[c0l0]

As a wireguard user myself (even on the lone Windows machine that I still begrundingly have), I am happy that this problem could have been resolved. I am just wondering - if there had not been this kind of public outcry and outrage that Mr. Donenfeld discounts in his announcement message, would the issue have been fixed by now?

What are individual developers of "lesser" (less important, less visible, less used) software with a Windows presence to do? Wait and pray for Goliath to make the first benevolent move, like all the folks who got locked out forever from their Google accounts on a whim? Ha!

The fact of the matter is, the code signing requirements on Windows are a serious threat to Free and Open Source Software on the platform. Code signing requirements are a threat to FOSS on all platforms that support this technique, and infinitely more so where it's effectively mandatory. I firmly believe that these days, THIS is the preferred angle/vector for Microsoft to kill the software variety their C-levels once publicly bad-mouthed as "cancer", and zx2c4 is one of the poor frogs being slowly boiled alive. Just not this time - yet.

[sillysaurusx]

They would be ignored. Having an audience is key to getting problems solved, whether it’s a lone hacker or a large corporation. Without an audience, you have no leverage. At that point you might as well create a new Windows account and re-apply, since that would have more luck than getting around a “we’ve closed your account and there’s no appeal process” barrier.

If that sounds Kafkaesque, it is. It’s a small miracle that getting a post to the top of HN can surmount such bureaucracy at all.

The best way to get an audience is to tell a compelling story. Make it interesting. There are ways of doing that for even the least known developers.

My point is to push back against the idea that it should be fair to everyone and that what’s morally right should prevail in every case. The hardware developer program doesn’t exist to treat every developer fairly. They exist to make money for Microsoft. pg puts it more eloquently here: https://paulgraham.com/judgement.html

[elcritch]

It makes me think tech communities need to lobby for more laws to ensure fair access to platforms, app stores, etc. Be that at least side loading apps, etc.

Otherwise we’ll eventually all get lost in the kafkaesque technocracies.

Less for moral reading, but to keep from being squashed by the weight of tech.

[fsflover]

This is why orgs like https://eff.org exist.

[m-s-y]

But eff isn’t going to come to my aid if it’s isn’t a big story, like wireguard. We’re all just arguing circularly around the fact that companies with massive footprints can and do operate in a manner where it’s assumed that zero access is the industry standard for “normal users”

[fsflover]

I would still ask them, and even if they can't help, they fight for such rights for everyone.

[pixl97]

>tech communities need to lobby for more laws to ensure fair access to platforms

I'm surprised someone didn't reply saying this would affect the freedom of companies to do whatever they want, whenever they want.

[x0x0]

I got a modestly-similar situation resolved by buying a support package and spending 4+ hours across ... not sure, but probably 4-5 support calls? It's been 5 years. If memory serves it was the $200/mo support package for Azure.

In retrospect, I should have not spent 3 weeks trying to get their incompetent software to work and just gone straight to phone calls. And at least in my case, the support agents seemed broadly unfamiliar, but seemed to have access to higher-priority internal case submission which did finally get to someone who could fix my issue.

[NetMageSCW]

While this is a small problem for software (and hardware) that needs custom kernel drivers, or software that needs to run as administrator, you seem to have jumped a long way past that to rant about FOSS on Windows with no justification- general unsigned software works just fine on Windows as it always has.

[c0l0]

"works just fine on Windows as it always has" is just not true. These days, I cannot even run my own cross-compiled Go executables of a cross-platform tool that I am developing in private on Windows 10 or 11, because some blue popup from Windows Defender/"SmartScreen" prevents me from doing so, and tells me to contact the software publisher if I'd like to be able to do something about it. Outright disabling Defender/SmartScreen works around the problem (but the popup doesn't tell me that), and, presumably, signing these executables with a "trusted" developer certificate would make this outcome less probable - that is at least what people online have been telling me.

In my book (I started using computers during ther Windows 3.0 era), this clearly does not qualify as "working just fine on Windows as it always has", no matter how you spin it.

[noAnswer]

Do you download the cross-compiled executable via http or smb to the Windows machine? If so than it most likely got earmarked with a NTFS alternate data stream.

File Settings > This file come from another computer: Unblock

PowerShell > Unblock-File

Add your smb file share as trusted: Internet Properties > Security > Local Intranet > Sites

I hate it too that you need to sign software that you want to publish. Totally destroys the economics of little shareware type software.

[c0l0]

Thanks for this (and I actually learned about PS1's handy Unblock-File this very moment! :)), but I am aware of the "mark of the web"-stuff MSFT had introduced after realizing that an "attacker-controlled" filename extension alone is a poor safeguard against making a file executable ;)

For my specific problem/situation, the executable in question gets transferred to the target machine on a read-only UDF file system burnt onto a USB thumb drive. Other Golang executables from FOSS projects on the same filesystem execute just fine (I guess they have better "reputation", due to their hashes being registered with MSFT somewhere).