PG 3.100 - unsigned?

Discussion in 'ProcessGuard' started by DigitalMan, Dec 20, 2004.

Thread Status:
Not open for further replies.
  1. DigitalMan

    DigitalMan Registered Member

    Joined:
    Sep 9, 2004
    Posts:
    90
    Last time I installed PG 3.100 I got a warning (from WinXP Pro SP2) that PG is "unsigned" and I should be careful about installing "unsigned" software. Being the trusting (gullible?) sort when it comes from DCS, I installed anyway and all appears to be well.

    However, it would be more comforting for new customers/etc. if they didn't get this ominous warning from MS when trying to install a core security software kit.

    What does it take to "sign" the software and are there any plans to do so?
     
  2. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    I don't know what it takes to get "signed", but when I run Autoruns I see that most of my third-party apps (including BOClean and Outpost Pro) are unsigned. From Autoruns' help file:

    "The Verify Signatures option appears on systems that support image signing verification and can result in Autoruns querying certificate revocation list (CRL) web sites to determine if image signatures are valid. Autoruns displays the text "(Not verified)" next to the company name of an image that either does not have a signature or has a signature that is not signed by a certificate root authority on the list of root authorities trusted by the system."

    Nick
     
  3. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi DigitalMan, Nick has stated the answer as to what signing is but maybe I can add a little. AFAIK the signing process is a time consuming & expensive process, probably out of reach to small developers such as those mentioned.

    Look at the amount of buggy & cracked software out there, especially main line programs that are certified. I personally don't give a fig for the certification and would rather buy from developers that are trusted or known to be trusted. Especially regarding my security apps.

    Pilli
     
  4. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I actually tend to think of that notification screen as a GOOD sign... I've had more problems with drivers that were signed than those that were not. (that is, however, purely personal opinion/experience, all standard disclaimers apply.)
     
  5. DigitalMan

    DigitalMan Registered Member

    Joined:
    Sep 9, 2004
    Posts:
    90
    Thanks for the explanations. I suspected it was time consuming/expensive. I've had problems with singed drivers myself.
     
  6. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    If you get fed up with these pop-ups you could try running Merijn's 'ADS Spy'; that will enable you to get rid of the annoying 'Zone Identifier' alternate data streams that attach themselves to a file in SP2 everytime you download something executable from the internet. Without the ADS you should have no warning pop-up.
     
  7. PG#1

    PG#1 Guest

     
Thread Status:
Not open for further replies.