On Wednesday, Don Ho, Notepad++ developer announced the release of Notepad++ 7.6.4. He also shared that from this release onwards, users will not see the blue-trusted User Access Control (UAC) popup as Notepad++ has dropped code signing for its releases. UAC is a Windows security feature which helps prevent unauthorized changes to operating systems.
DigiCert, a US-based X.509 SSL certificate authority, donated a three years code signing certificate to Notepad++ in 2016, which has now expired. Now when Don Ho was trying to repurchase a new certificate from Certum, a Certification Authority, he was required to mention a Common Name (CN). The problem here is that as Notepad++ is not a company or organization, Certum did not allow him to use Notepad++ as CN.
Additionally, he also feels that these code-signing certificates are too overpriced. He added in the blog post, “Notepad++ has done without a certificate for more than 10 years, I don’t see why I should add the dependency now (and be an accomplice of this overpricing industry). I decide to do without it.”
This sparked a discussion on Hacker News, and many users supported the developer’s decision. One of the users commented, “Well I don’t care if the developer paid the certificate, and I don’t see why someone that develops FOSS should pay money for something that doesn’t bring to him any of that money back. At least for open source software certificates should be offered for free, in my opinion.”
Don Ho mentioned in the announcement that this decision will not have any effect on Notepad++ security whatsoever, but it will be less flexible from before:
To read the original announcement, visit Notepad++’s official website.
EU to sponsor bug bounty programs for 14 open source projects from January 2019
I remember deciding to pursue my first IT certification, the CompTIA A+. I had signed…
Key takeaways The transformer architecture has proved to be revolutionary in outperforming the classical RNN…
Once we learn how to deploy an Ubuntu server, how to manage users, and how…
Key-takeaways: Clean code isn’t just a nice thing to have or a luxury in software projects; it's a necessity. If we…
While developing a web application, or setting dynamic pages and meta tags we need to deal with…
Software architecture is one of the most discussed topics in the software industry today, and…