Users of modern versions of Windows 11 have a powerful security feature for keeping their devices secure, known as Smart App Control. I’ve talked about this feature a few times over the last year, but in April 2026, a powerful improvement landed. Previously, Smart App Control could not be turned back on if you everContinue reading “Smart App Control”
Tag Archives: Authenticode
Runtime Signature Checking Threat Model
Telerik developers recently changed Fiddler to validate the signature on extension assemblies before they load. If the assembly is unsigned, the user is presented with the following message: In theory, this seems fine/good– signing files is a good thing! However, it’s important to understand the threat model and tradeoffs here. Validating signatures every time aContinue reading “Runtime Signature Checking Threat Model”
Authenticode in 2025 – Azure Trusted Signing
I’ve written about signing your code using Authenticode a lot over the years, from a post in 2015 about my first hardware token to a 2024 post about signing using a Digicert HSM. Recently, Azure opened their Trusted Signing Service preview program up for individual users and I decided to try it out. The documentationContinue reading “Authenticode in 2025 – Azure Trusted Signing”
Best Practices for SmartScreen AppRep
Last year, I wrote about how Windows integrates SmartScreen Application Reputation to help ensure users have a secure and smooth experience when running downloaded software. tl;dr: When a user runs a downloaded program, a call to SmartScreen’s web-based reputation service is made, and four possible outcomes can occur: As a software developer, it’s natural thatContinue reading “Best Practices for SmartScreen AppRep”
Authenticode in 2024
My 2021-2024 Authenticode certificate expired yesterday, so I began the process of getting a replacement last week. As in past years, I again selected a 3 year OV certificate from DigiCert. Validation was straightforward. After placing my order, I got a request for high-resolution photos of me holding my ID (I sent my passport andContinue reading “Authenticode in 2024”
text/plain 