Developer keys and digitally signed code

[Rusky]

The downside for users is 10 minutes to find and download an alternative piece of software (followed by a life time of feeling safe from both malicious software and vendor lock-in).

Alternative software is hard enough to find on Windows. What makes you think that will ever be a viable solution on your OS?

[Brendan]

Hi,

The downside for users is 10 minutes to find and download an alternative piece of software (followed by a life time of feeling safe from both malicious software and vendor lock-in).

Alternative software is hard enough to find on Windows. What makes you think that will ever be a viable solution on your OS?

Because large monolithic blobs are hard to create and even harder to duplicate; while small pieces using open specs are far easier.


Cheers,

Brendan

[Antti]

what reason do you have to trust older software they've provided, and should they be able to continue to sell the "potentially also malicious" older version?

When the company wrote an application, "The Mission Critical Application", there were two trusted developers working for the company, one "Brendan" and one "Russell". They were (and still are) very trusted developers. However, after a while there was a serious company takeover and those two developers are not anymore working for the company. The new company order wants to destroy the life-time work of those two developers. Even it would be the end of the company.

Maybe there are no need to allow them to sell the old version anymore but it would be extremely important to make it possible to execute "The Mission Critical Application" because many people need it. In fact, those original developers want to keep it alive.

[Antti]

The other problem might be to reliably identify what is malicious and what is not. There are always corner cases and one false key revoking could be disastrous. It could acceptable if one application is wiped off (the one that is suspicious) but wiping off everything the company has ever written...

Unfortunately for me, you are likely to have the last word in an argument. It is your system and you can do whatever you want to. However, this issue is more than just a technical issue. This policy may be very crucial when it comes to making the system attractive (not just technically). Being absolute in opinion has strenghts and weaknesses.

I admit that there are advantages of having the deterrant. For me the disadvantages of having "no excuses" are just too important to be put aside. Please note that all this rant does not change the fact that your project is still the most interesting one.

[embryo2]

The only reason I trust any company (that I can think of) is the knowledge that if a company betrays its customers it will damage the company more than it will damage me.

Samsung was selling TVs with an ability to listen to any customer conversation, Apple is selling iPhones while requesting to enter your credit card number, Microsoft is selling Windows 10 with a lot of spying capabilities. And of course, there are many other examples. And of course, if the Microsoft or Apple or whatever do use your information in a malicious way, but just don't advertise such behavior, it doesn't mean they aren't betraying customers.

It is much better to understand the problem, to identify all ways they stole your information, to think about importance of your information and finally to decide how you can prevent some serious damage. When correct decision is made, the corporations, that betray customers, just never get the chance to exploit your important data. And also, you still can use their software (just because sometime it's hard to find a good replacement).

So, the world is dangerous, but you can live in peace if you know the problem and can fight it. But if you decide to escape all the time you see a danger, then your life is just miserable.