Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'm unfamiliar with many of these certificates, but is there any reason such 'scamware' woudln't be able to get one even though it costs money? Because, if they still can, they the whole certification business definitely seems like a big scam to me.


When you pay money - you are leaving money trace which is likely to bite you if your product hurts people.


Yea, the SmartScreen filter is based on the reputation of the publisher, and the certificate is used to identify the publisher for this purpose.


The certificate authority should revoke their signing certificate if their binary is found to contain malware, returning them to the big warning state.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: