Last time I installed PG 3.100 I got a warning (from WinXP Pro SP2) that PG is "unsigned" and I should be careful about installing "unsigned" software. Being the trusting (gullible?) sort when it comes from DCS, I installed anyway and all appears to be well. However, it would be more comforting for new customers/etc. if they didn't get this ominous warning from MS when trying to install a core security software kit. What does it take to "sign" the software and are there any plans to do so?
I don't know what it takes to get "signed", but when I run Autoruns I see that most of my third-party apps (including BOClean and Outpost Pro) are unsigned. From Autoruns' help file: "The Verify Signatures option appears on systems that support image signing verification and can result in Autoruns querying certificate revocation list (CRL) web sites to determine if image signatures are valid. Autoruns displays the text "(Not verified)" next to the company name of an image that either does not have a signature or has a signature that is not signed by a certificate root authority on the list of root authorities trusted by the system." Nick
Hi DigitalMan, Nick has stated the answer as to what signing is but maybe I can add a little. AFAIK the signing process is a time consuming & expensive process, probably out of reach to small developers such as those mentioned. Look at the amount of buggy & cracked software out there, especially main line programs that are certified. I personally don't give a fig for the certification and would rather buy from developers that are trusted or known to be trusted. Especially regarding my security apps. Pilli
I actually tend to think of that notification screen as a GOOD sign... I've had more problems with drivers that were signed than those that were not. (that is, however, purely personal opinion/experience, all standard disclaimers apply.)
Thanks for the explanations. I suspected it was time consuming/expensive. I've had problems with singed drivers myself.
If you get fed up with these pop-ups you could try running Merijn's 'ADS Spy'; that will enable you to get rid of the annoying 'Zone Identifier' alternate data streams that attach themselves to a file in SP2 everytime you download something executable from the internet. Without the ADS you should have no warning pop-up.