Frankly I wouldn't bother either. The whole process has done very little for the common consumer.

Digital signatures don't just make UAC prompts look friendlier, it also makes it easier for files to gain trust with Microsoft's SmartScreen filtering (built into IE8, IE9 and the upcoming Windows 8) and allows signed files to be automatically trusted by security products that have those signatures in their databases (meaning you get no prompts other than UAC itself).

That being said GOG has yet to correct the UAC elevation of their installers (despite this being well documented and easy to implement) so it doesn't surprise me that they also don't sign their installers. :(

So you're not keen for your bank to have https? Signing installers is a similar business, though a little less easy to get caught in a trap. People that are new to GOG don't know if they are legit, lets face it, at times it seems a bit too good to be true. A digital cert helps some people feel secure just as much as that padlock.

I think people who know about digital certificates probably know to look around and check if a site is legit or not.

Also, this is the first time I hear about this. From what I can tell, the return of such an investment would indeed be around zero.

I see what you're saying and you raise a good point, but isn't HTTPS a little different, based on the fact that it is actually providing literal security protocols in addition to the "signing" aspect?

Yes, https is there because you don't trust your connection between you and your target, digital signing is there because you don't trust your relationship between you and the provider. Because https is defending against a third party it has a proper implementation, but the end user doesn't usually know that. They just know padlock - it's safe.

EDIT: in fact I'm wrong, both are doing the same thing. There's someone you're not sure you can trust, be it the connection, or the provider of the software. A CA provides a confirmation that what you're doing is safe. Either by providing a key between you and the target to communicate with, or a key between you and them to say the provider is safe. Both times, it's the CA telling you that you can trust this.

What's to prevent an untrustworthy software developer from buying a signature and applying it to malware (I'm honestly curious about this)? Sure, the signature would eventually get revoked, but not until after it had done some damage. They are kind of like DRM in that way; sure, it might prevent someone from pirating the game on day 1, but not after that. Digital signatures are no replacement for common sense and I have always failed to see the necessity of them.

Cost, mainly. As well as the fact that they contain personal data and can be traced.

It's an extra bar to entry. You do have to verify that the signature belongs to whom you think it does, but after that a signature is meaningless. The whole point of it is that you can then download from other sites with some assurance that it's the same file that you're expecting.

But, that being said, you can do that with MD5 or SHA1 or any other decent checksum as well, and those are free.

More a question for Verisign than here. I suspect their answer will be that we own them like they're our bitches. It's not trivial to get signed. You need to have people with defined contact details, and an overall company putting down all their credentials to get that signature. The risk of trying to fool them (which would be fraud) is bigger than the risk of not having one. I've not known a significant attack based through malevolently signed installers.

The trouble starts when a CA gets broken in to. Like happened recently with Comodo.

Checksums are highly vulnerable because they are external; most download sites generate them on the fly based off the file on the server, so the server's copy can be corrupted or infected or whatever and the checksum will merely verify that you have a faithful copy of the messed up file. This is why I always Google checksums of unsigned files to double-check that the file I received is in its original form.

Digital signatures are not vulnerable to this because verification is baked into the file itself and any modification will irrevocably break it. The only way a modified file can show up as valid is if it uses a stolen or malicious certificate, but these cases are still relatively rare and are rapidly revoked by the CA as soon as the first examples are seen in action.

One word. Comodo.

Several more words, checksums from developer site.