Sign the installers

Thu Jun 28 05:29:54 UTC 2018

On Thursday, 28 June 2018 at 01:34:22 UTC, Jonathan M Davis wrote:
> On Wednesday, June 27, 2018 17:59:42 Brad Roberts via 
> Digitalmars-d wrote:
>> On 6/27/2018 5:34 PM, Jonathan M Davis via Digitalmars-d wrote:
>> > On Wednesday, June 27, 2018 17:26:36 Manu via Digitalmars-d 
>> > wrote:
>> >> I guess people feel nervous about installing allegedly 
>> >> potentially dangerous software on their corporate 
>> >> workstation.
>> >
>> > Honestly, that's exactly the sort of thing that I always 
>> > ignore. I'd pay
>> > attention if anti-virus software outright said that it found 
>> > a virus,
>> > but
>> > "unrecognized software?" That's exactly the sort of thing 
>> > that's just
>> > going to get me pissed off at Microsoft for getting in my 
>> > way. Though
>> > honestly, Microsoft pops up so many useless messages that it 
>> > becomes
>> > easy to miss any that actually matter, because you have to 
>> > skip through
>> > so many of them all the time that you stop paying attention 
>> > to them.
>> > So, I'm definitely surprised to hear about programmers 
>> > refusing to
>> > install something just because Microsoft doesn't recognize 
>> > it.
>> >
>> > - Jonathan M Davis
>>
>> It's all about removing resistance and raising the level of 
>> professionalism.  D isn't a hobby project and shouldn't act 
>> like one. This is an obvious barrier that's worth removing.  
>> In this day and age of rampant actively dangerous software, 
>> it's an obvious improvement to sign it and make the strong 
>> claim that this is produced and vended by the d foundation and 
>> we vouch for it's contents.  We already do for some (all?) of 
>> the posix distribution bundles.
>
> Well, as I said in my initial response, I have no problem with 
> the installer being signed. I'm just surprised that any 
> programmers would care.
>
The issue in professional setting is not just necessarily about 
the programmer himself but the policies of its company or the IT 
team in charge of the devs PC.
As stated elsewhere, I work in a public adminsitration and the IT 
is handled by another directorate than the directorate I work 
for. The IT department is in charge of more than 15,000 PC's. You 
can imagine that they do everything to have their control over 
that fleet by normalising and tightening policies. They 
acknowledge that the developpers need a little bit more leverage 
and freedom on their machines by providing some local admin 
rights, but even with that, it is sometime quite difficult to 
install anything not from the official approved list.
Unfortunately, D has been quite annoying to install. The last 
version i.e. 2.080 for instance didn't install as there is one of 
the binaries that get quarantained by the anti-virus. Anti-virus 
I cannot influence because local admin rights are not sufficient 
to whitelist a file.
Installing 64 bit code is also a chore as dmd delegates the 
installation of the required libs to the Microsoft installer. The 
problem, the Microsoft installer is incapable to get through our 
proxy and there's no offline installation option anymore since 
2017. I know it's a Microsoft issue, but it is part of the things 
that makes using D quite challenging. I'm highy motivated and am 
not pressed by deadlines so it doesn't bother me too much, but I 
can imagine that somehow reluctant devs will stop at the first 
hurdle encountered.