#Microsoft locks account that #VeraCrypt maintainer uses to sign #Windows bootloaders with no explanation or route for appeal. If they don't fix this, in a few months every Windows computer that uses VeraCrypt whole-disk encryption will stop being able to boot and all the data on it that isn't backed up elsewhere will be lost. 🤦
If this doesn't convince you big tech has too much control, I don't know what will.
h/t @zackwhittaker
https://techcrunch.com/2026/04/08/veracrypt-encryption-software-windows-microsoft-lock-boot-issues/
#infosec #privacy #TechIsShitDispatch

If you use #VeraCrypt full-disk encryption on #Windows, then READ THE ABOVE ARTICLE and pay attention to this developing story. If it hasn't been resolved in the next month or so then you are going to want to disable VeraCrypt on your computer to avoid being permanently locked out of your own computer when the VeraCrypt bootloader signing certificates expire and the maintainer isn't able to renew them.
#PSA

@jik @zackwhittaker
Weeeelll, that's a bit too much panic!
Yes, the machines might not boot anymore, but the data is still there.
It can still be read on a normal Linux Live-ISO just fine.

@manawyrm @jik @zackwhittaker wait, so if the certificate expires *existing signed binaries* will no longer run? Does this mean any signed bootloader has an inherent shelf life and will need to be re-signed every so many years even if no changes are being made to it?

@manawyrm @jik @zackwhittaker or is it that the cert will be explicitly revoked rather than expired? the article is a bit unclear on this