Perhaps slightly off topic but here goes .....

I just created a new standalone application to run FM3 independently of my
main app and it occurred to me that this should be signcoded.

Has anybody given thought to exes such as Styler.exe in Capesoft's Makeover
and other 3rd party exe's.

Just a thought as we tend to concentrate on our own products and forget
about others perhaps.

John Fligg

John,

I've being using such independant exe's for FM3 (local and odbc) for a long
time and I simply code sign them in my SB installer .... and all is fine
Regarding other exe's you can have to send ....sign them and all should be
perfect except if Bruce signs his exe's :)

JP

--
Merci - Thank you

JP

Since that I have found 2 other common exe's that need it I guess ......

Autonet.exe and TPSFix.exe

Easy to do in SB but just realised how easy it is to miss these things. I
will put out a general 3rd party message also to get other views.

Thanks

John

topscan also ....
but I leave alone the SV exe's as after all if they want to be recognised
they can sign their exe's ...should be easy enough
Plus signing other vendors exe's is maybe not what ethics would recommend
....
but at the same time if you really need to be safe - signing them is better

vicious M$ circle again ? <BG>

JP

--
Merci - Thank you

JP

> topscan also ....
> but I leave alone the SV exe's as after all if they want to be recognised
> they can sign their exe's ...should be easy enough
> Plus signing other vendors exe's is maybe not what ethics would recommend


Actually I disagree here.

If you are distributing the exe's with YOUR product - then YOU are the
"vendor" as far as the customer is concerned.

But more important is this:

When you need to run one of those exe's to interact with your program, then
Vista will ask the customer if they want to trust an unsigned app from an
unknown vendor.

They will of course say NO - and then YOU take the blame because your
program does not run properly (even though you planned for it to do so by
interacting with the other tools).

IMHO you should always sign anything that you are distributing and that
runs under the control of your program.

It promotes trust to your customer and helps avoid confusion.


Their logic is simple:

If you trusted this exe enough to install it on their PC, then you should
be willing to sign for it.



;-)

Charles


--
-------------------------------------------------------------------------------------------------------
Charles Edmonds

www.clarionproseries.com - "Serious imaging tools for Clarion Developers"
www.ezround.com - "Round Corner HTML tables with matching Banners, Buttons
and Forms!"
www.lansrad.com - "Intelligent Solutions for Universal Problems"
www.fotokiss.com - "World's Best Auction Photo Editor"
-------------------------------------------------------------------------------------------------------

Charles,

This means that if you supply me with a spammer exe then I must say it's
mine ?
<VBG>

Of course i'll sign your checks Charles .... :)

You are right

JP
--
Merci - Thank you

JP

> This means that if you supply me with a spammer exe then I must say it's
> mine ?
> <VBG>

But of course!


> Of course i'll sign your checks Charles .... :)

;-)

> You are right


Well there is another part of this that we have not talked about.

When developers includes an executable with their distribution - they
really DO need to trust the "tool maker" where it came from.

With mainstream suppliers or well known faces like we have in the Clarion
group - this is not a big deal.

But when we start bringing in non-Clarion components (especially low cost
ones) from vendors that are small or seem unknown, then we really have to
be careful that "we" are not the ones spreading a virus.

If you think about it - it would be easy for a spammer (or someone with bad
goals) to write a nice component and sell it cheap so that it became a
favorite that was widely used.

Then perhaps a YEAR or more later, this Trojan Horse type application
"wakes up" to do its evil work.

In the interim - developers would be asking each other for opinions and
getting good reviews because no one had ever had a bad experience.

Then one day all hell breaks loose, the company who sowed the seeds is no
where to be found ... and all of us take the blame because it was "our"
programs that spread the problem.


Gives one something to think about doesn't it?

;-)

Charles


--
-------------------------------------------------------------------------------------------------------
Charles Edmonds

www.clarionproseries.com - "Serious imaging tools for Clarion Developers"
www.ezround.com - "Round Corner HTML tables with matching Banners, Buttons
and Forms!"
www.lansrad.com - "Intelligent Solutions for Universal Problems"
www.fotokiss.com - "World's Best Auction Photo Editor"
-------------------------------------------------------------------------------------------------------

Charles,

That is why I stay longer in the tub then you <BG>

I wanted to introduce a new utility to all and it will be cheap and it is
fantastic and it is essentially needed by devs etc ....damned, now I cannot
launch my product! :)

Again correct Charles

JP

--
Merci - Thank you

JP

> That is why I stay longer in the tub then you <BG>

Do that too long and you'll look like a prune<g>.

Of course given the average age of Clarion programmers - I suspect that
more of us look more like prunes than peaches!

;-)

Charles


--
-------------------------------------------------------------------------------------------------------
Charles Edmonds

www.clarionproseries.com - "Serious imaging tools for Clarion Developers"
www.ezround.com - "Round Corner HTML tables with matching Banners, Buttons
and Forms!"
www.lansrad.com - "Intelligent Solutions for Universal Problems"
www.fotokiss.com - "World's Best Auction Photo Editor"
-------------------------------------------------------------------------------------------------------