EV Certificates OUT, Code Signing IN

EV Certificates OUT

What was once considered a great idea to secure web sites, EV certificates would provide extended validation for companies and a nice green label for verification.

This has now proven to be more of a marketing ploy to get better search results. The browsers are on to this and will no longer show the EV certificate banner next to a URL:

• Firefox Announcement
• Chrome Announcement

Since there doesn’t seem to be a point to continue to use EV certificates, these will be removed from our sites in the coming weeks.

Code Signing IN

Code Signing is a way to validate the source of Windows executables. For many years this was seen as another marketing gimmick and added marketing cost.

Every couple of times a year a virus checker will deliver a false positive and will take the following actions:

• disable the file
• delete the file
• deny a download

This proves costly to the customer when our software is forcibly deleted. Inevitably the virus manufacturer will realize the error, update their signatures and move on, leaving a destruction in it’s wake.

The revelation came when we found that signed code executables are weighted differently than unsigned code. By signing our executables (including the download installer) we can better our odds against a false positive strike from a virus checker.

Going forward, all future versions of our software will be code signed (EXE, DLL & CGI).

Many thanks to all for your support and feedback!