this post was submitted on 07 Aug 2023
1094 points (97.2% liked)
Programmer Humor
19809 readers
239 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Because paying a few grand a year for a certificate somehow makes your software more trustworthy
The original Twitter checkmark
You're being sarcastic but even small fees immediately weed out a ton of cruft.
They also weed out a lot of legitimate software, especially if it's non-commercial.
I'm not saying there aren't downsides, just that it isn't a totally crazy strategy.
Well it at least is an obstacle. Broke hackers won't get it or will have to work harder to get around it.
That's the intention. In reality lots of genuine devs can't afford it, so people get accustomed to just ignore the whole thing.
Even more lols when you are gigabyte and your private key leaks. Also when you are gigabyte and your signed driver is used to privilege escalate malware.
And you can still bypass it if you put your software in a .zip
And that’s why certificates can be revoked, that’s the whole point, trust. It only costs a few hundred a year per Microsoft’s documentation and approved vendors so it doesn’t seem that much of an ask. At the very least you can look up the developer yourself, harder to do if the package has no identity associated with it
Gigabyte has entered the chat.