We didn’t form a company yet, we’re just two guys in a partnership ready to launch our app. But my avast (and, most probably, all other anti-virus systems) advices not to download the app since it comes from an Unknown Publisher. Is there an easy trick to bypass that?

Searching for an individual certificate, I came over http://msdn.microsoft.com/en-us/library/ie/ms537361(v=vs.85).aspx (our app is coded in VB.NET)

“The value of an individual software publishing certificate is in the information it provides to users so they can decide whether or not to download the code. Knowing who authored the code, and[color=#b22222] that the bits have not been altered from the time the code was signed to the present, is reassuring information.”

If it’s about ‘[color=#b22222]bits not being altered from the time the code was signed to the present‘ the software publishing certificate is worthless in our case (and in each instance where software needs to be updated). I still don’t understand as to how thousands of penniless kids -- that obviously never formed a company -- publish their apps (and there are tens of millions of downloads of that kind of apps!).

What does it take to (A) make Joe comfy with downloading our app despite his anti-virus crying wolf or, even better (B) please the anti-virus to the point it’ll stop crying?

We didn’t form a company yet, we’re just two guys in a partnership ready to launch our app. But my avast (and, most probably, all other anti-virus systems) advices not to download the app since it comes from an Unknown Publisher. Is there an easy trick to bypass that?

Searching for an individual certificate, I came over http://msdn.microsof...1(v=vs.85).aspx (our app is coded in VB.NET)

“The value of an individual software publishing certificate is in the information it provides to users so they can decide whether or not to download the code. Knowing who authored the code, and[color=#b22222] that the bits have not been altered from the time the code was signed to the present, is reassuring information.”

If it’s about ‘[color=#b22222]bits not being altered from the time the code was signed to the present‘ the software publishing certificate is worthless in our case (and in each instance where software needs to be updated). I still don’t understand as to how thousands of penniless kids -- that obviously never formed a company -- publish their apps (and there are tens of millions of downloads of that kind of apps!).

What does it take to (A) make Joe comfy with downloading our app despite his anti-virus crying wolf or, even better (B) please the anti-virus to the point it’ll stop crying?

Most freeware developers don't sign PC applications at all or use their own certificates and many users will accept it despite the warnings they recieve when trying to run it, It might be a good idea to explain why the app isn't signed by a third party on the download page though, If you are doing opensource development you can get a free trusted certificate from certum.eu (Their registration form is in polish though so you might need to use google translate), If you're selling the app then you should just buy a certificate, you can get them for around $300 per year so its not a huge cost.

This is not a Production / Management question. I'm thinking it's kind of a technical question. Moving it to a more appropriate forum (not sure which until I get the Move To list).

Really, deployment isn't really networking and multiplayer, either...
I'd rather think it's production :-)
I'll just let it rest here, though. If you want to release software for money, you pretty much have to buckle down and buy a software signing certificate for several hundred dollars :-(
The good news is that you can re-use it for multiple titles. The bad news is that it needs renewal every one or a few years.

The Windows 8 Consumer Preview suggests that things will get even worse for unsigned applications - whilst it's still straightforward to force it to download anyway, the UI makes it less obvious IMO. From what I've read, even signed applications will still be seen as untrusted if they haven't been downloaded a large number of times. On the flip side, it will be such a common issue that users will soon learn just to click to download them anyway.


(Although with Windows 8, presumably there'll also be the way round it to distribute on MS's download site, paying $99 a year for the privilege, and letting them take 30% of any revenue ... yeah, I don't like where things seem to be heading.)

I still don’t understand as to how thousands of penniless kids -- that obviously never formed a company -- publish their apps (and there are tens of millions of downloads of that kind of apps!).

Because they don't bother with signing anything on Windows, and plenty of people ignore the pointless Windows warnings.