zlacker

>>Zuider+(OP)
If a corp like Nvidia cannot manage to store Code signing certs on hardware only, the whole process is broken beyond repair. What’s the value of signed code going forward?

>>pintxo+k8
The benefit of signed code is it grants hardware vendors a perpetual control, gatekeeping, and rent seeking role. It was never your hardware.

The cover story was security, which might be mathematically correct but in practice has been shown false in every way. Look how much malware gets signed and shipped on devices and sold on app stores: the vendor gets their cut, /shrug. Look how many devices have been intentionally bricked to force new sales - yay them again. And then there's the certificate management illusion.

>>imglor+Lr
> The benefit of signed code is it grants hardware vendors a perpetual control, gatekeeping, and rent seeking role. It was never your hardware.

but in this case it's literally not caused by hardware vendors ? They're not even a party to this arrangement. The requirement is being enforced by windows, and the certificates are issued by various CAs. If you don't want that just use linux or something, or disable signature enforcement within windows.

>>gruez+qu
You cant disable signature enforcement on Windows. You can test sign and only if you disable secure boot and enjoy desktop watermarks.

>>Ashame+ZJ1
^ Not enough people are angry about this! I have a permanent watermark on my desktop because I use an edid override for my projector and hobbyist drivers for niche video game controllers. It sucks.

>>Wowfun+lK1
Stop using windows. Stop accepting microsoft software at work.

>>Schroe+fC2
I don't use Windows myself, but I have to develop for it, and hit this problems even when everything I develop is open source.