Or you know, don't be a entitled jerk of an user who can't be bothered to support Free (as in Speech, NOT as in beer) Software.
Come on, if every developer that uses any kind of Free Software decided to donate every hour the dollar amount of one HOUR of their work for the projects that THEY need, no one would be in this mess.
Or you know, don't be a entitled jerk of an user who can't be bothered to support Free (as in Speech, NOT as in beer) Software.
(Shrug) I've authored a large amount of software that's free as in both. I sign my releases for my users' protection, and also to avoid looking like a careless dilettante. I expect others who are serious about their craft to do the same.
If that makes me an "entitled jerk," well... meh. There's no way to respond to an accusation like that except to own it.
While its great that you have a spare $100 a year and the money to invest in Apple hardware to digitally sign Mac builds, not every project will have those resources. Projects that don't have the resources will often publish hashes so that users will be able to check to ensure their download is legitimate before using it. Handbrake does this: https://handbrake.fr/checksums.php
For free, the author could simply GPG sign all releases for all platforms and suggest users verify them. Then, the decision to run untrusted code is the user's decision and bypasses platform monetization.
Then, if suffient and continual contributions of money and expertise permit, official codesigning per platform could be added as another layer (defense-in-depth).
Wow. Waste of bits (your comment). Please take your political agenda some where else. This is the 3rd time this author has been compromised. For $99 it seems a bit negligence on his part. Donations are not excepted so...
"The HandBrake and HandBrake Documentation projects are not accepting monetary donations. Please instead consider donating to the VideoLAN non-profit organization and the Blender Foundation."
