-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Windows SmartScreen warning #300
Comments
Thanks @dexX7 - as you say I believe as more and more users download we would gain trust - probably just enough right at the point we release a new version and the whole process begins anew :p For the time being I guess users will need to override this - I don't think our target audience is non-technical users and overriding 'assumed malicious' downloads must be fairly common knowledge by now seeing as the trend in the security space has reversed approach to "whitelist known good stuff" instead of "blacklist known bad stuff" (ie security software assumes it's bad until proven otherwise). |
P.S. I take more of a conspiracy theorist view hehe - by automatically flagging any new (call it unknown but it's pure marketing semantics) software (not suitably signed as per above) as "potentially malicious" you effectively push the majority of developers through a grandfathering process to the Windows App Store deployment where your app will be "verified" and "you'll have none of these problems" related to warnings of malicious content. Long story short - deploy software to your users the 'traditional way' and Microsoft gets nothing, deploy via Windows App Store and Microsoft get 30%. EDIT: Sorry sounds like a rant hehe - I just have a chip on my shoulder about desktop computing being the last bastion of computing where freedom still reigns and what software you are able to run is not decided for you by Apple/Google/Microsoft. :) |
Haha, don't get me wrong, this is no attempt to push Omni Core into the MS App Store, but I mentioned it, because the criteria are well defined and where I was basically getting: what gets into the App Store has no SmartScreen warning, therefore this may be helpful to get rid of the warning. ;) I stopped at this point, to dive into the app crash error, but it's probably worth to gather more information how "reputation" can be gained, e.g. if it's possible at this stage, whether we'd need to seperate further from the orginal Bitcoin Core, ... |
On Windows 8.1 and Windows 10 TP a SmartScreen warning is fired for Omni Core. Some browsers furthermore appear to show download warnings.
This is the default behavior I observed on several fresh systems.
Trust needs to be gained, so this is no surprise. The process however is a bit fuzzy and reputation appears to be build over time, based by user behavior, whether applications are flagged as malicious or not, [...] Providing signed files seems to play a signitifant role.
It looks like a shortcut exists to gain instant reputation, to quote:
http://blogs.msdn.com/b/ie/archive/2012/08/14/microsoft-smartscreen-amp-extended-validation-ev-code-signing-certificates.aspx
To my surprise actually, extended code signing even requires the use of a hardware token generator as second authentication factor. The certification comes at the cost of $449.00 (DigiCert) to $795.00 (Symantec) for 1 year plans:
General information:
Also interesting and related:
The text was updated successfully, but these errors were encountered: