[smackfu]

Part of the problem is that a lot of legitimate freeware / open source software is not signed. I assume because people don't want to pay the $100 a year just to support OS X. So people get used to installing unsigned software, and then end up installing malware.

[3JPLW]

CNet's downloader app looks like it's signed. It warns that it was downloaded from a website (which it was), but you don't have to do the right-click-open song and dance.

[comex]

I'd love to see Apple take a stand and revoke their certificate. Usually I strongly support developer freedom / openness, but these apps are straight-up malware. Having a decline option somewhere doesn't matter if essentially all users who accept do so unintentionally.

[shalmanese]

The official Silverlight installer from Microsoft wasn't signed, leading me to a half hour search to make sure my browser wasn't hijacked before reluctantly installing it. Kind of defeats the point of signing when it's that untrustworthy.