-
Notifications
You must be signed in to change notification settings - Fork 8
Description
On Windows 8.1 and Windows 10 TP a SmartScreen warning is fired for Omni Core. Some browsers furthermore appear to show download warnings.
This is the default behavior I observed on several fresh systems.
Trust needs to be gained, so this is no surprise. The process however is a bit fuzzy and reputation appears to be build over time, based by user behavior, whether applications are flagged as malicious or not, [...] Providing signed files seems to play a signitifant role.
It looks like a shortcut exists to gain instant reputation, to quote:
Programs signed by an EV code signing certificate can immediately establish reputation with SmartScreen reputation services even if no prior reputation exists for that file or publisher. Other factors are considered when generating reputation and determining product experiences and EV-signed programs will be closely monitored over time.
Microsoft accepts standard code signing and extended validation (EV) code signing certificates from Symantec and DigiCert.
To my surprise actually, extended code signing even requires the use of a hardware token generator as second authentication factor. The certification comes at the cost of $449.00 (DigiCert) to $795.00 (Symantec) for 1 year plans:
- https://www.digicert.com/code-signing/ev-code-signing.htm
- http://www.symantec.com/theme.jsp?themeid=extended-validation-code-signing
General information:
Also interesting and related:
