MoI discussion forum
MoI discussion forum

Full Version: V5 beta Apr-27-2026 folder privacy dialog

Show messages: All  1-7  8-10

From: Michael Gibson
5 May   [#8] In reply to [#7]
Hi Cuboctahedron, I'm kind of allergic to code signing, I view it as as pretty much a type of protection racket.

- Michael
From: Cuboctahedron
22 May   [#9] In reply to [#8]
Right. I don't think I'm going to change your mind, but the value is in the chain of integrity — you build and sign it, I download it over TLS, and I then know that I got a binary that the site intended to serve to me and that you intended to sign. It's not a perfect system by any means, but it is a useful component of an overall security strategy. That said, the issue here is just the practical one, where enough systems are starting to not accept unsigned binaries that it becomes more difficult for users. I do expect that we'll see more an increasing amount of pressure around this, as it has a real impact on security outcomes at population scale. The cheapest option currently is Microsoft's Artifact Signing process, which costs $10/month, plus of course however much of your time it takes to get it working: https://learn.microsoft.com/en-us/azure/artifact-signing/overview. Anyway, thanks much regardless!
From: BurrMan
22 May   [#10] In reply to [#8]
"""""I'm kind of allergic to code signing, I view it as as pretty much a type of protection racket""""""""""""""

Use code signing or the rabbit gets dog food! lol

Show messages: All  1-7  8-10