From Newsgroup: alt.comp.os.windows-11
Herbert Kleebauer <
klee@unibwm.de> wrote:
https://sourceforge.net/p/veracrypt/discussion/general/thread/9620d7a4b3/
I thought the official websites were:
https://veracrypt.jp
https://veracrypt.io
Those [used to] point to Github for the downloads, not to Sourceforge.
I'm not aware of any vested interest in Sourceforge by Microsoft, so I
don't understand the need for a Microsoft account nor how Microsoft
could be banning the author from his project or downloads from it.
Microsoft does use Github for some of its projects, and is the parent of
Github since acquisition in 2018, so maybe they can exercise some
control over there. I can log into Github using a login for that
website, and not by using an MS account for login.
Is Github (
https://github.com/veracrypt/VeraCrypt) completely banning
the author from accessing his project over there to then move the code
to elsewhere? According to
https://veracrypt.jp/en/Code.html, he uses
Github as his main code repository, but uses Sourceforge for the
released versions. Is he compiling from code at Github to then deposit
the executables at Sourceforge? I would avoid using Sourceforge other
than for small projects that don't get more than a couple hundred
downloads.
While he could move the codebase from Github to Sourceforge, I've found Soureforge to have become very slow to respond for their web server and
for downloads. It is far too overloaded compared to its resources.
Currently the download links at veracrypt.io point to launchpad.net, not
to Github or Sourceforge. Maybe launchpad was a recent change in
reaction to some problem at both Sourceforge and Github.
Unless Microsoft has lately mandated the use of MS accounts to log into
Github, I don't see what is the problem accessing his Github project.
There is no UWP app for Veracrypt, so it's not like he needs an MS
account to get into the MS Store to get Veracrypt.
Is he perhaps submitting the Veracrypt code to Microsoft to get a
certificate to digitally sign your software? Didn't think that was
required for programs, but is for drivers. There is no Veracrypt
service. Does Veracrypt use some stacked I/O drivers, like for
whole-disk encryption? Those would need signing.
I've never used Veracrypt's whole-disk (well, whole partition)
encryption, only its container encryption. I also will never use
Microsoft's Bitlocker for whole partition encryption. I only need to
protect some of my personal data files, not all of my data files, and
certainly not all the OS or other software on my computers since those
can be easily obtained even with free downloads without hacking into my computers. I don't need to protect publicly accessible software nor all
my data files, only a few of them, so encrypted containers work very
nice to secure those sensitive files, and without the possibility of
whole-disk encryption end up kidnapping an entire partition.
--- Synchronet 3.21d-Linux NewsLink 1.2