undefined | Better HN

0 pointsCineSnaccs9mo ago0 comments

I don't know how many people don't know this, but now you actually can't release app on Windows without it showing your warning while installing unless you sign it with EV certificates, which cost upwards of 500$ for a year.

As you may have guessed, this simply pushes out smaller devs. This used to NOT be like this. It should NOT be like this.

0 comments

wronex9mo ago

I would highly recommend looking into Azure code signing. It is confusing to set up. But comes with instant reputation and ”only” costs 10$ a month.

EV certificates has always felt like an utter scam and extortion to me. At least now there is an alternative.

rollcat9mo ago

Unfortunately Apple normalised it, first with the iPhone. There are upsides (theoretically - less trash apps), but the review/curation process doesn't scale, and yep - the small devs are effectively told to bug off.

10 years ago I wanted to build a Love2D game, and release it for the three major OS's. The .love files are effectively ZIP archives, kinda like cartridges, but you need the correct Love2D version (they broke API compat every year or so). Windows and Mac used to be: "cat love.exe game.zip > game.exe".

Linux gave me the most crap, because making a portable, semi-static build was a nightmare; you couldn't rely on distros because each one shipped a different version of love.

Now Linux is actually becoming more viable, not because it's making that much progress, but because the two mainstream platforms are taking steps back.

pjmlp9mo ago

No they didn't, signing was already common across Symbian, J2ME, Windows CE/Pocket PC, Newton, PalmOS, Blackberry, BREW.

And game consoles naturally.

rollcat9mo ago

All of these platforms combined had less global impact over their lifetime than iPhone has had in its first five years.

Apple is never first to do something.

1 more reply

prepend9mo ago

At least signing is free for MacOS apps. And back when I used it only $100/year for iPhone apps.

c-hendricks9mo ago

... where is signing free for macOS apps?

You can use an ad-hoc signature to sign, but people who download the app will still have to jump through hoops to run it.

simplyinfinity9mo ago

Good. This might suck for opensource devs, but for normies that might get a random exe link this is good. I've gotten numerous phone calls from relatives when they try to run some unrecognized app, most of the time is benign, but on few occasions it was something malicious.

conductr9mo ago

It's a heavy tax to protect the ignorant. I hear things like this and think how I've been using a computer for nearly 4 decades and it's never once happened to me. Maybe those types of people need to re-evaluate their technology choices (maybe iPad is more appropriate) instead of taxing the entire ecosystem to protect them from themselves.

simplyinfinity9mo ago

low income countries don't have the money for iPads. My parents run on a 300 Euro computer bought 5 years ago. My dad is technical enough to get around a computer, but he's in his 60s now. My mom can open Facebook and youtube. Sometimes either of them downloads stuff, and opens them. So your solution is "make millions consumers spend $$ on overpriced hardware and even more closed off system, so few hundred open source devs don't spend 500$ to verify their app (which they will have to do if they want to release on the iOS platform either way)" Ain't no way.

cwyers9mo ago

If you count the number of ignorant people who use Windows versus the people like you, you'll quickly realize the tax is very cheap for the level of protection it offers to the number of people it offers it to.

2 more replies

dec0dedab0de9mo ago

A popup warning is not a heavy tax.

hulitu9mo ago

> Good. This might suck for opensource devs, but for normies that might get a random exe link this is good

That random exe link is signed by Microsoft.

throwaway2909mo ago

Now I get why a project I work on is signed for Apple and not for Windows... 5x the price, jeez

j / k navigate · click thread line to collapse

0 comments

wronex9mo ago

I would highly recommend looking into Azure code signing. It is confusing to set up. But comes with instant reputation and ”only” costs 10$ a month.

EV certificates has always felt like an utter scam and extortion to me. At least now there is an alternative.

rollcat9mo ago

Linux gave me the most crap, because making a portable, semi-static build was a nightmare; you couldn't rely on distros because each one shipped a different version of love.

Now Linux is actually becoming more viable, not because it's making that much progress, but because the two mainstream platforms are taking steps back.

pjmlp9mo ago

No they didn't, signing was already common across Symbian, J2ME, Windows CE/Pocket PC, Newton, PalmOS, Blackberry, BREW.

And game consoles naturally.

rollcat9mo ago

All of these platforms combined had less global impact over their lifetime than iPhone has had in its first five years.

Apple is never first to do something.

1 more reply

prepend9mo ago

At least signing is free for MacOS apps. And back when I used it only $100/year for iPhone apps.

c-hendricks9mo ago

... where is signing free for macOS apps?

You can use an ad-hoc signature to sign, but people who download the app will still have to jump through hoops to run it.

simplyinfinity9mo ago

conductr9mo ago

simplyinfinity9mo ago

cwyers9mo ago

2 more replies

dec0dedab0de9mo ago

A popup warning is not a heavy tax.

hulitu9mo ago

> Good. This might suck for opensource devs, but for normies that might get a random exe link this is good

That random exe link is signed by Microsoft.

throwaway2909mo ago

Now I get why a project I work on is signed for Apple and not for Windows... 5x the price, jeez

j / k navigate · click thread line to collapse