Microsoft suspends dev accounts for high-profile open source projects
bleepingcomputer.comDiscussed here yesterday:
Microsoft terminates VeraCrypt account, halting Windows updates (575 points, 239 comments)
The real discussion prior to that with input from devs and the update from Microsoft that came after that techcrunch article came out:
Oops yep missed that one
Microsoft loves sending emails with "Action required" in the subject, when actually no action is required, or it doesn't apply to you, or whatever. Such corporate speak. It's fun searching your email for "Action required" and finding all the things you were supposed to do and it turns out didn't need to do anything about.
"Crying wolf" constantly like this is so frustrating. It waters down the message until they send something you really need to worry about, which you ignore like the rest of the pointless messages.
What marketing/sales/HR types don’t seem to understand is that when everything is the highest priority, nothing is.
I saw someone had an idea to have a ticket system where the user chose the priority, and it displaced the current ticket at that priority, with the catch being that this ticket was sent back to the user with "are you sure?"
CEO can't login during a demo. Sandra from accounting can't print from the closest printer and confirmed this is higher priority
Currently having this issue, two critical tickets.
Ticket A: Elevated Response times for Server A outside of allowed tolerance, people experiencing timeouts
Ticket B: Change the colour of a button
I wish Ticket B Submitter could see the ticket before them to gauge what critical actually means.
This is why the user can’t be trusted to assign severity. Incentives across teams aren’t aligned and they don’t have visibility into other issues even if they were aligned.
This is a bit off topic, but I always say that priority is a ranking of actual demands, it is an ordering, one that needs curating and keeping updated based on context and changes in environment.
Nothing else works for prioritisation, any other categorising into "High/Medium/Low" just fails.
By doing so you end up with the nonsense we had at a company I once worked for, where stories were all put in medium.
This was because stories in low were simply never actioned, they'd never ever get done, everyone came to implicitly understand this. It was still a useful dumping ground for the kinds of stories you know you ought to do, but no-one wanted to do, but it was useful to have noted on record. But for prioritising actual work, it was useless.
Stories in High had a special process defined in a handbook that no-one wanted the hassle of dealing with.
So everything was Medium.
This had obvious problems, and it grew larger than could be managed.
So "Just Above Medium" was born, for stories that were higher priority than your everyday stories in Medium.
This in time grew too, so "Just Above Just Above Medium" (aka JAJAM) was born.
By the time I started, there was even a "JAJAM+" category, for stories that had to be fast-tracked through the process too.
The whole thing essentially fell back to having the product/development leads come to an understanding of what work needed to be done. Which is the right way to do it, but that should simply be made more explicit and part of the process by simply having all stories ranked.
Then you don't need the mental overhead of trying to decide in a design meeting if something is "Just above Medium" or just above that...
Early on in my career my manager told me "a monitoring system that sends more than a dozen notifications a day actually sends zero notifications". Words to live by.
But it is MY highest priority!
I can’t imagine a life in which I would have to worry about an email Microsoft sends me. But it doesn’t sound pleasant.
I unfortunately took part in their startup program. I was awarded the credits. However, I noticed that everything was super pricey, especially the AI services and the azure interface is basically garbage. It is very easy for you to enable a service and never be able to find it later until you have been billed for it later in the month. Maybe the GCP interface has spoilt me too much.
Long story short: I discontinued their program and it's been 2 years and I still receive those action required emails only to find out that there is absolutely no action required on my side. Harassing users is their favorite past time I swear. Ask the Github desktop folks. On Mac OS, there is no option to disable automatic updates. It loves installing a helper that runs 24/7 with admin privileges. If you click on deny, it will keep harassing you - every. single. day. First thing in the morning - 3 times, 3 times in the evening. You could be in the middle of something important, like a meeting or a screen share or running some serious stuff like CNC milling (which I do) and this thing will just popup and ask you for admin privileges until you accept.
And even if you accept and give it permissions, it just buys you a few days time. People have tried before to open an issue on Github - their response was simply "This isn't a priority for us right now" and they just closed the issue.
Same story with Windows too. I wish there was a law to prevent this kind of bullying behaviour.
I think the laws would need to be generally around not hindering competition. If competition were high, and you had a dozen operating systems to choose from, then you’d move away from this annoying one (Windows). And thus Windows would have a lower incentive to engage in this behavior. But current laws don’t discourage monopolies/oligopolies.
My spam folder is full of "Action Required" emails. So many of them are phishing attempts that I would never even open such an email even if it really truly came from Microsoft.
I once filed a support ticket against one of those emails because I couldn't figure out what they were telling us to do.
Even MS's staff couldn't figure out what resources the "Action Required" email had to do with.
I was told by awareness training that e-mails titled "Action required" are phishing mails.
I love the idea that everyone in this thread is complaining about phishing emails, thinking they came from Microsoft.
Google famously just did this with their Captcha service. Had lots of people signing up for a more complicated version on Google Cloud that they didn't need to do.
At that point I would rather sign up for CloudFlare's captcha service. I already use them for some of my websites.
Because it absolves them of liability of anything goes wrong. They can point to the email say "we warned you". Having to filter and target the specific set of customers that a notice applies to carries risk and costs to them and they wanna pass it to you.
Same with GCP. I have Private test account with nothing on it. I get emails about actions being required regarding APIs I have never used, a few times per year.
You’ll typically only get that for APIs that are enabled in one of your projects. That’s a bit different - those emails are strictly for technical changes that are actually necessary if you’re affected, it’s not part of any sort of marketing scheme.
That's actually a good case for a LLM going through it and deciding: "nah, overblown" and "Oh, yeah, this one can close the account"
No actually it's the worst case
I literally have a rule to automatically mark as read any email that has "important update" in the subject, because 99% of these "important updates" are various types of inconsequential "lawyers made us do this" bullshit.
> We're taking this as an opportunity to review how we communicate changes like this and make sure we're doing it better.
As I'm sure the Vogons did after they blew up Earth for the hyperspace bypass road and realized the planet had inexplicably still been inhabitated.
In the tech world, security is mostly just a theater , it is used to push though unwanted and unpopular things, like access control, privacy invasion, etc...
All this signing business, leads to one party having the final say, and guess what, they are going to abuse that power...
Because some people realised that insurance is the ultimate form of security? Why prevent failure when the consequences of failure can simply be offloaded to others?
I think it's just like in software in general: most software is bad, but it doesn't mean that all software is bad and unnecessary.
Most security is done badly, but it doesn't mean that security is unnecessary.
But I agree: TooBigTech has TooMuchPower.
> But I agree: TooBigTech has TooMuchPower.
Passkeys are here to improve your login security! All you have to do is give complete control over your ability to log in to a service to one of three American big tech companies. Yay!
Or you spend 5 minutes reading about them and use a passkey you actually own?
Many times, people choose TooBigTech. People are generally waaaay too lazy to even consider spending some brain cycles on that.
Unless the service you are trying to log in to requires you to only use an approved authenticator, as is explicitly supported by the spec[1].
[1] "To be very honest here, you risk having KeePassXC blocked by relying parties." https://github.com/keepassxreboot/keepassxc/issues/10407#iss...
More examples here https://fy.blackhats.net.au/blog/2025-12-17-yep-passkeys-sti...
Right, that sucks. But the service could also only allow you to use the Google SSO, it's not really a problem coming from the passkeys...
Sacrifice principles for pragmatism and you lose both.
Owwwwww...... :D
I've no idea whether MS either has a veeeeery clever plan about what they are doing, and I just don't get it, or whether that's just completely stupid in the current times when Windows' fanbase is somewhat declining anyways.
On the other hand, people always have a hard time understanding the trouble they order when they let things centralize too much. When they are too okay with depending on e.g. BigTech companies too much.
And in that regard, those news are probably actually good news... It helps people learning about how things work... So they can make better decisions in the future. Better for all of us.
I spent 20 minutes trying to log in to Teams on my phone today and I just couldn’t. After my username and password, it would redirect to Microsoft Authenticator, then ask me to create a passkey for some reason, show a loader, and then bug out and restart the flow in an infinite loop.
I’m being told we are in the incredible age of fully automated AI programming and yet Microsoft can’t even get login to work.
We are in the age of fully automated AI programming, and that's the expected outcome. (.. is what I would say if this wasn't Microsoft's standard for the last 10 years)
> fully automated AI programming
they would like you to use copilot, so it all checks out, have you installed it on your phone yet? /s
Well, what's the sarcasm?
If someone already has MS Teams installed, and their Authenticator App, there is no compelling reason to not install Copilot. Unless the system permissions they ask differ substantially, let's say.
Either you trust MS or you better have nothing installed from them on your (personal) devices at all. No?
Satya Nadella had built up so much Microsoft goodwill from 2014 - 2022. When they first purchased Github, it looked like Microsoft was opening up and was going good things.
The first sign things were souring was when Microsoft dumped their gaming plans after just buying up all he major studios. First sign they only cared about Azure and AI.
Now it's blatantly obvious they're giving up everything to chase enterprise AI.
Yes, maybe. Although they explicitly promised the opposite some days ago, no?
And there was also that article some days ago that told the story about all the management stupidities at MS from the last years/decades. It was very interesting, and would suggest that this might be yet another very stupid move.
I would just disagree with one detail: With some basic understanding about how human beings work, and how the world works, MS never stopped to be a problematic company. Some were optimistic when they started to open some things up a little, some less so. Are they today more open than they were 20 years ago? Definitely! Was it ever a company that was healthy to depend on? Not a single day imho.
Also: https://techcrunch.com/2026/04/08/wireguard-vpn-developer-ca... (https://news.ycombinator.com/item?id=47702161)
this source is a bit better and answers a couple questions.
first the verification wasn't just "click this link to prove you own this email"
>That account verification process meant that developers were required to upload their government-issued ID before they were allowed to publish potentially highly sensitive code to the broader Windows user base.
Also according to at least one affected user they didn't actually get notified of the process.
> “Microsoft never sent me any notification at all about this. I’ve looked in every inbox in every spam folder in every mail log, and zero, nothing, zilch,” Donenfeld said.
Some devs did get the email and follow the process and still got kicked out
> Don’t let anyone tell you it’s because we didn’t read our emails or submit the right verification paperwork. Cuz we did all that back in October. > And this month, we were suddenly and without any warning locked out.
https://www.theregister.com/2026/04/09/microsoft_dev_account...
Microsoft response at the end of that article.
> I was ready to login to the Partner Portal and submit my...
I used to work for companies that were Microsoft Partners. One of Microsoft's rules was that they required Partners to employ one (or more) developers that have some Microsoft certification. As an MSCD, I met those requirements (for silver and gold levels). That cert is no longer offered, so I wonder if some exception/rule got removed and now all the partners without "certified" developers got kicked to the curb?
> all the partners without "certified" developers got kicked to the curb?
developers, developers; nah- AI, AI ...
when Copilot is certified, you'll be fine
lol, Microslop shooting themselves in the foot once again.
At this point people will move to MacOS or Linux because so much damage to their brand can’t simply be ignored anymore.
And also consider moving some of your repos to Forgejo. I’m running it for more than a year now and it is by far my favorite service. Way faster and essential features do not require monthly payment (branch protection for example). It can easily run on a Raspberry Pi 4 1 GB RAM.
Use Docker Compose and put Caddy in front of it for HTTPS. For backups the easy way is to just git pull your repos via cron on some remote systems. Or use syncthing to also move the server configs over. For the runner, 1 GB RPi 4 should be fine for many situations. It can compile and run many Rust/Python tests fine or build static sites. You could also setup an old x86 next to it (this is essentially what GitHub Runners are too: old x86 cpu’s).
You may want to have a look at docker-volume-backup[1]. I personally use it.
I avoid docker volumes whenever possible since I find them such a hassle
Apple has done the exact same with its iphone app store, lots of companies got shut down because of their app not beeing available anymore with no explanation. The problem is with exclusive app stores.
I don't often praise Apple, but their kernel hardening on macOS has been in the form of a deliberate, decades-long plan to move kernel extensions to userspace by providing the appropriate SDKs. Meanwhile Microsoft is running around like a headless chicken.
Apple requires notorization for applications outside their store too.
> At this point people will move to
I think most people just don't care about their computer. Most people just use whatever they are told to use at work.
Most people are just accustomed to pain because they don’t know it could be different
This. Most people will think that using a different system will just be a different type of pain.
I have never had a successful experience getting someone to try something better, but different. In my experience, people fight for the enshittification they know.
Asking someone to install Signal is already the end of the world, trying it sounds like starting a PhD. I'm not even talking about thinking about using it as a replacement for WhatsApp.
Really, people just don't care. Which I find sad, of course.
No they won't, because Apple is out of reach for their pockets, and most OEMs still don't sell Linux powered devices on the shops people go to.
The Neo changes things. Only $600.
It is 800 euros for 8 GB device, no thanks, especially in coutries where many dream of getting 1000 euros a month.
Dozens of youtube video reviews showing that the 8GB is not really a limitation for what most people need to do with the laptop. Heck I saw a review where the guy played minecraft on it with 20 rather hefty tabs in safari open, without any stuttering.
So what is the actual limitation of a neo, and how to they apply to users in that price class?
How much Electron crap did they tested with?
It's surprisingly fine. Not the fastest though.
It's a computer released at the peak of the RAM crisis. Even Raspberry Pis are expensive now. That's just life.
Its $600 in the states. $500 if you are a student. What is a cheaper but good enough alternative in your opinion?
I don't live in the states.
What is a cheaper but good enough alternative in your opinion?
Here is one with 512 GB SSD, 16 GB, DirectX 12.1, Vulkan 1.3, under 500 euros, and enough connections without dongles.
https://www.auchan.pt/pt/tecnologia-e-eletrodomesticos/tecno...
Interesting. You save 200 euros(in germany) but lose significant CPU performance. As long as its not a chromebook its usable.
Maybe you don't need a laptop then, if your dream is 1000eur.
Ah, too poor to play kind of argument.
Writing this from a corporate win11 computer, the whole thing is so laggy, it's unbelievable. Last year, I had revived my old desktop from 2007 with an intel Q6600, windows xp and a clicky dying HDD, and that thing flied compared to this. Dear Microsoft and its partners (Especially DELL!), what the hell happened?!
In some sense, "you did".
Your actions, intentional and direct or not, allowed for one more sale of Win11 and an accompanying sad Dell computer, giving them the signal (however weak from you as one single individual) that whatever crap they have been doing up to now, still is a good choice in order to sell one of those combinations.
In some sense, "you also did".
You couldn't argue the case on the internet better, and convince enough people not to give the signal that it's okay. We are all guilty :)
It would be the same with Apple or anything Linux, due to the shitty compliance software that had to be installed regardless of the operating system.
Corporate Windows == CrowdStrike, Sentinel One, or other US Government in disguise Malware.
Have gone back to Linux after 23 years, Ive only had to go to the console once to make all hardware of my framework 12 work since i chose to use a non supported distro. That's definitely a breath of fresh air compared to the old times, where getting wifi to work was a major hassle, anyone remember ndiswrapper? ouch.
People: Windows is too centralized. Let's move to MacOS.
Don't know who those people are or if they exist, but not the brightest ones for sure.
I mean, we have been saying that exact thing for close to 30 years at this point.
Yet, they are still around, they are still deeply embedded in most businesses, and no matter how much they screw up, it just keeps going.
I'm amused by this saga. Wireguard is working just fine on my machines (Linux and Mac).
Apparently nobody at Microsoft considered that blocking critical software hurts Microsoft more than the open source developers being blocked.
No one considers anything in these tech companies. It’s all some bot automatically banning people who are then faced with a brick wall looking for a contact to get unbanned.
> Wednesday, Microsoft Vice President Scott Hanselman said the developer accounts were automatically suspended because they failed the "mandatory account verification for all partners in the Windows Hardware Program who have not completed account verification since April 2024" that the company had been emailing "everyone" about since October 2025.
It doesn't sound like suspention, because they would be able to fill out the form and get unsuspended. This is closer to account termination.
> The list of affected projects includes, but is not limited to, Virtual Private Network (VPN) software WireGuard, on-the-fly encryption (OTFE) utility VeraCrypt, the MemTest86 Random Access Memory (RAM) testing and diagnosis tool, and the Windscribe VPN software.
This, on top of the recent mystery app updates pushed by Apple, has me concerned. So much of security relies on the assumption that, say, Apple, Google, or Microsoft can't be coerced into pushing an update that undermines the entire security model. The "Apple gets hit with a wrench attack" is more salient nowadays.
Hopefully this is nothing but I think it's worth being vigilant. But judging by Microsoft's response, it seems more likely to be an administrative error commensurate with the state of their company rather than something more nefarious.
Seems that a developer of kernel level anticheat also was suspended. So not all is as bad.
lol.
I can see some justification for not notifying developers of their actual pending suspension if they have not acted on prior notifications requiring verification steps.
Suppose a developer account, say that associated with VeraCrypt, had been compromised and the compromiser knew or feared they were unable successfully pass verification.
The compromiser could be exploiting their access to modify the product in profitable but fairly benign ways (say making VeraCrypt part of a botnet that didn't do any damage to the host beyond consuming some resources). However, if they got a message saying "Your account will be suspended in 12 hours if you do not pass verification", the compromiser would know that their profit would/could drop or go away. In response, they might push out one last "mandatory auto install" update with a nuclear bomb (perhaps with a delayed trigger) to just do malicious damage to hosts out of spite.
Well, Microsoft is evil so no surprise - but this seems like targeted censorship:
"The list of affected projects includes, but is not limited to, Virtual Private Network (VPN) software WireGuard, on-the-fly encryption (OTFE) utility VeraCrypt, the MemTest86 Random Access Memory (RAM) testing and diagnosis tool, and the Windscribe VPN software."
It seems to go against VPN right? Is there a connection to other things such as the mem-test tool? This one is the only one that does not fit here. Or perhaps we don't have the full picture.
It seems to go against developers of Windows drivers (which includes VPNs) - apparently there was a “mandatory account verification for all partners in the Windows Hardware Program who have not completed account verification since April 2024”, but for some reason it looks like no one notified these guys that they have to verify their accounts.
I wonder if they were compelled by someone in the government.
This is preemption, I believe, in the US for what's coming. Given the states trying to ram in "age verification" (mass surveillance propaganda, same agenda as CSAM) I no doubt believe that the only VPNs the USG wants people to have access to are corporate (easy entry point) and pwn'd VPNs [0] (in the media lately).
Fuck Microsoft (aka Microslop).
[0] https://www.wired.com/story/using-a-vpn-may-subject-you-to-n...
Just got a Wireguard update on Windows a minute ago, so seems resolved?
I wouldn't install that update if I were you
This is the definition of FUD.
Or a reasonable security posture. Unless there is a vulnerability in the current version, why scramble to update? And if the author:
1. claims they do not have access to the signing account
2. Recently said that they are not planning any important release in the next 60 days
Then I would claim that rushing to update is plain reckless. But move fast and break things, I guess
zx2c4 updated their post after getting access:
https://x.com/edgesecurity/status/2042185546152161474
It's currently the #2 story on this website: https://news.ycombinator.com/item?id=47719942
You're talking about security to people that give root access to their LLM
was that insult directed at me? If so, I object.
FYI: on macOS you can’t even ship VPN software that uses the modern APIs outside of the app store for self-distribution. An ADP membership is required, full stop.
Horseshit. Wireguard, tunnelblick, aws vpn client all self distribute
The self-distributed (wireguard-tools) ones use different APIs.
The official WireGuard macOS app that uses the modern and fast OS APIs for VPN is App Store only:
https://www.wireguard.com/install/
I agree that it’s horseshit, but please don’t accuse me of being factually wrong without doing appropriate research.
Modern computing does not make me feel good. Really hate this signing business controlled by the OS vendors. I get the added security benefits, but I'm not sure the tradeoff is worth it.
> but I'm not sure the tradeoff is worth it.
Well corporations decide on that. I abandoned rubygems.org when they added the 100.000 download limit; past that point I was no longer able to remove old gem. Then came the new corporate laws for rubygems.org and mass-firing of about 8 open source developers who were involved with the ruby ecosystem.
We simply need to accept that corporations controlling an ecosystem can lead to HUGE problems. We need an alternative here. I don't have a good alternative either to suggest - money is influential. People adjust their behaviour and how they think with regards to money all the time. We could need some kind of model that also handles the economy. And, again - I have absolutely no clue how that could or should look like.
We need to create a special interest org for people that support general computing. I'm open to be part of something like this.[0]. Reach out to me if interested
True, but there is yet a one major OS that allows you to run whatever you see fit on your computer.
If you are really disgusted by those moves, you have a time to switch. If enough people switch, then we can just forget about that garbage.
At this point, windows is already becoming a poor implementation of wine anyway.
At this rate, I'd say we have less than a year before world governments simultaneously start rolling out laws making Linux illegal. Of course they won't call it "The Ban Linux Bill" but it will be back-channeled through some bullshit security or user verification requirement.
It's too late to close that Pandora's box. Linux is far too ubiquitous now. Even if it still lags behind Windows in the desktop computing space, it is already a non-trivial market share and growing quickly. And in many other computing spaces, Linux is king.
They can't realistically make Linux illegal. But they can put onerous requirements on popular Linux distributions - such as the age "verification" features they're currently trying to require[0]. Hopefully that proves to be ineffective.
I feel like Hanselman is one of the few old generation Microsoft people. When he leaves it’ll be young people who don’t know Microsoft and have no understanding of or connection with Microsoft products.
Dave Cutler and Raymond Chen might like a word.
I don't know about his career in general, but Hanselman once spoke at a conference I was helping organize here in Thessaloniki, and he was great. Really knowledgeable and very down to earth.
Alongside talk from the UK Labour government about intervening on VPNs, I'm getting uneasy vibes about this move, especially since Microsoft is one of the most government-friendly corporations in the big tech arena.
The surveillance state is growing more sinister every day (especially in the UK), but the efforts are somewhat thwarted by the existence of VPNs.
Once they find a way to undermine VPNs, the UK govt will have literal CCP-level control over our access to information and communication.
CCP-level control over access to information is not actually very tight, technologically nor ideologically, but it does enable a form of rule-by-law which is far more useful.
The problem is that the social media companies have not been dealing with abusive posts of various sources. Governments can't take action against the bad posters are they are from another Government (and in some cases are employed by that government to cause trouble). Thus Governments have to take actions which they can control, unfortunately these actions will affect more than the bad abusers.
You assume your premise. No the government actually doesn't 'have to' take action about mean things on the internet. The UK has such an obsession with regulating what is, essentially, politeness.
While I don't particularly care for the UK's approach to these things, I can't help but be shocked at how many governments seem to all of a sudden have dreamed up the same idea. Independently, I'm sure.
I suppose the US is the unique one really, when it comes to a history of protecting certain types of speech. They've never really regulated (what I would call) politeness between people in any form.
The UK, and I assume much of Europe, criminalizes truly petty levels of speech. For example, it's illegal to insult someone and cause them 'alarm' or 'distress' in the street.
Thus the non-technical populace see rudeness on the internet as the result of some kind of wild west situation that the government needs to control, to bring it in line with the rest of the public realm.
This should be made a problem for the social media companies (which it largely has, hence all the age verification fiasco), not absolutely everyone on the internet.
well, well, well...what do we have here? another big tech trying to undermine competition? :D Never happened before
open source but the off switch is centralized
Would be nice if any outlet could actually check; did, or did Microsoft not inform these devs beforehand?!
Even if they did, it didn't work.
As the strongest OS advocate who has not ran Windows in a quarter century and is posting this over a Wireguard link; the is some double standards here. A corporate VPN vender who did not ensure they received all notifications from Microsoft regarding a certificate that effectively let's them root millions of computers would be a strong signal of concern.
It goes both ways. Probably both parties are partially to blame here. But it is clear that this corporation did not provide a sensible support channel for such an important project to resolve the situation quickly.
Yes 100% Microsoft is at fault, I just ment anyone working with them should expect at least communication problems and needs to work to keep the channels open.
Really? At my workplace if we had a vendor email us about needing to take some action to continue being able to work with them, but we didn't follow through with that, any business disruption would be squarely on us for not handling it. At the very least even if we can't meet a supposed deadline, we need to work with the vendor to get extensions if possible, and if that's not possible then we either need to mitigate the impact or get more resources on the changes ASAP.
The claim is they didn't get any email, not that they ignored it. It feels reasonable to expect Microsoft to have tried an alternative contact method given they are very high profile and easy to contact projects.
Oh ok I misunderstood. I'm in full agreement then, and that flips back to being fully on Microsoft.
i mean this has to be Mythos related, no? biiiig stretch?
It's really just typical corporate bs.
"I've been using the same account doing the same actions for 10 years what changed"
"We updated our policy 2 years ago. We have been sending you vaguely worded emails this would happen for 2 years, straight to your junk hotmail account you setup for this, why didn't you read them?"
Nothing nefarious unless you consider bureaucracy
I read elsewhere (here?) that it was the main developer of WireGuard who had their account suspended. If true, and based on what I read seems it is true, I am surprised this did not reach the "mainstream" press.
All I can say is this is another proof of M/S abuse of their users:
Yeah, but you're not allowed to call it "abuse" because that's too "baity" according to the cabal.
[flagged]
Please don't. We have to ban accounts that do this repeatedly.