Friedrich - clearly the resident expert <g>

I am trying out some rival software. It is very old and is not code signed.
yet it installs and runs in Windows 8. If I create another user account it
is not there so only installing for one user.

However, I have spent all this money on Code Signing and yet a rival can
spend absolutely nothing and still have no issues.

Why should that be? I thought that Windows 8 was going to start restricting
this heavily.

I am trying to say my rivals software is not Windows 8 compatible but can
hardly do that if it runs on Windows 8 which is the only this the end user
cares about.

Thanks

John

John,

> I am trying out some rival software. It is very old and is not code
> signed. yet it installs and runs in Windows 8. If I create another
> user account it is not there so only installing for one user.

Well, you can still run "old" software on Windows 8. The operation system
detects it as a "legacy application" and executes the app in compatibility
mode. You can even use, say, the good old Clarion 5 on Windows 8. Why not
<g>. Clarion 5 is not code-signed, it's not UAC-aware and not Windows 8
compatible at all. But who knows if there are negative side effects with an
"old" application (e.g. registry or file virtualization; data loss; data
out-of-sync issues, etc.)?

The industry-standard is to install an application per-machine (not
per-user) so that all users on this machine have access to it. Users should
have their own set of application data and a true mixed-mode application
works fine in elevated and non-elevated mode.

BTW, a code signature tells customers that they are executing code from
someone whose identity has been checked, who takes over responsibility.
More importantly, it tells customers that the code has not been corrupted
since it was signed (e.g. by a virus infection).

I would never ever use non-signed software. We even have a group policy set
to not allow any non-signed software execute elevated (e.g. unsigned
installs). Quite a few companies are doing this.

Friedrich

Friedrich,

> I would never ever use non-signed software. We even have a group policy set
> to not allow any non-signed software execute elevated (e.g. unsigned
> installs). Quite a few companies are doing this.

Any chance for a detailed "how to" on this?

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Enhanced Reporting: http://CreativeReporting.com

Product Release & Update Notices
http://twitter.com/DeveloperPLUS

Windows 8 brings us "The Oval, Bumper Car, Roller Coaster of Wait!"

Lee,

>
> Any chance for a detailed "how to" on this?
>

See attached screenshot. You can set it in the Group Policy Editor.

When enabled, the UAC-aware Windows OS will refuse to run any executable
that is not signed with a trusted certificate. The setting is disabled by
default, which allows users to run any executable, including potentially
malicious software.

Friedrich

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

Helping You Build Better Installations
SetupBuilder "point. click. ship"
Official Comodo Code Signing and SSL Certificate Partner

Friedrich,

> See attached screenshot. You can set it in the Group Policy Editor.

Thanks. It's also available locally...

Lee White

LOL...

That was one of my first challenges in learning the new Windows 2000
paradigm.....

There's "group policy" on a standalone machine.... but the computer ain't in
no group! Whassup???

In the grand scheme of things, there's a whole hierarchy where items can be
configured or not at various levels. The order in which they're applied
matters, unless there's an "enforce" or "no override" parameter.
The order is local (what you set on your own machine), then Site, then
Domain, then Organizational Unit(s).

So "group policy" on a local machine may or may not be part of a "group"
policy...

On a Win7 box, you can see whatcha got and where it's coming from with
RSOP.msc

Jane Fleming