|
|
|
|
|
|
by mike_hearn
4313 days ago
|
|
|
Signing doesn't imply you are "legit", at least not much - it requires ID verification but in the absence of any hard rules about what's acceptable that's only useful in the most egregious cases, and anyway you can still run unsigned binaries. Signing is mostly useful to help reduce anti-virus false positives. AV systems learn binary reputations just like spam filters do. It doesn't matter if the app goes off and downloads another program for this purpose - that's an implementation detail that doesn't impact whether the app is malicious or not. |
|
|