Factorio Windows executables now undergo code signing (opens in new tab)

(wiki.factorio.com)

4 pointsxvv6mo ago4 comments

4 comments

You get an EV code signing certificate, you sign your binary, no more annoying Windows Defender popups. I fail to see what is so special about this? Are people confusing this for some DRM measure? If you want to strip the signing from the binary you can. Not really sure what good that would do though.

altairprime6mo ago

It likely prevents watching the game to cheat Steam achievements, if nothing else:

https://www.reddit.com/r/factorio/comments/1k4cpc7/factorio_...

jsiepkes5mo ago

Even if Steam checked the signature of the binary (which I don't think it does) it would be trivial to modify Steam to approve a binary without a signature. There is no chain of trust here. The integrity of Steam is not being guaranteed.

If you wanted to implement that you would need to A) Enforce secure boot is enabled, so you have guarantees the Windows kernel hasn't been tampered with B) Have a Windows (signed) kernel driver which verifies the Steam installation C) Have the Steam installation verify the Factorio installation.

That is why games like Battlefield 6 have these draconian requirements requiring secure boot and TPM2. Because you need a chain of trust all the way from the top (firmware) down to your software.

b_lax6mo ago

Exactly

j / k navigate · click thread line to collapse