• Welcome to the new forum! We upgraded our forum software with a host of new boards, capabilities and features. It is also more secure.
    Jump in and join the conversation! You can learn more about the upgrade and new features here.

BeerSmith2 Update – “System Warning” no publisher verification?

ipso

ipso

Apprentice
Joined
Jan 19, 2012
Messages
17
Reaction score
0
Location
Santa Monica
I launch BeerSmith2 (Windows) and I get a helpful reminder that a new version is available.  I select [Yes] and the download page (http://beersmith.com/download-beersmith/) is launched in my default browser.  I download the appropriate Windows update file (“BeerSmith2_Installer.exe”) to my c:\temp directory.  When I go to launch it, I get the standard “System Warning” below that the publisher has not been verified. 

dorkBSinstall.jpg


Why?

Traditionally, over the years, and with countless apps, I’ve just shrugged and installed it anyway.  But I’ve had plenty of Tabasco on my eggs this morning and I’m having none of it.  Why is this file not verified?  When a system prompts me to install updates I have not requested, I always think to myself, “Gee – if I were a hacker that is exactly how I would have people install my blackness.”

- Maybe Microsoft charges developers to have files verified and it’s just not worth the cost?
- Maybe it’s verified, but my XP-SP3 OS is so old and incongruent with some new standard?
- Maybe the downloaded file was somehow corrupted?
- Maybe it’s not the correct file, and the system warning is valid?
- Maybe patches are never verified – only fresh installs?

Inquiring minds would like to finally resolve this one, if there are any knowledgeable developers out there.  The question is much larger than just BeerSmith2, however.

On behalf of one and all, thank you for your time and effort!
 
I've not checked on this in a while but the last time I looked into this it was well over $1000/year to get a certificate to sign your code.

I thought that was a bit much...

However, I just did a quick google search and it looks like Microsoft has a new system called Authenticode that might be a bit cheaper (closer to $100/year).  To be fair I probably need to revisit this - so I've added it to my "to do" list to see if I can get a reasonable code signing solution added.

Brad
 
Thank you for the explanation.  I figured it was probably a Microsoft cash cow.  Or worse yet, some kind of huge time-sync effort such that it’s over $1,000 in just your time to get it done and implemented proper.

Like me.., this forum information may be all the people need.  ;)
 
Ok,
  I just published a "signed" version after finding someone that would do it for a reasonable price and going through the certification process.  BeerSmith for Windows is now signed with a proper certificate if you grab it from the main download page.

Brad
 
You must log in or register to reply here.
Back
Top