alt Hacker NewsDoes the 7-Zip author still refuse to digitally sign or even provide hashes of the official downloads? It's an extremely weird flex, he thinks it's a frivolous waste of time or something.
Replies
jsheard • yesterday at 5:19 PM
He's always been an odd one, for a long time he refused to enable even basic hardening features like ASLR and DEP because they made the executables slightly larger. He eventually relented on some of those, but last I heard the more advanced mitigations like HE-ASLR, CFG and GS were still disabled.
giancarlostoro • yesterday at 5:09 PM
Do people even double check installers are digitally signed? There's so much open source stuff out there that is not digitally signed, most people might not even notice.
➕ show 2 replies
I migrated from 7-Zip to NanaZip, a fork with modern Windows features that the original developer refuses to implement.
https://github.com/M2Team/NanaZip