* Posts by JonDoe99

4 publicly visible posts • joined 10 May 2018

Female-free speaker list causes PHP show to collapse when diversity-oriented devs jump ship

JonDoe99

It's not really about equality

I've worked in a number of offices where women vastly outnumbered men, but strangely I've never once seen any efforts to even the numbers.

'No questions asked' Windows code cert slingers 'fuel trade' in digitally signed malware

JonDoe99

Dodgy certification companies

Code certifications provide very little security to end users, and they're becoming a real liability to the security of independent developers. There are very few companies offering affordable and accessible code certificates. Last time I bought one I had to send scans of my passport and other sensitive documents to a company I'd never heard of in Israel. When it came time to renew, I discovered the company had sold out to an even more questionable company in China, so who knows who has access to those docs now...

App devs bewildered by last-minute Google GDPR klaxon

JonDoe99

Re: Market contraction incoming

As an app-developer myself, I can tell you that it's very hard to persuade Android users to part with any money at all. I have an app near the top of its category, currently available as a free, feature-limited version (without ads), with a full-featured version selling for a few dollars (after sales tax, Play Store fees, and income tax, I'm lucky if I see a third of that). My app has a fairly typical 1-2% conversion rate from free to paid version, so I would need millions of downloads a year just for a very basic wage. Frankly, I'm left with no choice but to introduce ads. The only other option is a bit too morally-dubious for me to stomach - preying on the rare addicts who you can bleed to death with repeated in-app purchases.

Microsoft programming chief to devs: Tell us where Windows hurt you

JonDoe99

Code Signing

Windows used to be the easiest and cheapest platform for independent software developers wanting to self-publish, but it's now one of the worst. If you're not a limited company, it's very hard and extremely expensive to get a code-signing certificate, and without one, Windows throws up such alarmingly over-the-top warning messages that most casual users are left convinced that your software must be malware.

In reality, certificates don't actually prove that software is safe at all, but just who the publisher is. If I was morally-deficient enough to stuff my software full of lovely money-earning spyware, I wouldn't have any trouble at all in getting a certificate.

If Microsoft truly wants to become more developer-friendly, why not allow developers to self-certify their releases without having to go through an expensive certificate-seller. (eg. have Windows compare a file's certificate with a public key in the root of your website and display the web address to the end user - it would certainly be more meaningful than the personal name my certificates currently display).