Factorio Windows executables now undergo code signing(wiki.factorio.com)
4 pointsby xvv5 months ago1 comment
  • jsiepkes5 months ago
    You get an EV code signing certificate, you sign your binary, no more annoying Windows Defender popups. I fail to see what is so special about this? Are people confusing this for some DRM measure? If you want to strip the signing from the binary you can. Not really sure what good that would do though.
    • altairprime5 months ago
      It likely prevents watching the game to cheat Steam achievements, if nothing else:

      https://www.reddit.com/r/factorio/comments/1k4cpc7/factorio_...

      • jsiepkes4 months ago
        Even if Steam checked the signature of the binary (which I don't think it does) it would be trivial to modify Steam to approve a binary without a signature. There is no chain of trust here. The integrity of Steam is not being guaranteed.

        If you wanted to implement that you would need to A) Enforce secure boot is enabled, so you have guarantees the Windows kernel hasn't been tampered with B) Have a Windows (signed) kernel driver which verifies the Steam installation C) Have the Steam installation verify the Factorio installation.

        That is why games like Battlefield 6 have these draconian requirements requiring secure boot and TPM2. Because you need a chain of trust all the way from the top (firmware) down to your software.

      • thunderfork5 months ago
        [dead]
    • b_lax5 months ago
      Exactly