IE9 and Calibre

[eugenemcardle]

Just a quick heads of guys. IE9 tags the latest update from Calibre (and presumably would treat all updates the same) as "Unsafe to run" because "it is not downloaded often"! wtf! where HAVE those guys been??

Needless to say it's a false alarm, but concerning non the less.

[kovidgoyal]

Sigh, I'm guessing they think it's not downloaded often as the download changes every week.

It's interesting though that Microsoft seem to be recording what users of IE download. I'm surprised I haven't heard any hue and cry about that.

[cybmole]

i expect it does that to all non-microsoft software.

every exe / msi I download with google chrome is also blocked by windows 7 & I have to unblock via properties

[toddos]

cybmole, Windows does that because the binaries are not "trusted". It has nothing to do with being non-Microsoft software. Anybody can sign an exe or msi for the price of buying a certificate. See here. That doesn't mean it's worthwhile for calibre to do, and it doesn't really matter. It only affects the msi. Once installed, calibre runs without warnings at all.

Of course I'm sure Kovid would be quite happy to sign each msi if you or someone else ponied up the $300/year it takes to get a certificate.

[kiwidude]

There's an even simpler solution of course. Don't use IE9. I haven't used IE for years. And no I am not a anti-Microsoft zealot, I just prefer some of the alternatives for a web browser.

[cybmole]

Quote:

Originally Posted by kiwidude

There's an even simpler solution of course. Don't use IE9. I haven't used IE for years. And no I am not a anti-Microsoft zealot, I just prefer some of the alternatives for a web browser.

windows 7 will block all executable downloads from alternative browsers, as a "safety feature" - you have to manually unblock each one.
it may, as I said before, make an exception for microsoft's own signed code but just about every 3rd party installer / exe is blocked. Even zips if windows thinks there is an executable inside.

[toddos]

Quote:

Originally Posted by cybmole

windows 7 will block all executable downloads from alternative browsers, as a "safety feature" - you have to manually unblock each one.
it may, as I said before, make an exception for microsoft's own signed code but just about every 3rd party installer / exe is blocked. Even zips if windows thinks there is an executable inside.

And as I said before, it's nothing so sinister as having "exceptions" for Microsoft's code. Anything that's signed by a trusted Certificate Authority (there are many of these, like Thawte I linked above) will be trusted by Windows. If you don't sign, you get this warning. Most apps don't bother to sign their files because there's really no reason to do so. It just sends you through one extra "Are you sure you want to run this?" dialog and that's it.

If you're willing to spend the money on a certificate, this "problem" could easily go away. If you don't want to spend the money but are really worried about this, create your own CA, import it as a Trusted Root Certificate on your installation of Windows, create a signing certificate from that CA, and then sign the Calibre MSI after you download it. Then when you run the warning will be gone. Of course you'll have to do this every time you download a new MSI, but perhaps it's worth it to you to get rid of the warning.