The current poll is asking users if they would be interested in a code-signed version of QuickHash. Of the votes cast so far, several people have answered with “I don’t understand the question” so, I hope to try and make it clearer.
In recent times, operating systems like Windows 10, Apple Mac OSX and malicious software detection tools like AVG, Kaspersky, Norton and Windows Defender take a dim view of executable files that are “not signed”. What this means is that the operating system cannot be sure sure that the program being run is safe, because it does not have a registered signature that it can use to say “Ah yes, we know this program. It is made by Ted and is safe”.
As a result, users get messages like this, in Windows 10, that they have to overcome by clicking a few extra link :
The security minded amongst you might be interested in ensuring, for sure, that the program you are running is safe by the standards of Microsoft, OSX, AVG and others. To do this, developers can sign their software executables using a specially purchased file called a ‘code signing certificate‘. So when a developer like myself compiles the latest version of a program, he signs it using the code signing certificate and then makes it available. When a user then downloads the program and tries to run it, Windows (etc) will report “Published : Ted Smith” instead of “Publisher : Unknown publisher”. In fact, it won’t even show this message at all unless the user specifically requests to do so.
Apple Mac OSX has a similar issue and even Linux is happier with code signed packages.
However, to achieve such trust requires the developer to buy a certificate that is registered to them from a code signing certificate authority like GlobalSign. The cost of such a certificate varies between about £250 to £300. If I were selling QuickHash, there would be no issue. But I’m not – I’m giving it away. But, if I pay £300 of my own money to enable me to provide you with a code signed version of the program, I think it is quite reasonable to ask users how much they might be prepared to pay for that security blanket of a code signed version of the program. I’m a fair and reasonable man, but my costs are already high enough – Amazon AWS web hosting fees are costing me enough money as it is!!
So the poll is asking exactly that – how much would YOU be prepared to pay for a code signed version of QuickHash, or are you not prepared to pay anything and would like to just keep using the unsigned version? If nobody replies to say they’d be prepared to pay a little, I won’t waste my money buying a code signing certificate and no code signed version of QuickHash will surface. But if a fair number of users do express interest and are willing to pay a few pounds\dollars for it, and interest seems moderate or high, then I might consider it.
Either way, a free unsigned version will remain available.
That, I hope, explains the poll question.