The Real Cost of Open-Source
Code signing certificates, closed ecosystems, distribution fees — the financial reality of shipping independent software for Windows and macOS.
TL;DR — What is the Real Cost of Open-Source?
Developing open-source software requires substantial hidden expenses focused solely on bypassing preventative systems from Windows and macOS. To stop a legitimate installer from being incorrectly flagged as a "virus" by Microsoft SmartScreen or macOS Gatekeeper, independent developers are forced to purchase annual Extended Validation (EV) Certificates and pay for an Apple Developer Program membership to run Code Notarization. In practice, actively developing cross-platform terminal tools — such as Heapi or myTerm — incurs a recurring baseline cost of around $500 annually just as a "mandatory distribution toll", completely ignoring any additional infrastructure, hosting operations, or the pure engineering time costs.
There's a popular narrative that open-source software is free to make. The code is public, the tools are free, the hosting can be zero-cost. This narrative ignores the invisible layer that separates a project that works on your machine from software that someone else can install without seeing a scary warning screen.
The problem: your software looks like a virus
When you distribute an unsigned executable, Windows SmartScreen shows a red screen saying the file is from an "unknown publisher" and may harm the computer. On macOS, Gatekeeper blocks execution and the user has to go to System Preferences to manually allow it.
For most everyday users, that warning is the end of the road. They uninstall and never come back.
Code signing: the mandatory toll
To avoid these warnings, you need a code signing certificate — issued by certificate authorities recognized by Microsoft and Apple.
To build enough reputation to eliminate SmartScreen warnings on Windows, you need an EV (Extended Validation) certificate. These run between $300 and $700 per year. To get one, you need a registered company, a paid identity verification process, and often a physically signed document.
On macOS, access to Apple's distribution infrastructure requires an Apple Developer Program account: $99 per year. Without it, no binary can be notarized — a mandatory process for Gatekeeper to accept software without blocking it.
Closed ecosystems: their rules, their game
Microsoft and Apple don't just charge fees — they define how software can operate within their ecosystems. To distribute on the Microsoft Store or Mac App Store, software must pass review, respect sandboxing (which limits what the app can do on the system), and follow guidelines that are often incompatible with developer tools or system utilities.
For macOS, notarization requires the binary to be compiled with Apple-specific tooling, using an Apple ID linked to a Developer account, through an automated process via Xcode or notarytool. For a Windows developer using Go or Rust, this means maintaining a Mac — physical or virtual — exclusively for the build and notarization pipeline.
What this means in practice
For Heapi and myTerm, the two apps I actively develop, the annual distribution infrastructure cost alone is:
- EV certificate for Windows: ~$400/year
- Apple Developer Program: $99/year
- macOS hardware or VM for build/notarization: variable
- Time to configure and maintain signing pipelines: immeasurable
This doesn't include hosting, domain, CI/CD services, or any development cost. It's just the price of not having your installer flagged as malware.
Why it's still worth it
Despite all these costs, open-source remains the model that makes the most sense to me. Open code builds trust — anyone can audit what the software does. No hidden telemetry, no data monetization. The user can compile from source if they want.
But it's important to be honest: doing this professionally has a real cost. The digital certificate isn't a technical detail — it's a toll charged by the gatekeepers of the world's most widely used operating systems. Until that changes, serious open-source development means paying for access to ecosystems you don't control.