Microsoft Locks Accounts of WireGuard and VeraCrypt Developers, Disrupting Software Updates

Locks Disrupt Open-Source Software Distribution Microsoft

has locked the online accounts of two prominent open-source developers, halting their ability to release software updates.

Jason A. Donenfeld, creator of the WireGuard VPN protocol, reported that the lock prevents him from shipping updates to users. Separately, Mounir Idrassi, developer of VeraCrypt encryption software, stated that the account restriction could lead to boot-up failures on Windows devices relying on the tool.

The locks occurred without prior notification from Microsoft, according to both developers. WireGuard, known for its efficiency and security, serves millions of users worldwide through various implementations. VeraCrypt, a fork of TrueCrypt, provides disk encryption for sensitive data protection.

TechCrunch reported these events as the second instance of Microsoft locking a high-profile developer's account in recent times, though details of the first case were not specified.

WireGuard users, the account lock means no new software updates can be distributed, potentially leaving systems vulnerable to known security issues.

Donenfeld noted that this affects the core development repository hosted on platforms tied to his Microsoft account. VeraCrypt users on Windows may encounter boot-up problems if their systems depend on bootloader components from the locked account. Idrassi indicated that without access, he cannot release fixes or updates, which could exacerbate compatibility issues with future Windows versions.

Both developers have publicly raised concerns about the lack of communication from Microsoft. No official response from Microsoft regarding these specific incidents was available in the reports.

“The popular open source VPN maker is the second high-profile developer to say Microsoft locked his account without notifying him and is blocking their ability to send software updates to users.”

These events highlight tensions between large tech platforms and independent developers who rely on their services for code hosting and distribution. Microsoft owns GitHub, a primary platform for open-source projects, which integrates with Microsoft accounts for authentication.

The WireGuard project, initiated in 2016, has been integrated into the Linux kernel since 2020 and is used in commercial VPN services. VeraCrypt, released in 2015, supports multiple operating systems and is favored for its strong encryption standards.

Developers have urged Microsoft to restore access promptly to mitigate risks to users. The incidents underscore the dependency of open-source maintainers on centralized account systems controlled by a single company.