Veracrypt project update
super256
1179 points
436 comments
April 08, 2026
Related Discussions
Found 5 related stories in 36.3ms across 3,961 title embeddings via pgvector HNSW
- Microsoft terminates VeraCrypt account, halting Windows updates donohoe · 511 pts · April 08, 2026 · 57% similar
- Remotely unlocking an encrypted hard disk janandonly · 112 pts · March 05, 2026 · 44% similar
- Cloudflare targets 2029 for full post-quantum security ilreb · 304 pts · April 07, 2026 · 41% similar
- Attempts to post the latest Trivy security incident have been marked [dead] JoshuaDavid · 80 pts · March 21, 2026 · 40% similar
- An Interesting Find: STM32 RDP1 Decryptor carlossless · 79 pts · March 02, 2026 · 40% similar
Discussion Highlights (20 comments)
dizhn
Microsoft disabled the developer's certificate so no windows releases can be made.
ErroneousBosh
Jesus, sourceforge is still on the go?
firen777
It's like LibreOffice all over again: https://www.neowin.net/news/microsoft-bans-libreoffice-devel...
pogue
They need to get some tech site like Arstechnica to write about it, like they did when neocities couldn't get ahold of bing. The only way to contact these tech companies to speak to a real human being and not a chatbot is if you know somebody who works there or if the media writes about it.
ninjagoo
Looks like Linux and some of the BSDs are the only remaining truly open OSes.
nixpulvis
We need a better way to sign and verify software. Clearly companies like Microsoft and Apple have not been good for the open source communities and are inhibiting innovation.
speedgoose
It's perhaps naive, but could he create a new organisation, like a "TotallyNotVeraCrypt" French loi 1901 association, at a different address, and create a new microsoft account by making sure it passes all the requirements.
RandomGerm4n
That's especially ridiculous because this whole security mechanism that Microsoft is forcing on Windows user doesn't even work. There are tons of leaked certificates and on forums dedicated to game hacking you can find guides on how to get your hands on one yourself. People there use them to write kernel drivers for cheating in games. Game developers often blacklist these in their anti-cheat software so that the game no longer launches on a computer using a driver with that certificate. Microsoft however does not do this and malware developers can then simply use the certificates for their own purposes. So all this nonsense is basically just a restriction on regular users and honest developers while the “bad guys” can get around it.
shelled
I am somewhat also concerned that this software was still being distributed on SourceForge.
_s_a_m_
Microsoft doing everything in their power to be assholes, as always
saidnooneever
maybe an old vulnerable signed driver can be used to load the new version :D. on a more seirous note, i think contact with a person at MS, likely via socials triggering that, might help here. It all depends on the reason for the ban/block/cancel. if they had a reason other than 'oops mistake' its likely just going to remain in place. (sadly, that is how MS is. if you care for privacy maybe go to BSD)
zx2c4
This is the same problem I'm currently facing with WireGuard. No warning at all, no notification. One day I sign in to publish an update, and yikes, account suspended. Currently undergoing some sort of 60 days appeals process, but who knows. That's kind of crazy: what if there were some critical RCE in WireGuard, being exploited in the wild, and I needed to update users immediately? (That's just hypothetical; don't freak out!) In that case, Microsoft would have my hands entirely tied. If anybody within Microsoft is able to do something, please contact me -- jason at zx2c4 dot com.
tomgag
Sorry to hear about this turn of events, but it was pretty much to be expected given the way the world is turning, and Microsoft being Microsoft. Switch to Linux if you can, and come give Shufflecake a try ;) https://shufflecake.net/
8cvor6j844qw_d6
Seeing this kind of friction makes me more confident in VeraCrypt. The tools that never seem to run into trouble with platform gatekeepers are the ones I'd worry about.
bilekas
And yet another example of companies turning actively hostile against their users. The burden of usage/access is now solely on the customers and the feeling is that regular customers are just a nuisance to be ignored.
avaer
Forced software signing should be illegal.
kwar13
very much sounds like microsoft
Topfi
Honest question, did we ever get an answer what was the cause for the sudden change from the original Truecrypt developer? Even if one doesn't want to maintain that project for purely private reasons, recommending Bitlocker as the drop-in-replacement always made it smell fishy to me.
shevy-java
This is always a problem when big mega-corporations are involved, be it Google or Microsoft. They want to control the platform. We really need viable solutions. I have been using Linux since +21 years or so, so it does not affect me personally, but I think Linux needs to become really a LOT more accessible to normal people. And it really has not (on the desktop); all the various "improvements" on GNOME3 or KDE are basically pointless, they have not solved the underlying problem. Ideally problems should be auto-resolvable. If someone wants to use the proprietary nvidia driver, that should be a single click - on ALL Linux distributions. Instead you see some distributions have their own ad-hoc solution and other distributions have no easy solution (for simple people).
teekert
I'm sorry, is this some sort of Windows joke that I'm too Linux to understand?