zim-wiki team mailing list archive
Mailing list archive
Re: Zim Desktop Wiki 0.66 for Windows is ready to download
Thank you for looking into this and sharing your Microsoft
As far as I can tell, you are looking at the process where Windows
authenticates the source of an executable. This is not relevant to
Getting a proper certificate to sign software so that Windows recognizes
the cert that was used to sign it always costs money. I'm not willing to
spend my money or the project's money on this process, when other
operating systems have different processes whereby you can publish
signed applications without paying money.
Additionally, if I'm not mistaken, ALL versions of Windows continue to
allow end-users to install ANY Windows applications they choose, whether
they are properly signed or not, provided the end-user has sufficient
local rights to do so.
We will not be signing our releases to make them authenticated in the
Windows install process unless someone else wishes to take over the Zim
for Windows release process from me. I feel it's not worth the price and
it's not necessary.
What I AM concerned about but have no energy to fight with is the
number of ANTI-VIRUS tools out there that claim that Zim's installers'
components (the NSIS installer script builder and the PortableApps.com
launcher) are malware. As these malware accusations are made against
the Zim packages, I am no longer signing the releases with my (free-of-
cost) GPG key, due to the fear-uncertainty-and-doubt involved. If YOUR
anti-virus solution does not detect the installer as malware, and YOU
decide this is a safe course of action, YOU should install my package
and use it.
If someone wants to pick a fight with the anti-virus tool vendors
that accuse NSIS and PortableApps.com of being malware, they're
welcome to try it. I can provide details of the accusations that need
to be disputed.
On Wed, May 10, 2017, at 17:57, Marcio Segura wrote:
> I contacted Microsoft about this issue and following is their answer: