My dude. It is literally in the first paragraph of the article.
My conspiracy theory: those signing keys are very âtastyâ maybe Microsoft was aware that some state-sponsored attacker got hold on them and blacklisted for everyoneâs safety.
Imagine what would happen if NSA or that other Israeli spy company could sign fake veracrypt or Wireshark binaries