I was just wondering if the SSL companies like Digicert give trusted certificates to any organization/software that pays the fee or is there a verification process they do that the code is actually not malicious?
-Thanks AB
Code signing is meant only to provide assurance as to the author/source of the code. In no way does it guarentee that the code is not malicious.
The theory is that if you trust the source, you should trust their code