Users are reporting that Windows defender is blocking the installation of the Gridcoin MSI due to missing publisher information. You can bypass the warning, but it might frighten off new users.
I don't know about Windows Defender, but when the MSI was launched, the SmartScreen filter would prompt what you describe. While it is not a block, you have to go to "More Info" and click on Run Anyway.
This issue could be resolved by applying a certificate to the MSI, but there are no free certificates as far as I know. Also, the certificate authority should be one that Windows trusts, so that the warning would not appear (maybe just the Run button as the MSI is still downloaded from the internet, but no "unknown author" message).
+1 On this issue AND on signing the primary executable. There are several options for codesigning certificates. We could probably get a discount on the code signing cert from GoDaddy since the Gridcoin.us site uses a GoDaddy SSL cert. They're the cheapest anyway, but in the past I've always purchased Site+Code Signing together and it seems like this has been cheaper in the past.
Also a note, this applies to both the MSI and the primary executable. The MSI writes to %ProgramFiles%, so it requires elevated privileges - but even if we removed that requirement, the .exe needs access to %AppData% for Boinc which requires admin privs and Windows Defender/UAC still pops up and says that it's from an Unknown Publisher, which does not look professional.
Here's the link to the GoDaddy codesigning cert:
https://ca.godaddy.com/web-security/code-signing-certificate
Certificates are $170/yr, but like I said previously if we purchase the site SSL cert + Code Signing I think we can get a discount. Possibly also get a discount for being a non-profit entity.
I think this needs to be elevated in importance, and doesn't even require a code change to remedy. This looks VERY unprofessional among a crowd of users that typically know something about crypto and security...
Also, I'm happy to take the lead in packaging and signing this stuff - I wrote installer software for 10 years (not installers, but the software to make installers), so I know a bit about packaging and distribution on Mac/Windows (not so much Linux). I can set up the build process to automatically sign executables, but whoever performs the builds will need the certificate and its private key password on their machine to do the final signing. We can sign the Mac executable if we're not already with a free cert from the Mac dev account, if Gridcoin HAS a developer account at Apple.
@joshuaferguson do you think it would be better to use the WiX Toolset since Microsoft have stopped supporting Visual Studio Setup projects. I've used it in the past and it lets you create an MSI with all config done in XML and builds done via the command prompt or a CI tool.
WiX is fine. Microsoft did release a Visual Studio extension that restores the installer projects to later versions of VS as well. The version for 2017 can be found here: https://visualstudiogallery.msdn.microsoft.com/fd136a01-a0c8-475f-94dd-240136f86746/viewDiscussions/Reviews
I don't see any reason to migrate away from it at this point - but this is entirely up to whomever is doing the installer builds. There are lots of options that I've used in the past, but WiX is good or I've used Inno Setup in the past - not quite as elegant as some solutions but free and really easy to use and integrate into any kind of build environment. Lots of extensibility in its scripting language as well.
InstallAware is another option: https://www.installaware.com
I have MSI which is self signed by using MakeCert and SignTool .It is also getting defended by windows defender. Any Idea?
The certificate needs to be signed by a root CA such as GoDaddy or Verisign. A self-signed cert won't get rid of the warning. The warning is in place to verify that a business is indeed valid-enough to have purchased a code-signing certificate from a reputable Root Certificate Authority.
getting a legitimate certificate to sign exes and installers is not an easy task. i have investigated this and its quite the chore. based on the type of project we have we would not qualify for certain conditions of certificates. I could get an individual certificate i suppose but that involves many things including a lawyer and notary. it is not as easy as before.
This is why I proposed originally updating the gridcoin.us ssl certificate to include code signing. Barring that, it's not that hard to get one. Check out https://www.digicert.com/order/order-1.php. For 111.00 you can purchase a code signing cert that works with Microsoft Authenticode and OS X.
which one u looking at code signing ones are more then that. but im not seeing the website and code signing combo.
also if rob does leave as mentioned before we actually dont really have a owner. the certificate should be done by owner. i deal with windows compiling and installer package and been looking into this. i'll investigate these options more and get back to you guys. ill end up being the one paying for it. the signing certificate private keys need not be shared to protect the installations and exes
Im pretty sure Bitcoin has a code signing license inside the gitian builder in their latest build. If you can extract that we can sign the windows and macs builds with that.
can we legally extract that certificate thou? and if i can find out what kind of certificate id be more then willing to purchase one for gridcoin alone. my contribution to the community. thx @gridcoin for chimeing in :)
Closing.
Most helpful comment
Also, I'm happy to take the lead in packaging and signing this stuff - I wrote installer software for 10 years (not installers, but the software to make installers), so I know a bit about packaging and distribution on Mac/Windows (not so much Linux). I can set up the build process to automatically sign executables, but whoever performs the builds will need the certificate and its private key password on their machine to do the final signing. We can sign the Mac executable if we're not already with a free cert from the Mac dev account, if Gridcoin HAS a developer account at Apple.