CNET también está disponible en español.

Ir a español

Don't show this again


Software must prove itself

Microsoft announced support from 20 vendors for its Authenticode Technology.

Microsoft and VeriSign announced today that they have signed up about 20 software producers to a program that promises to reduce fraud and the spread of viruses on the Internet.

Authenticode technology provides a unique identification for each software publisher so that end users who buy and download software over the Internet don't have to worry that the code has been altered or tampered with.

The system relies on the use of VeriSign's Digital IDs to build that unique identifying tag into the software posted for downloading online. Those Digital IDs can then be read by Microsoft's browser and operating systems so that users can be alerted to stay away from uncertified software.

The hope is that the use of the technology will legitimize the electronic distribution of software, which can save publishers and consumers money because they will not need to pay for packaging, transportation, and the printing of elaborate manuals.

Authenticode technology will be implemented in the final release of Internet Explorer 3.0, which is expected to begin shipments on August 13, and later directly in the Windows NT and Windows 95 operating systems.

"VeriSign Digital IDs in conjunction with Authenticode technology provide customers with the information and assurance they need when downloading software from the Internet," reads a posting on VeriSign's Web site. "Authenticode communicates to customers the real identity of the publisher and assures them that the product has not been altered or damaged."

Autodesk, Adobe Systems, and Starfish Software, among others, have all signed to the Authenticode validation program, first announced in March. These publishers will pay $400 annually for Digital IDs for their software. Individual software publishers will also be able to use the program and will pay only $20 annually.

The first group of software publishers are: Autodesk, Citrix Systems, Cornerstone Imaging, Dimension X, Farallon Communications, Fulcrum Technologies, FutureTense, FutureWave Software, ichat , mBed Software, Media Architects, Microcom, Narrative Communications, nCompass Labs, Progressive Networks, Software Publishing, Starfish Software, Totally Hip Software, Tumbleweed Software, and Vivo Software.

The companies' goal is to sign up many more software producers, large and small. The process includes applying for and receiving a software publishing certificate, then signing and distributing the software.

In March GTE also was supposed to join VeriSign in the digital-signature initiative. But there was no mention of GTE in today's announcement.

"There's no current announcement (about GTE's involvement)," said Microsoft Product Manager Keith Szot. But a GTE spokeswoman said its product will be available "imminently."

Today, Microsoft also posted on its Web site a set of utilities, called Cabinet File (CAB), that allows developers to digitally sign and compress code. That results in faster and more secure downloading of Java applets and ActiveX controls.

The utilities, which are available for free for Windows, can also be incorporated into Java and ActiveX development tools. Macintosh and Unix versions are in the works, Microsoft said.