tsites computer tuition, website design, network security
Unsigned programs and apps

Yesterday, I heard the most spectacular incorrect statement regarding unsigned programs and apps.

Someone who really should know better, stated their opinion that 'unsigned apps are poorly written software'.

It wouldn't have mattered, except the fact that other people were also listening to this misinformation, and they might have actually believed it.

Having an unsigned app is not indicative of a piece of poorly written software. This is really not the case at all. In fact, most - if not all - of the smaller developers online produce good quality unsigned apps. Similarly, if you were to write a program yourself, it would also be unsigned.

An unsigned app or program is a piece of software that has been created without something called a 'developer certificate'. (There's no certified company attributed to creating the software when it was initially coded). While it is true that unsigned apps could put your system at risk, it is important that you know and trust where you downloaded the app from - which is true for any app or program (signed or unsigned). Unsigned apps are downloaded from sources outside of the Mac App Store, or the Microsoft Store for Windows. This means they were not checked by Apple or Microsoft respectively.

None of this means there's necessarily anything wrong with the software, just that the company has not included a developer certificate, or did not want to pay Apple or Microsoft the (usually high fees) to be a registered developer and obtain a developer certificate.

None of the programs on this website are signed, purely because they are freeware - I make no money from them. So I can't justify paying for a developer certificate. The nice thing about them being free of course, is that they never expire, don't throw any adverts at you, and you can freely move them from one computer to another without having to register or 'activate' online. They are yours to do what you want with, for as long as you want.

This was one of the original principals of computer programs, which I still believe in.

The above screenshot is from an earlier computer system, where signed applications were unheard of. (In actual fact, there was no requirement for such a thing back then). These days, there's a distinct lack of sense-of-humor aspect and additionally there are plenty of malicious programs out there. It's always definitely worth checking where an unsigned app comes from - particularly those from smaller developers, or hobbyist programmers (like myself). But there are also plenty of larger mainstream companies that do not code-sign their applications:

Anyway, back on topic...

Fortunately, because people who create the operating system of your computer are thankfully better informed regarding unsigned apps, there is still a way to run them. You might want to run an unsigned app if that particular app or program is absolutely unavailable elsewhere.

If you are certain you can trust the app actually does what it says it does, then running an unsigned app should be considered okay. In most operating systems, there's an option to "Allow apps downloaded from: Anywhere"

This isn't a new thing by the way. Not only have signed applications existed back in earlier versions of the Mac operating system, Windows has had signed programs for a long time too.

In fact, Android and iOS mobile operating systems all work on the principal of signed apps:

More recent versions of Mac OS really try to make you think about opening Applications that are unsigned.

It's very clear that the general consensus is that the end user should stop and think: 'Hmmm, should I really be running this particular program? Do I absolutely trust where it has come from, or do I know how it works and what it does?'

On both Mac OS and Windows, you can override these restrictions by changing your system settings to allow running unsigned programs. At the minimum, you can right-click it and choose 'Open' (Mac), or on Windows right click > Properties > (Compatibility tab) > Change settings for all users > Run as Administrator.

What about Linux? Well, on Linux I think it's safe to assume that if someone has taken the time to replace the default operating system their computer came with, for another operating system they've downloaded off the internet, they probably have a fairly good idea of what they are doing anyway.

You can simply right-click on a program and choose 'Properties' > (Permissions tab) > click the checkbox "Allow executing file as a Program".

I should also add that being an official developer in the Mac App store, is quite frankly a ball-ache. There's a very in-depth and interesting article here (and archived PDF version here, just in case it disappears), and it pretty much confirms why I will always be an unsigned developer - at least on the Apple platform.


Back to Forum Listing