Software signing

We've received an email asking us to sign our installers and would like to make our position regarding this matter public:
We fail to see any reason to spend money on digital certificate.

There are two main reasons why certificates are worthless: 

  • 1. There is no real responsibility in what software is signed. You can sign a copyright protecting product or a virus certificate company won't care nor it will not carry any part of response for such actions.

  • 2. Signing a software will bring same annoying message "Do you really want to run this software". Windows 10, standard UAC settings. The only difference is a color.

Summing these two points: customers have absolutely same protection from signed or unsigned software. Developers have no gain in security or faster installing a product.

Thus, unless one of the problems above is not solved, we will not purchase a digital certificate.

If you know a good reason for using digital certificate, feel free to let us know.

Sincerely yours: SoftAmbulance team.

Return to the main page or blog index.