SYS-CON MEDIA Authors: Stackify Blog, Zakia Bouachraoui, Elizabeth White, Pat Romanski, Liz McMillan

Related Topics: SYS-CON MEDIA

SYS-CON MEDIA: Press Release

Developers and End Users Benefit from Code-signing Certificates

Code-Signing Certificates Facilitate Online Software Sale and Exchange

Jersey City, NJ, November 18, 2009 - Buying or borrowing software on the Internet carries risks, both for the developer and for the person who plans to use it. End users who install malicious software in their computers may lose their purchase price. Worse, they may risk damaging their computers. Developers risk that someone may intercept their software file and alter it, adding deleterious code. Such alterations could damage their professional reputations.

Developers who sell or exchange software can protect their code and their reputations by using code-signing certificates. Code-signing certificates create X.509 data files called “signatures” that developers can attach to their software files. The signature disappears from the software if anyone (including the developer) alters the code.

The digital signature functions as tamper-proof packaging for intangible files exchanged on the Internet; absence of packaging signals a quality problem.

Code-signing certificates protect end users who purchase software from unfamiliar developers, or who download it from open sources. Major browsers now check for code-signing certificates when Internet users download software; if the software is unsigned, the browser shows the Internet user a warning message.

By the same token, code-signing certificates protect developers. Software that appears to come from an honest developer might have been altered to delete important files once installed, or to cause similar problems. The digital signature verifies that the file does, indeed, come unaltered from the developer, and that it has not been changed.

Code-signing certificates can be especially useful for open-source developers, posting their software on bulletin boards for anyone to use or modify. Such developers build reputations based on the quality of their software; their digital signatures prove that the posted software is truly theirs.

Code-signing certificates are available for terms of one to three years, and may be used to sign as many files as a developer can produce during that span.

For more information about code-signing certificates, visit http://www.instantssl.com/code-signing/code-signing.html

About Comodo

Comodo is a leading brand in Internet security, covering an extensive range of security software and services, including digital certificates, PCI scanning, desktop security, online faxing, and computer technical support services.

Businesses and consumers worldwide recognize Comodo as standing for security and trust. Comodo products secure and authenticate online transactions for over 200,000 businesses and have more than 18,000,000 installations of Comodo desktop security software, including an award-winning firewall and antivirus software offered at no charge.

The Comodo family of companies is committed to continual innovation, core competencies in PKI, authentication, and malware detection and prevention.  As a catalyst in eliminating online crime, the companies' mission is to establish a Trusted Internet.

With US headquarters overlooking Manhattan on New Jersey's waterfront, and global resources in United Kingdom, China, India, Ukraine, and Romania, Comodo products offer intelligent security, authentication, and assurance.

Comodo -- Creating Trust Online®. For more information, visit Comodo's website.

More Stories By Katharine Hadow

Katharine Hadow is a marketing communications professional in New Jersey, USA

Latest Stories
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embr...
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embr...
The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get tailored market studies; and more.
While a hybrid cloud can ease that transition, designing and deploy that hybrid cloud still offers challenges for organizations concerned about lack of available cloud skillsets within their organization. Managed service providers offer a unique opportunity to fill those gaps and get organizations of all sizes on a hybrid cloud that meets their comfort level, while delivering enhanced benefits for cost, efficiency, agility, mobility, and elasticity.
Kubernetes as a Container Platform is becoming a de facto for every enterprise. In my interactions with enterprises adopting container platform, I come across common questions: - How does application security work on this platform? What all do I need to secure? - How do I implement security in pipelines? - What about vulnerabilities discovered at a later point in time? - What are newer technologies like Istio Service Mesh bring to table?In this session, I will be addressing these commonly asked ...
The KCSP program is a pre-qualified tier of vetted service providers that offer Kubernetes support, consulting, professional services and training for organizations embarking on their Kubernetes journey. The KCSP program ensures that enterprises get the support they're looking for to roll out new applications more quickly and more efficiently than before, while feeling secure that there's a trusted and vetted partner that's available to support their production and operational needs.
Skeuomorphism usually means retaining existing design cues in something new that doesn’t actually need them. However, the concept of skeuomorphism can be thought of as relating more broadly to applying existing patterns to new technologies that, in fact, cry out for new approaches. In his session at DevOps Summit, Gordon Haff, Senior Cloud Strategy Marketing and Evangelism Manager at Red Hat, discussed why containers should be paired with new architectural practices such as microservices rathe...
In a recent survey, Sumo Logic surveyed 1,500 customers who employ cloud services such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). According to the survey, a quarter of the respondents have already deployed Docker containers and nearly as many (23 percent) are employing the AWS Lambda serverless computing framework. It's clear: serverless is here to stay. The adoption does come with some needed changes, within both application development and operations. Th...
When you're operating multiple services in production, building out forensics tools such as monitoring and observability becomes essential. Unfortunately, it is a real challenge balancing priorities between building new features and tools to help pinpoint root causes. Linkerd provides many of the tools you need to tame the chaos of operating microservices in a cloud native world. Because Linkerd is a transparent proxy that runs alongside your application, there are no code changes required. I...
xMatters helps enterprises prevent, manage and resolve IT incidents. xMatters industry-leading Service Availability platform prevents IT issues from becoming big business problems. Large enterprises, small workgroups, and innovative DevOps teams rely on its proactive issue resolution service to maintain operational visibility and control in today's highly-fragmented IT environment. xMatters provides toolchain integrations to hundreds of IT management, security and DevOps tools. xMatters is the ...
With the rise of Docker, Kubernetes, and other container technologies, the growth of microservices has skyrocketed among dev teams looking to innovate on a faster release cycle. This has enabled teams to finally realize their DevOps goals to ship and iterate quickly in a continuous delivery model. Why containers are growing in popularity is no surprise — they’re extremely easy to spin up or down, but come with an unforeseen issue. However, without the right foresight, DevOps and IT teams may lo...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily own their code into production, but want to use platforms instead of raw automation. That’s changing the landscape that we understand as DevOps with both architecture concepts (CloudNative) and process redefinition (SRE). Rob Hirschfeld’s recent work in Kubernetes operations has led to the conclusion that containers and related platforms have changed the way we should be thinking about DevOps and...
Kubernetes is an open source system for automating deployment, scaling, and management of containerized applications. Kubernetes was originally built by Google, leveraging years of experience with managing container workloads, and is now a Cloud Native Compute Foundation (CNCF) project. Kubernetes has been widely adopted by the community, supported on all major public and private cloud providers, and is gaining rapid adoption in enterprises. However, Kubernetes may seem intimidating and complex ...
Between the mockups and specs produced by analysts, and resulting applications built by developers, there exists a gulf where projects fail, costs spiral, and applications disappoint. Methodologies like Agile attempt to address this with intensified communication, with partial success but many limitations. In his session at @DevOpsSummit at 19th Cloud Expo, Charles Kendrick, CTO at Isomorphic Software, presented a revolutionary model enabled by new technologies. Learn how business and develop...
"There is a huge interest in Kubernetes. People are now starting to use Kubernetes and implement it," stated Sebastian Scheele, co-founder of Loodse, in this SYS-CON.tv interview at DevOps at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.