Skip to main content

Notice

Please note that most of the software linked on this forum is likely to be safe to use. If you are unsure, feel free to ask in the relevant topics, or send a private message to an administrator or moderator. To help curb the problems of false positives, or in the event that you do find actual malware, you can contribute through the article linked here.
Topic: Verified Microsoft Publisher (Read 1471 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

Verified Microsoft Publisher


Hi,
I was wondering why foobar is not a Verified Publisher?

Re: Verified Microsoft Publisher

Reply #1
Because no one wants to pay money only to change "unknown publisher" to "Peter Pawlowski". Accordingly to others (I am not a developer) apart from being happy that you can spend money, you don't get anything more than having you fancy name written there. You will still see all those annoying prompts. You also still can fall as "trojan" when heuristics is turned on in antivirus software ...
 

Re: Verified Microsoft Publisher

Reply #3
 :-\

Re: Verified Microsoft Publisher

Reply #4
Go look at https://www.foobar2000.org/fuckmicrosoft again.

In some cases, paying the Certificate Cartel will bypass some checks in many antiviruses, due to them being part of said Cartel. It doesn't matter what the content is, paying the certificate contribution will bypass some checks.

This is equally as bad as the IEEE taggant schemes for EXE packers/DRMs, which requires similar taxes paid for protection to the AV Cartel to get a free reign from being blacklisted under some generic detection.

 If your executable isn't bound with a Authenticode signature endorsed by said cartel, OR bound to a IEEE taggant watermark if using a packer/DRM (which is fingerprinted and verified ALSO by that same cartel), expect to be given warnings like this or worse.....

Re: Verified Microsoft Publisher

Reply #5
This is expensive for developers. Is it really worth your peace of mind? Do you want to pay the yearly signing fees instead?

I currently pay Apple $99/year for the privilege of being able to sign my macOS binaries. This is way cheaper than any Authenticode certificate I've ever bought. Well, excluding StartSSL, but to heck with them.

Re: Verified Microsoft Publisher

Reply #6
A status update on this,

I am currently working with Microsoft to get foobar2000 published on the Windows Store, so you will be eventually able to get it there - without warnings and with content delivery security guaranteed by their system.

As for classic code signing, it wasted significant amount of my time (that could have been spent on improving the software instead), and in the end we got the smartscreen warnings again despite of code signing in use, without a clear reason.

Regarding costs, I don't mind spending $100 a year or even more as long as it actually improves the user experience - but the last signed installer I published was being treated worse than as if it was not signed at all.
Microsoft Windows: We can't script here, this is bat country.

Re: Verified Microsoft Publisher

Reply #7
Awesome news,
will it also be possible to Beta Test on Microsoft Store?
install Encoder Packs, etc. ?