upvote

points

by KronisLV15 hours ago |
comments
upvoteby GeekyBear14 hours ago|
next
[-]
To avoid having your application blocked by Windows SmartScreen, you need to pay extra for an extended validation code signing certificate. A normal code signing certificate is not sufficient.

Here's an eight year old Stack Overflow discussion of the issue:

> A guaranteed way to immediately and permanently get rid of the Microsoft SmartScreen warnings is to buy an "Extended Validation" (EV) code signing certificate from one of the Microsoft-approved certificate authorities (CA's), and to sign your app with that EV certificate.

Such an EV certificate will typically cost you somewhere between 300 and 700 USD per year (you better compare prices), and will only be issued to registered businesses. If you're a single developer, you must be a sole proprietor and have an active business license.

https://stackoverflow.com/questions/48946680/how-to-avoid-th...

reply
upvoteby mattbee12 hours ago|
parent|
next
[-]
Microsoft say it's no longer true that EV certificates get special treatment:

https://learn.microsoft.com/en-us/windows/apps/package-and-d...

The only option to avoid a SmartScreen prompt from day 1 on Windows is to distribute through Microsoft Store, end of story.

If you sign it yourself, via Azure or your own $200/year cert, you will get a SmartScreen prompt initially, but the prompt will stop appearing once the file hash has sufficient download history. There is no exact threshold, but it can take several weeks and hundreds of clean installs from a wide audience.

This is from https://learn.microsoft.com/en-us/windows/apps/package-and-d...

reply
upvoteby hermitcrab14 hours ago|
parent|
prev|
[-]
I have an OV cert for Windows, which is expensive enough. I just make sure to do a snapshot release using the new certificate to existing customers (through my newsletter and forum) a while before using it for new customers. That way there is time for the scary warnings to go away before any new customers see them.

Digital certificates providers are basically checking your id (mostly automted) and multiplying 2 prime numbers together. Then charging you several hundred dollars. A 1 year Sectigo certificate EV with USB key is $431.99. Nice work if you can get it.

I wrote this back in 2008:

https://successfulsoftware.net/2008/02/27/the-great-digital-...

But it has got much worse since then.

reply
upvoteby tclancy14 hours ago|
prev|
[-]
Don't be fair. I finally signed up for an Apple Developer Account and it took weeks and I think it took weeks because I finally decided the system wasn't accepting my Driver's License uploads on my (Apple) phone because the camera's light was hitting the hologram which was reflecting back so I moved my application process to my (Apple) laptop and tried there and that's where I fell into a gully, as best I can tell: I somehow, in spite of using the same document throughout with my literal government-supplied ID on it that doesn't change, wound up in two competing applications. One of them seemed to succeed, the other one seemed to fail. On the plus side, they took my cash. On the downside, they did not give me what I bought and it took a couple weeks of re-uploading my PII, which in no way will ever bite me in the ass, to sort it out. All so I could get some vibe-coded slop I created onto my phone.
reply