Ekstatische Lyriken Pinnwand

...and let's not forget "signed code."

written by Pj on Monday September 17th, 2012 -- 3:19 p.m.
in reply to Make-Believe Security

edit this message - return to message index
(only moderators may edit messages)
Tried the Windows 8 preview yesterday and the day before.  It's really not bad.  My only complaint was that the "hot corners" were a pain in the ass to use, but after two days I was pretty much used to that as well.  I'd keep using it were it not for all of the other reasons I don't use Windows.

Anyway, while using it, I downloaded my game and found that they've taken the usual security alert that everyone has learned to ignore one step further.

Previously the way it worked was that when running the program you'd get a nice pop-up with an attention-getting yellow area warning you that the program may be a potential risk, and asking if you still want to continue.  I never saw this as much of a problem.  Random shit downloaded from the internet is a potential risk.  The window seemed to make it clear enough that the problem isn't anything with the program, but rather, just that it's a possibility, and it easily let you bypass this and run it anyway.

Windows 8 still does that, but they've added a new "feature" as well.

Internet Explorer, if you don't allow it to enable "smart screen," will nag you about it every time you start it up, until you finally do.  So I enabled it.  Something else, related to a little flag icon in the bottom-right corner of the desktop also desperately wants you to enable this system-wide, and so I enabled it there as well.  I then went to download the game, using internet explorer.  I then opened the zip file in Internet Explorer (just double clicking on the file in the downloads list) and then double-clicked the executable within it. 

At this point, the entire screen dims, and a message appears: "Windows has protected your computer!"

There's no option displayed to run it anyway.  Just an "OK" button.  There is a "more info" link and, if you click it, all it does is tell you that the program is from an "Unknown Publisher," and from what I read on the internet, if the executable isn't signed by a certificate from a trusted certificate authority, there is no way to get it to display anything else.  It then gives you the option to run it anyway, but as it doesn't admit to the fact that it doesn't actually know anything about the program and therefore hasn't actually "protected your computer" as it has claimed, why would anyone click that?

This just entirely pisses me off.

Exactly how do signed executables protect computers from malware? Norton Antivirus is (I assume) signed, and it's essentially a piece of malware, in that it often ends up on your system without you knowing how it got there and it's difficult to remove.  Adobe Flash is (again, I assume) signed, and it's seemingly always vulnerable to a remote exploit of some sort or another, and so even if the authors didn't intend for it to do bad things to your system, it may well do bad things anyway.  So how exactly does making people afraid to run unsigned code improve the security of computers?

I looked into what it costs to get one of these certificates.  It's $200 a year, with no guarantee that it'll make Windows Smart Screen shut the fuck up.  ...and it's a bit of a mess too.  I found another provider willing to give them out for $100 a year, but I found no obvious way to determine who can and can't give me a certificate that will make things like Windows Smart Screen and Norton Antivirus stop telling people that my game is some sort of malware.  So if I wanted to go this route, not only to I have to waste money on something completely pointless and stupid, but I also have to waste time figuring out who offers the lowest prices for the things, then waste more time trying to decide who seems the most trustworthy and least likely to just give me a certificate that Windows and Norton don't deem trustworthy.

Again, I wonder why people can't just download it, and when they run it, click some "it's a game" button, and just rely on their system to prevent it from doing anything a game shouldn't be doing.  People just shouldn't have to trust software that they want to run.  Their computers should be able to run it in ways that it can't do any damage. 

...but again, making that happen would be difficult.  It's much easier to just make people afraid to run unsigned executables and receive hundreds of dollars per year from anyone who doesn't want the scary messages to appear when people run their software.

The really stupid thing about this is that Windows XP already has the ability to run programs in a safe way to some extent.  One day when using it I right-clicked on the executable and found an option to run it in some special way that was indicated to prevent it from doing any damage.  So I deleted the cache directory and that my game stores its settings in, and then ran it using that option.  The game seemed to work just fine, yet the directory and file didn't reappear, indicating that Windows prevented it from accessing the filesystem.  So the necessary functionality already exists to some extent.  It just needs some work as, for example, when my game connects to my test server, the textures are loaded in such a way that if it can't actually write them to disk first, they won't load at all, and so access to some means to store files would be ideal.  It just doesn't need access to the entire filesystem, and so it's stupid that people are expected to choose between giving it that access or not running the software at all.

...and that to me seems like the largest part of the problem.  When my newphew downloads random games, his only options are to give that software access to do anything he is allowed to do on his computer, or to not run the software at all.  It's just stupid that he isn't presented any choices between those two extremes, and it's also stupid that anyone thinks that signed executables are the solution to this problem.


return to previous message - return to message index

Your Reply

Name: No registration necessary. Simply choose
a name and password and type them in.
You may want to read the rules before you spend a lot of time writing something.
Plain Text - What you type is what you will see.
Some HTML - Use this if you are including HTML tags.
Pure HTML - Copies your post directly into the web page.
first, then