Stupid Micro$oft and their digital signatures!

[PB]

Check this out: http://tinyurl.com/6g4kq

Basically, Micro$oft want us to pay them US $200 per year to have our apps
digitally signed by them, so that end-users can "safely" install our software.
(Without their signature, some users may be scared by Micro$oft's warning
and choose not to install our apps). Seems like zip files are the way to go!

(Note: Edited to update the URL above, as it keeps changing due to additions).

[Dare2]

That sux, just a little bit.



Thanks for the link.

[plouf]

microsfot digital signature driver dont mean a lot i have a real problem installing
digital drivers for me digitus dualserial (the do not install)
while netmos unsigned worked perfectly

[berklee]

Microsoft is losing their grip, man. It's funny. They used to own the dev tools market, but open source, indie developers and the web's put a serious dent in that...

They've been trying to do this 'certification' BS since Windows 95. I don't think you'll lose a significant enough market to keep you up at night. I mean, if you go to download.com, you can't tell what's certified and what isn't.

Sounds like an administrative cash grab. They can kick and scream all they want, but most people simply won't care about app certification as much as Microsoft will.

[Codemonger]

ever dumb. don't pay nothing, ignore it, it'll go away like a million other side ventures microsoft has gotten itself into. They should just drop stupid stuff like this and leave it to 3rd party developers to embed digital signature software detection into browsers etc.. when u download. FOCUS Microsoft , Focus.

[Doobrey]

Yup.. another desparate cash grab.

Who`s up for clubbing together and donating the $200 fee to a trojan writer???
That`d be the icing on the cake..

Ever wondered if MS will make this digital key thingy compulsory at some point in the near future?
That way, they lock out some open source stuff, shareware and freeware that a lot of people use, forcing them to buy new software thats keyed..

[PB]

> Ever wondered if MS will make this digital key thingy compulsory

That's what I'm afraid of.

I can really see Micro$oft going bankrupt one day, when people get sick and
tired of their anti-competitive practises and money-grabbing policies.

[Randy Walker]

I didn't want to bother learning how to interface the Windows installation wizard so I just created my own installation/updater app.

Everything I need to complete the install goes into a self-extracting zip file which is configured to launch the enclosed installer when you open the self-extractor. Works great for me, and slips right in under Windows nose without any signature warning. Worked fine on every verison from 95 up to XP.

After the installation completes, the installer launches the main app and self-terminates. The main app then goes back and deletes the installer file.

[blueznl]

am i reading this correctly as 'warning comes up when downloading an exe'?

do you really think *anyone* is going to bother?

look at the thousands and thousands of p2p users, that download any and everything, and simply execute it, look at the millions of users that got infected with worms and virusses by simply opening a web page or email, or look at the countless number of devices that have 'unsigned' drivers...

okay, some beginner level users are going to get worried, but i expect very few potential customers are going to bother...

it is, in concept, not a bad idea to warn about non certified software, as is being done with drivers, it just depends on the wording of the message being displayed

re. 200$... if that is a valid and reasonable sum to test software, so be it, but i doubt anything will happen when you become a member, except microsoft gets to see what you are using to develop and how many licenses you got, so... your adventage?

pay 200 then get punished for not having the proper licenses

[Michel_k17]

Everything I need to complete the install goes into a self-extracting zip file ... Works great for me, and slips right in under Windows nose without any signature warning.

Randy: Did you test this with Win XP SP2? I would like to know before I plunk down the $65 for Winzip + the addin work-around.

By the way, the money to get a certificate goes to Verisign, not Microsft. Did quite a bit of research, and only 2 companies offer "Certificates for Code Signing", Verisign ($400/year) and Thawte ($200/year).

Buying a certificate is not easy: I tried, but hit a snag because you must have a "company" registered with your local authorities. Verisign used to offer "Certificates for Code Signing" for individuals, but discontinued that service in 1999.

Once you have a certificate, you sign your software yourself using free tools from Microsft. It does not require you to send your code to anybody.

I would not be surprised if Shareware distribution sites like ShareIt, Download.com, or esellerate might offer this service in the future (for a fee of course).

[dmoc]

Thwate is owned by verisign. Certification is a racket monopolised by verisign. I ran a commercial website and arrived at the conclusion that if people are happy to buy from shops and market stalls without checking their credentials then why apply a different rule to web-based businesses? OK, there are scam sites around but they can easily obtain a certificate.

[kake26]

Check this out: http://tinyurl.com/6g4kq

Basically, Micro$oft want us to pay them US $200 per year to have our apps
digitally signed by them, so that end-users can "safely" install our software.
(Without their signature, some users may be scared by Micro$oft's warning
and choose not to install our apps). Seems like zip files are the way to go!

(Note: Edited to update the URL above, as it keeps changing due to additions).

hi, wow this is amusing. Okay, let me point out something obvious. For the longest time I've read about the direction the new windows versions are going. Honestly, they will be non-open source friendly as possible. This means almost anything not made by M$. Its humors to see this surface like so already. However, there are people that have posted here that have good point about p2p. So yes, if you're concerned, then zip the app up. Or better yet quite using windows. I myself have done that and I'm very happy with my linux. I recommend to everyone to help loosen M$'s grip, besides you'll have alot less problems.

[PB]

Here's another article about XP SP2 "killing off" shareware/freeware:

http://www.downloadthat.com/news/view.asp?sid=3728

[Froggerprogger]

Some months ago I installed new official driver from Ati and I was amused, because a Messagebox apperas just before the warning on the missing 'signature' that informs the user in some words similar to:

"Microsoft has introduced a new payment-strategy for software to signalize it as 'save', that we don't want to use, to keep costs and prices for our customers low as possible. To continue the installation, just ignore the following windows-system-message."

That's the right way...

[thefool]

i just got a new ati graphic card, and im already liking them