Replying to Avatar Jeroen Ubbink

I don't think there are ways around it. I have a friend who still ships a Windows app and he had to go to loads of effort to to get a signing device.

I would urge you to stop developing for Windows. The signing does not stop bad actors as the verification process is done by some Indian call center that calls you on any number you provide and all you have to do is answer and say "yes that's me."

This should not be encouraged. People are making money off of you just because you comply and for the consumer it adds no safety.
Avatar
waxwing 1y ago

Agree in general. The problem for me is not that they have an app signing process ... even if it's bad. The problem is that removing users' rights to execute programs (as per Stallman's framing) is profoundly morally wrong.

Reply to this note

Please Login to reply.

Discussion

Avatar
calle 1y ago

macOS let's you jump through hoops to still execute whatever you want (they just want to stop most newbie users from doing it). I can't imagine windows doesn't have that option but I don't use it and have no experience.

Avatar
waxwing 1y ago

Defender is installed by default and will quarantine a simple rust binary and often tell the user they have been infected with a trojan. I know that sounds ridiculous but i spent a lot of time looking into it.

The problem is they have no incentive to not false positive.

Avatar
Braydon Fuller 1y ago

Even though GNU/Linux systems don't have these types of restrictions, it would be great to have better sandboxing between desktop apps for a given user. Despite the intentional malware, software exploits and RE bugs exist and would be nice to mitigate with limited scopes and etc. Does Qubes provide better isolation or are there better alternatives?