winstep wrote:
Well, it's less trouble with AV software. This said, it will probably interfere with the current protection scheme embedded in the executables.
I did do some searching before posting my question and what I found actually prompted me to post. The thread I found was over two years old but was actually quite interesting. It gave some history of theming and ultimately answered the question of why themers charge. What grabbed my attention in the
thread was this...
winstep wrote:
Despite this, somebody figured out that they could still use Microsoft's own skinning engine by illegally patching a Windows DLL to by-pass the digital signature requirement - and thus StyleXP was born, the only real 'competitor' WindowBlinds ever had.
I'm finally updating to Windows 10 on all of my machines and when I installed Nexus Ultimate, I got the warnings about the lack of digital signature. I then started poking around the forum and found the aforementioned thread. Then, I read this in the sticky thread concerning performance and anti-virus/anti-malware software...
winstep wrote:
Provided the user has downloaded Nexus or other Winstep applications from the official Winstep web site (always the preferred place) *or* reputable download sites like Cnet, Download.com, BaixaKi, Softpedia, etc... he should be at no risk.
However, and I can't stress this enough, you should NEVER download software from sites like RapidShare, MegaUpload, Fileupload, etc... Winstep software downloaded from those types of sites is not only nearly never the latest version as it will often come with nasty 'add-ons'.
Knowing what little I do about digital signatures, my understanding is that their purpose is to guarantee that the software/driver was created by the manufacturer and that it hasn’t been modified since it was created. With driver signature enforcement, you can be assured that the software/driver is authentic and has not been altered by a malicious third party.
At the end of the day, even though I know it can be tampered with and my anti-virus software is going to warn me about it, I'm not going to stop using Nexus because it doesn't have a digital signature. I've used it for a long time and trust the software - as long as I download it from here. However, someone just checking Winstep stuff out for the first time, may not have the same sense of comfort using the software when all the bells start going off. Maybe the digital signature is a false sense of security...I don't know. What I do know is that
not having a signature causes some (most?) security software to say "something is wrong here" and then asks the user what to do. Seems like if you could avoid that happening, potential new users may be less likely to cancel the install.
Sorry for the long post. Just wanted to give you some food for thought...