Because paying a few grand a year for a certificate somehow makes your software more trustworthy
Programmer Humor
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
The original Twitter checkmark
You're being sarcastic but even small fees immediately weed out a ton of cruft.
They also weed out a lot of legitimate software, especially if it's non-commercial.
I'm not saying there aren't downsides, just that it isn't a totally crazy strategy.
Well it at least is an obstacle. Broke hackers won't get it or will have to work harder to get around it.
That's the intention. In reality lots of genuine devs can't afford it, so people get accustomed to just ignore the whole thing.
Even more lols when you are gigabyte and your private key leaks. Also when you are gigabyte and your signed driver is used to privilege escalate malware.
And you can still bypass it if you put your software in a .zip
And that’s why certificates can be revoked, that’s the whole point, trust. It only costs a few hundred a year per Microsoft’s documentation and approved vendors so it doesn’t seem that much of an ask. At the very least you can look up the developer yourself, harder to do if the package has no identity associated with it
Gigabyte has entered the chat.
Linux: OK
User: Oh great, I downloaded a virus
Linux: Lol. You should have read the 2000-line python script on github before running it.
Actually there's extensive documentation on the arch wiki regarding this specific line of code burried 1673 lines deep.
I suggest you read the documentation before you ask irrelevant and, might I add, embarrassing questions.
It is your fault always.
I wrote some open source software and looked into how to make that not happen. It’s not easy on Microsoft, and on Apple it costs more than a $100/year!
you have to pay to have your stuff put on the app store??
Yes, on both platforms.
Not only that; You have to pay for updates too. Supposedly it’s because Apple takes time to verify that the app is legit and not going to do nefarious things. So they don’t want a bad actor to get a legit app on the store, then later push an update that infects everyone with a virus.
But apparently a company did a study and realized that app testing rarely made it past the main page, with testers spending ~15-20 seconds per app. They’d basically open it and if it looked like it did what it said, they didn’t bother digging any deeper.
Why do you think they set those up? To not make money?
Yes. It's actually rather tragic I strive to run my business NOT using big tech. But we need an app for our users. On Apple this means you simply MUST pay apple. 100/year is not a lot. I just don't want to give them my business.
You have to pay for a license to be able to publish apps to the store, yes. This isn't a bad thing, mainly just for the fact that it stops a lot of trash from being put on there.
Yeah we are an open source org and simply don't sign the executables because of this bullshit
I can navigate Windows well enough for my job, but I'd never choose it for personal use. I'm no Linux expert, but I haven't yet been faced with a problem I couldn't solve.
I'm the exact opposite! Use Windows for personal use, and use Linux for my VMs/Servers/Docker.
I was taught to use Ubuntu Linux by a middle aged engineer in another field who demanded "the brown operating system" on his computer over a decade ago, so yes, I agree, day to day Linux hasn't been hard for over a decade.
This will be outdated soon.
They basically admitted at a security conference (I think) that part of the roadmap for Windows 11 is to actually prevent Windows from running unsigned apps period, and you better believe getting past that will require an Enterprise license.
If true ew. I actually just recently learned that Windows 11 requires a Microsoft account (you can disable it by going into the registry) but it officially actually requires it. Fuck them.
No registry edit necessary. Just use the email no[at]thankyou.com, write any password. Windows will throw an error, press continue and voilà, you can create your local account.
Rufus also has an option for local accounts and for removing TPM/SecureBoot requirements.
I created my windows 11 install stick with Rufus, it actually has an option to disable the requirement for a windows account when creating the bootable stick
I don't think you need to with either a professional or enterpriese account (I think professional). Do need to with a home account though which is extremely annoying.
Well you can log in without one, but that requires many unintuitive steps.
For example one of them is to login with wrong Account information.
Source?
I definitely need a source on this. I searched online and couldn't find anything. If this is true, I feel like it's the one thing that might actually cause some people to move to Linux.
There's no reason for Microsoft to do that. That will just alienate existing Windows users enough to try other OSes while providing no benefit whatsoever to the corporation. Even Apple, which is known for its love of walled gardens, allows executing unsigned code in MacOS. So I very much doubt we'll get a source.
I feel like it would get much better a mistake if they did... I use both windows and Linux now. I would rather use Linux full time but some software, specifically office and some (not most, but a few) don't play nice with Linux.
If I just lost a ton of programs that I would say are critical for windows, no doubt I switch full time unless my work prevents me.
Mac os when u don't pay 99$ a year to apple to sign the app
Also on Webtoons:
https://www.webtoons.com/en/challenge/system32comics/list?title_no=235074
Which has RSS feed:
https://www.webtoons.com/en/challenge/system32comics/rss?title_no=235074
👌
Mac does it now too. But they do it because they are anti-competitive and want to make you use the Mac app Store. They need to be broken up.
No.
It's a security feature. Right click, select open, affirm that you meant to run the thing, then it works. This needs to be done once for that app.
You can disable this behavior too.
It has of course nothing to do with the enormous amount of money they rake through their app store by squeezing both the developers and the users.
Why would they try to force people to only use the store by implementing more and more security features along the way!?
It's a mystery!
Let's make it clear. The only virus on a PC is its owner. It never emerges on itself
Worm Virus enters the chat
Actually this is a good practice. If you don't know where the program is or if the source is not open, you shouldn't install blindly.