Did you just download a file that has a digital signature from GitHub, Inc. and wonder if the file is safe? If so, please read on.
You will probably notice GitHub, Inc. when clicking to run the file. The publisher name is displayed as the "Verified publisher" in the UAC dialog as the screengrab shows:
You can view the digital signature details for GitHub, Inc. with the following procedure:
Here is a screenshot of a file that has been signed by GitHub, Inc.:
As you can see in the screenshot above, Windows reports that "This digital signature is OK". This implies that the file has been published by GitHub, Inc. and that no one has tampered with the file.
If you click the View Certificate button shown in the screengrab above, you can examine all the details of the certificate, such as when it was issued, who issued the certificate, how long it is valid, and so on. You can also view the address for GitHub, Inc., such as the street name, city and country.
DigiCert SHA2 Assured ID Code Signing CA and DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 has issued the GitHub, Inc. certificates. You can also examine the details of the issuer by clicking the View Certificate button shown in the screenshot above.
These are the GitHub, Inc. files I have gathered, thanks to the FreeFixer users.Unfortunately I don't have any scan result from VirusTotal available for the GitHub, Inc. files at the moment. The scan results will appear here as soon as a FreeFixer user uploads a file digitally signed by GitHub, Inc..
Detection Ratio | File Name |
---|---|
Not available | atom.exe |
Not available | GitHubDesktop.exe |
Not available | atom.exe |
Not available | GitHubDesktop.exe |
The analysis is based on certificates with the following serial numbers: