The Insanity of Code Signing Certificates on MacOS and Windows

This is really a racket by Microsoft and Apple

suseboy

The best video about code signing certificates to date, in existence, period.

liqube

Thanks for your thoughts on this. I've been trying to figure this stuff out for a few weeks now and find it thoroughly frustrating.

jeremyFaden

I share the same frustrations. I did this process because I already developed an app and it spent so much time, effort and money for this stupid certificate. This took me longer than develop the app. This process made me so I just wanted to launch a simple app.

NirFeinstein

Wow. Was getting ready to ship an Electron app today and had no clue code signing was going to be this much of a shit show. Not sure what I'm going to do at this point...

ibrickstudios

1. Codesigning cerificates for open source developers cost $20 per month, eg. offered by Certum and you can confirm it remotely by scanning your ID Card. Without going to post office.

2. The reason of Code Signing is not only to prevent swapping, but to confirm the identity of the developer. Nobody will digitally sign a virus, if his REAL NAME (verified by certificate issuer) is visible to everyone. Signing on linux doesn't show your real name (you can put anything there).


Code signing on windows is required for software running in Kernel Mode. Do you really want an app (eg. a driver) running in Kernel Mode (full access to RAM of every app, etc...) to be published by someone without known identity?


3. EV certificates gives you full reputation in Windows Smart Screen and if your app is not "suspicious" (to some Microsoft filters....) it won't trigger the warning. I AGREE that the EV thing is BAD and BROKEN. But an EV certificate costs about $300 (eg. offered by Comodo or Sectigo).

adammalinowski

Great angry rant! Very enjoyable as I'm dealing with this shit right now. Let me add a rotten cherry to this shit cake: when you pay for the EV certificate, you may get it on a Gemalto/Thales SafeNet token. That's very neat, except when your entire CI workflow is in customer's private cloud thousand miles from you (or wherever). Then you have to build your app through all your clever automations and tests but then you need to download it to your local computer and manualy sign the release. That's how you get supply chain attacks and that's why we can't have nice things.

miroslavhoudek

The reason why a code signing certificate costs more than a let’s encrypt certificate is that human time cost money. It’s easier to check a domain then it is to check a human being. With the domain you can check with automation. With a human being or a business entity you need to verify with other trusted sources, like Dun and Bradstreet,

docjava

I can't even figure out how to sign my app. tf

bloodaid