It also seems like somewhat reasonable anti-malware practices, for the most part. They want a government ID if you’re going to push kernel level drivers. They have a process for doing so.
Could have been smoother, such as allowing them to recover their existing account.
I believe it’s the driver they install that becomes the problem if they don’t have a valid Microsoft account; it’s no longer valid and untrusted by the system.
Yes. Since they have kernel level drivers, they need those drivers signed by MS for them to be able to install.
There used to be a way around this as an end user, but I think now, the only way is to disable ALL driver signature checking. A decidedly unwise choice.
There used to be the ability to make an exception for a single driver. Certainly an argument can be made that if you’re making an exception for one, it doesn’t matter you might as well turn it off entirely because that one driver could be compromised through modification by any binary on the system.
You can’t do full-disk encryption without the signed driver, and Microsoft is preventing them signing the driver for new releases. So Microsoft is making it impossible for them to publish updates for the Windows versions of their software.
Is it just me or is the headline misleading and wrong?
Why would WireGuard, VeraCrypt or Windscribe push windows updates in the first place?
If you read the actual text it says Microsoft locked out the accounts these 3 projects used to publish new versions of their software.
They’re probably using “Windows updates” to mean “updates to their software on Windows” but it’s obviously confusing.
it’s you
It also seems like somewhat reasonable anti-malware practices, for the most part. They want a government ID if you’re going to push kernel level drivers. They have a process for doing so.
Could have been smoother, such as allowing them to recover their existing account.
I believe it’s the driver they install that becomes the problem if they don’t have a valid Microsoft account; it’s no longer valid and untrusted by the system.
Yes. Since they have kernel level drivers, they need those drivers signed by MS for them to be able to install.
There used to be a way around this as an end user, but I think now, the only way is to disable ALL driver signature checking. A decidedly unwise choice.
There used to be the ability to make an exception for a single driver. Certainly an argument can be made that if you’re making an exception for one, it doesn’t matter you might as well turn it off entirely because that one driver could be compromised through modification by any binary on the system.
Anyway, switch to Linux.
I’m guessing you might be able to install VeraCrypt through the Microsoft Store, and if so receive update notifications.
You can’t do full-disk encryption without the signed driver, and Microsoft is preventing them signing the driver for new releases. So Microsoft is making it impossible for them to publish updates for the Windows versions of their software.