Driver Problems? Questions? Issues?
Put OSR's experience to work for you! Contact us for assistance with:
  • Creating the right design for your requirements
  • Reviewing your existing driver code
  • Analyzing driver reliability/performance issues
  • Custom training mixed with consulting and focused directly on your specific areas of interest/concern.
Check us out. OSR, the Windows driver experts.

Upcoming OSR Seminars:
Writing WDF Drivers: Core Concepts Lab, Palo Alto, CA 12-16 January, 2015
Windows Internals & Software Drivers Lab, Seattle, WA, 16-20 February, 2015
Writing WDF Drivers: Advanced Lab, Palo Alto, CA 10-13 March, 2015
Kernel Debugging & Crash Analysis Lab, Palo Alto, CA 6-10 April, 2015
Developing File Systems for Windows, Boston, Waltham, MA 12-15 May, 2015


Go Back   OSR Online Lists > ntdev
Welcome, Guest
You must login to post to this list
  Message 1 of 76  
21 Jan 06 11:11
Mr. GUID
xxxxxx@hotmail.com
Join Date: 21 Jan 2006
Posts To This List: 8
X64 Windows Vista to require signed drivers

With little fanfare, Microsoft just announced that the X64 version of Windows Vista will REQUIRE all kernel-mode code to be digitally signed. The details are here: http://www.microsoft.com/whdc/system/platform/64bit/kmsigning.mspx. This is very different than the current WHQL program, where the user ultimately decides how they want to handle unsigned drivers. Vista driver developers must obtain a Publisher Identity Certificate (PIC) from Microsoft. Microsoft says they won't charge for it, but they require that you have a Class 3 Commercial Software Publisher Certificate from Verisign. This costs $500 per year, and as the name implies, is only available to commercial entities. This change in Vista will effectively kill any open source kernel modules, since individual developers are unlikely to obtain the required Verisign certificate. I'll give Microsoft the benefit of the doubt and assume this isn't their intention, but clearly, it will be the effect. I know NTDEV isn't particularly supportive of open source, but you don't need to buy into Stallmanism to see the problem here. If Microsoft controls who can write software for Windows, Windows is no longer an open platform. If Microsoft gets away with this for drivers, what will stop them from imposing signing on applications some day? I don't see that happening soon, but you never know what .NET 5.0 will bring. Say that it's being done in the name of security, and a lot of users will simply nod their heads and go along with it. _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
  Message 2 of 76  
21 Jan 06 12:31
Peter Viscarola (OSR)
xxxxxx@osr.com
Join Date:
Posts To This List: 4711
List Moderator
X64 Windows Vista to require signed drivers

See the OSR Online article on this topic: http://www.osronline.com/article.cfm?article=435 I personally think the policy of requiring X64 drivers be signed to be loaded is wrong-headed. At a time when Microsoft should be concerned promoting the X64 platform, a program like this seems to make it MORE difficult to adopt the platform (cuz, if the software I need isn't signed, it's not likely that I'm going to be moving to X64). While I personally don't like the new policy for X64, I think that your post makes some odd -- and incorrect -- points. Specifically: <QUOTE> This change in Vista will effectively kill any open source kernel modules, since individual developers are unlikely to obtain the required Verisign certificate. </QUOTE> This just doesn't make any sense. I don't see anything in the Microsoft program that does anything to harm the open source movement. Folks can continue to share source code -- However, the supplier of the module to an end-user customer will have to get the executable signed. If your point is that some high school kid that writes a driver in his room instead of doing his homework won't be able to supply drivers to the industry, well... I think that's probably the only GOOD thing about this Microsoft program. <QUOTE> If Microsoft controls who can write software for Windows, Windows is no longer an open platform. </QUOTE> Like, Windows is an open platform now?? Huh?? Peter OSR
  Message 3 of 76  
21 Jan 06 12:51
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
X64 Windows Vista to require signed drivers

I also don't agree with the current policy, it is going to possibly drive me out of the business. I do most of my work through various contracting firms. I don't have a corporate enttity so even though I write drivers, and in some cases am the Windows Kernel Software Team for some tiny companies who pay me for the drivers and support, I have never been on WinQual. My problem is that with the tax structure of Massachusetts, I would have lost money rather than made it the last two (very lean years) since between business costs and my taxes as a corporate entity I would have gone negative on my income. I suggest to my customers to go the Verisign route, but most of them balk saying we don't want to give you our key, get your own. I have talked to folks I contract through, and they say sure you can use our key, as long as we own all the drivers you write. For four years I have been complaining about this to Microsoft. I point out I have secure access to the Windows source and this does not require Verisign, so why should driver signing and getting driver bug reports require it. At every conference since 2002 they have promised to look into this, and when I query this a few months later they go say, just get incorporated. When I point out the hidden costs, they go "we did not know that" and promise again, and so the cycle continues. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply
  Message 4 of 76  
21 Jan 06 13:23
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
X64 Windows Vista to require signed drivers

Another thing I really love about the new policy is the ways to override it as a developer: · Attaching a kernel debugger. Attaching an active kernel debugger to the target computer disables the enforcement module in Windows Vista and allows the driver to load. · Using the F8 option. An F8 boot option introduced with Windows Vista-"Disable Driver Signature Enforcement"-is available to disable the kernel-signing enforcement only for the current boot session. This setting does not persist across boot sessions. Well using the debugger can impact (admittly slightly) the way a driver runs, so I never consider it a valid final test to have the debugger on the syste,. Of course having to remember that I must choose an F8 boot option, and be by machine everytime it reboots to manually do this is going to be lots of fun. I wonder how this will work for testing an unsigned driver needed to boot windows? I also wonder how it will work with the WDK image provisioning and testing an unsigned driver, gee does that mean in the middle of the automated process, I need a program to wake me up at 2AM to choose the F8 option? -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply
  Message 5 of 76  
21 Jan 06 15:44
Tony Mason
xxxxxx@osr.com
Join Date:
Posts To This List: 299
List Moderator
X64 Windows Vista to require signed drivers

Don, While I'm not a tax lawyer, I do tend to follow taxation law rather closely and thus was surprised by your assertion. Further, the MA Department of Revenue web site seems to disagree (http://www.massdor.com/rul_reg/tir/tir_97_8.htm). Admittedly there is a cost associated with creating an LLC (MA is expensive - $500) but there are no tax ramifications to such an entity (assuming it does not choose to be treated as a corporation.) *I* am horrified by Microsoft's decision to exclusively choose Verisign (in the past, we've used Thawte for code signing certs, but apparently some large number are more equal than other large numbers, for whatever reason.) However, this has become very off-topic for the forum, and this becomes another cost of doing business in the Windows space - much like subscribing to MSDN each year. And even if you ignore it for the Vista timeframe, this probably won't be an option for Longhorn server given Microsoft's announcements about dropping 32-bit support for most of the reasons people BUY servers (e.g., Exchange will be 64-bit only.) Bottom line: be prepared for signing your drivers. Don't count on Microsoft changing the policy, their exclusive arrangement with Verisign or any other aspect of this policy decision. If Microsoft requires Verisign, and Verisign suddenly decides that in order to get a cert from them you have to incorporate in Belize, you basically have *no choice* in the matter. If this policy doesn't work for you, I fear you'll have no choice but to leave the space. While I think this stinks of anti-trust problems, Microsoft's lawyers have already determined that this is ok. Drivers cause tremendous problems for them, so perhaps Microsoft's goal is to "squeeze out" more people from writing a driver. (I've heard the security arguments and am not persuaded - look at how trivially easy people have found it to work around the patch guard code.) Of course, if they REALLY wanted to improve driver quality, they'd require some sort of certification for driver writers (you can be certified to administer Windows systems, but not to write drivers for them) before you are allowed to get your very own cert. Then you'd sign your drivers when you decided they were wrong. I think of it along the lines of how engineers certify drawings - they might work for a firm but it is the *engineer* who applies his stamp to the drawings. If we did the same thing for drivers, people would take this a lot more seriously - they'd be staking their own professional reputations on the drivers that they write. Not going to happen anytime soon, though. Regards, Tony Tony Mason Consulting Partner OSR Open Systems Resources, Inc. http://www.osr.com -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn Sent: Saturday, January 21, 2006 12:51 PM To: ntdev redirect Subject: Re:[ntdev] X64 Windows Vista to require signed drivers I also don't agree with the current policy, it is going to possibly drive me out of the business. I do most of my work through various contracting firms. I don't have a corporate enttity so even though I write drivers, and in some cases am the Windows Kernel Software Team for some tiny companies who pay me for the drivers and support, I have never been on WinQual. My problem is that with the tax structure of Massachusetts, I would have lost money rather than made it the last two (very lean years) since between business costs and my taxes as a corporate entity I would have gone negative on my income. I suggest to my customers to go the Verisign route, but most of them balk saying we don't want to give you our key, get your own. I have talked to folks I contract through, and they say sure you can use our key, as long as we own all the drivers you write. For four years I have been complaining about this to Microsoft. I point out I have secure access to the Windows source and this does not require Verisign, so why should driver signing and getting driver bug reports require it. At every conference since 2002 they have promised to look into this, and when I query this a few months later they go say, just get incorporated. When I point out the hidden costs, they go "we did not know that" and promise again, and so the cycle continues. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@osr.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 6 of 76  
21 Jan 06 16:17
Mr. GUID
xxxxxx@hotmail.com
Join Date: 21 Jan 2006
Posts To This List: 8
X64 Windows Vista to require signed drivers

>>This change in Vista will effectively kill any open source kernel >>modules, since individual developers are unlikely to obtain the >>required Verisign certificate. >This just doesn't make any sense. I don't see anything in the >Microsoft program that does anything to harm the open source >movement. Folks can continue to share source code -- However, >the supplier of the module to an end-user customer will have to >get the executable signed. Few open source developers will qualify for the Verisign cert, and fewer still will fork over $500 a year to get it. That comes pretty close to killing open source kernel code right there. Further, a key benefit of open source is that everybody is free to modify the code and run their modified version. >If your point is that some high school kid that writes a driver in >his room instead of doing his homework won't be able to supply >drivers to the industry, well... I think that's probably the only GOOD >thing about this Microsoft program. Hey! I resemble that remark! :-) 25 years ago I was a kid writing software in my bedroom (on a machine with an 8-bit CPU and 48K of RAM). In all seriousness, I have two objections to your statement... First, it's not Microsoft's place to decide that kids in their bedroom shouldn't be able to "supply drivers to the industry". That's a choice for the free market to make. I'm not saying that high school hackers are a good source of quality drivers -- I'm saying it's not up to Microsoft to make that decision. Second, everybody should have the right to run software of their choosing on their own machine. It isn't Microsoft's computer -- it's mine. I paid for it. The OS shouldn't dictate what software I'm allowed to run. I think the current WHQL program is reasonable -- it forces people to think about loading unsigned drivers, but leaves the ultimate decision with the owner of the computer. >>If Microsoft controls who can write software for Windows, >>Windows is no longer an open platform. > >Like, Windows is an open platform now?? Huh?? Yes, Windows is currently an open platform. Microsoft made this claim a lot during their antitrust trial (e.g. http://www.microsoft.com/billgates/columns/oped/11-10wsjoped.asp). "Open platform" means anybody can write programs that run on Windows. Contrast that with video game consoles, cable TV boxes, or cell phones, where the platform vendor decides who is allowed to write software, and what software they're allowed to write. _________________________________________________________________ Is your PC infected? Get a FREE online computer virus scan from McAfee® Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
  Message 7 of 76  
21 Jan 06 16:27
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
X64 Windows Vista to require signed drivers

Tony, My town taxes LLC's as business property this means the building (my house) and the capital equipment. At the moment we have a single tax rate, but that is likely to change. I am friends with the tax assessor, she estimates I would only take a 8K tax hit. Then throw in the LLC cost, and the accountant cost and this is getting pricy. Now the real problem is, I a number of people I know enjoy the ability to work for myself, while not having to deal with the joys of the accounting and other PITA things. Of course to do this I put up with giving somenthing off the top to various firms and agencies I run my contracts through. But since I bring them customers (not normal but I've done it several times) I can negotiate a very good rate, since they know I and the customer can pick up and go elsewhere. I only know a couple other driver writers who do this, but lots of other developers who choose this model. Basically, Microsoft's decision threathens the way I do business. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply "Tony Mason" <xxxxx@osr.com> wrote in message news:74673@ntdev... Don, While I'm not a tax lawyer, I do tend to follow taxation law rather closely and thus was surprised by your assertion. Further, the MA Department of Revenue web site seems to disagree (http://www.massdor.com/rul_reg/tir/tir_97_8.htm). Admittedly there is a cost associated with creating an LLC (MA is expensive - $500) but there are no tax ramifications to such an entity (assuming it does not choose to be treated as a corporation.) *I* am horrified by Microsoft's decision to exclusively choose Verisign (in the past, we've used Thawte for code signing certs, but apparently some large number are more equal than other large numbers, for whatever reason.) However, this has become very off-topic for the forum, and this becomes another cost of doing business in the Windows space - much like subscribing to MSDN each year. And even if you ignore it for the Vista timeframe, this probably won't be an option for Longhorn server given Microsoft's announcements about dropping 32-bit support for most of the reasons people BUY servers (e.g., Exchange will be 64-bit only.) Bottom line: be prepared for signing your drivers. Don't count on Microsoft changing the policy, their exclusive arrangement with Verisign or any other aspect of this policy decision. If Microsoft requires Verisign, and Verisign suddenly decides that in order to get a cert from them you have to incorporate in Belize, you basically have *no choice* in the matter. If this policy doesn't work for you, I fear you'll have no choice but to leave the space. While I think this stinks of anti-trust problems, Microsoft's lawyers have already determined that this is ok. Drivers cause tremendous problems for them, so perhaps Microsoft's goal is to "squeeze out" more people from writing a driver. (I've heard the security arguments and am not persuaded - look at how trivially easy people have found it to work around the patch guard code.) Of course, if they REALLY wanted to improve driver quality, they'd require some sort of certification for driver writers (you can be certified to administer Windows systems, but not to write drivers for them) before you are allowed to get your very own cert. Then you'd sign your drivers when you decided they were wrong. I think of it along the lines of how engineers certify drawings - they might work for a firm but it is the *engineer* who applies his stamp to the drawings. If we did the same thing for drivers, people would take this a lot more seriously - they'd be staking their own professional reputations on the drivers that they write. Not going to happen anytime soon, though. Regards, Tony Tony Mason Consulting Partner OSR Open Systems Resources, Inc. http://www.osr.com -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn Sent: Saturday, January 21, 2006 12:51 PM To: ntdev redirect Subject: Re:[ntdev] X64 Windows Vista to require signed drivers I also don't agree with the current policy, it is going to possibly drive me out of the business. I do most of my work through various contracting firms. I don't have a corporate enttity so even though I write drivers, and in some cases am the Windows Kernel Software Team for some tiny companies who pay me for the drivers and support, I have never been on WinQual. My problem is that with the tax structure of Massachusetts, I would have lost money rather than made it the last two (very lean years) since between business costs and my taxes as a corporate entity I would have gone negative on my income. I suggest to my customers to go the Verisign route, but most of them balk saying we don't want to give you our key, get your own. I have talked to folks I contract through, and they say sure you can use our key, as long as we own all the drivers you write. For four years I have been complaining about this to Microsoft. I point out I have secure access to the Windows source and this does not require Verisign, so why should driver signing and getting driver bug reports require it. At every conference since 2002 they have promised to look into this, and when I query this a few months later they go say, just get incorporated. When I point out the hidden costs, they go "we did not know that" and promise again, and so the cycle continues. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@osr.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 8 of 76  
21 Jan 06 16:40
Mr. GUID
xxxxxx@hotmail.com
Join Date: 21 Jan 2006
Posts To This List: 8
X64 Windows Vista to require signed drivers

>While I think this stinks of anti-trust problems, Microsoft's >lawyers have already determined that this is ok. Would those be the same lawyers who signed off on activities that later got Microsoft convicted of anti-trust? I wouldn't assume that Microsoft is free and clear. I could see somebody bringing legal action -- it doesn't take much to file a lawsuit these days. That might not even be required -- all it may take is filing a complaint with the judge overseeing the consent decree. And what about the EU? They already have Microsoft in their crosshairs. _________________________________________________________________ On the road to retirement? Check out MSN Life Events for advice on how to get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
  Message 9 of 76  
21 Jan 06 19:35
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
X64 Windows Vista to require signed drivers

"Mr. GUID" <xxxxx@hotmail.com> wrote in message news:74674@ntdev... > > Few open source developers will qualify for the Verisign cert, and fewer > still will fork over $500 a year to get it. That comes pretty close to > killing open source kernel code right there. Further, a key benefit of > open source is that everybody is free to modify the code and run their > modified version. > I will generalize what you said. Microsoft has said that an individual can no longer ship a driver for the general populace except through a corporation. Basically, they are barring outright the ability of the individual programmer to ship for pay or for free. Personally, I view this as a very poor policy. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply
  Message 10 of 76  
21 Jan 06 19:45
Peter Viscarola (OSR)
xxxxxx@osr.com
Join Date:
Posts To This List: 4711
List Moderator
X64 Windows Vista to require signed drivers

Interesting comments, and well thought out a431cc41-4147-4027-bbdb-ded89ff92775 (do me a favor and change the name you use on the form... it's just too long). There IS one good thing about a policy that would require drivers to be signed: When a customer gets a driver package, they know (a) who it's from, and (b) that the driver and INF have not been modified since release. Of course, this would be accomplishable by simply requiring the driver be SIGNED, not signed under certain constraints and in a certain way, as currently defined by Microsoft. <QUOTE> Second, everybody should have the right to run software of their choosing on their own machine. It isn't Microsoft's computer -- it's mine. I paid for it. The OS shouldn't dictate what software I'm allowed to run. I think the current WHQL program is reasonable -- it forces people to think about loading unsigned drivers, but leaves the ultimate decision with the owner of the computer. </QUOTE> I agree. That's a very good point. There should be a global way for a customer to by-pass this. Wanna bet there'll be a way for corporations to bypass this by locally signing drivers with their domain's certificate and pushing a group policy? I hasten to add that I DO NOT have any information that indicates this is the case, but I bet it's going to be the eventual outcome. If J-Random-Big Incorporated decides to deploy about 10,000 64-bit Windows graphic workstations, and one of the drivers they need doesn't happen to be signed, I'm thinkin' some bypass policy gets implemented by Microsoft rather quickly. <QUOTE> Few open source developers will qualify for the Verisign cert, and fewer still will fork over $500 a year to get it. That comes pretty close to killing open source kernel code right there. </QUOTE> Are you missing my point? So, Charlie the Computer Whiz goes home and wanders to his bedroom to make some earth-shattering modifications to -- I don't know -- SOME X64 only driver. He releases this onto the world. Nobody but other devs who have debugers hooked up can load it. This is only a good thing in my opinion. Some company picks it up to include in their suite of X64-related Windows shite. This COMPANY signs it. Charlie doesn't need a Verisign ID. <QUOTE> [T]he current policy ... is going to possibly drive me out of the business. </QUOTE> Don, you know I respect you. ANYthing is possible, but this policy having ANY impact on your business is highly unlikely. You write drivers for hardware manufacturer Z. THOSE guys sign the driver, not you. <QUOTE> My town taxes LLC's as business property this means the building (my house) and the capital equipment. ... Basically, Microsoft's decision threathens the way I do business. </QUOTE> Don, with all due respect, I think you're seriously misguided and STRONGLY urge you to get a good tax attorney. Not your family lawyer. Not your uncle's friend's cousin's brother who took a few tax courses. Not your accountant. A real, bona fide, tax attorney. If you do, I think you'll find you're wrong about a lot of your assumptions. (a) As Tony pointed out, if you're an LLC, you can choose to have your income passed-through to you just like a sole proprietorship. (b) There is no reason on God's Green Globe that your HOUSE would be considerd business property. In fact, the IRS regs -- and your town -- probably won't ALLOW you to consider your house business property (is your house in an area that's zoned commercial?). You own the house personally (just like I own my house). Your business owns whatever property it owns. Yes, if you live in a residential zone, depnding on your town, you MIGHT need to bother to get yourself permission for a "home occupation" but given that you NEVER meet customers at your home, produce no waste of any kind, etc, this is typically a formality. Seriously, check into it. You shouldn't be in business without being incorporated in any case, for the purpose of protecting your own assets. But, as Tony said, this discussion belongs on the Tax Issues and Consulting usenet group, not here. P
  Message 11 of 76  
21 Jan 06 22:52
Mr. GUID
xxxxxx@hotmail.com
Join Date: 21 Jan 2006
Posts To This List: 8
X64 Windows Vista to require signed drivers

>Wanna bet there'll be a way for corporations to bypass this by locally >signing drivers with their domain's certificate and pushing a group policy? >I hasten to add that I DO NOT have any information that indicates this is >the case, but I bet it's going to be the eventual outcome. If J-Random-Big >Incorporated decides to deploy about 10,000 64-bit Windows graphic >workstations, and one of the drivers they need doesn't happen to be signed, >I'm thinkin' some bypass policy gets implemented by Microsoft rather >quickly. This sounds like Authenticode signing, which is already supported in Windows Server 2003. The problem is it’s only enforced when a PnP driver is installed, not when the driver is loaded. Enforcement at load time is more difficult. All the certificate store API’s are in user-mode, so the kernel can’t easily validate an arbitrary root certificate. In the scheme proposed for Vista, the kernel only needs to carry a copy of Microsoft’s public key. >>Few open source developers will qualify for the Verisign cert, and fewer >>still will fork over $500 a year to get it. That comes pretty close to >>killing open source kernel code right there. > >Are you missing my point? Perhaps we are talking past each other on this point, but I’d like to give it another try. >So, Charlie the Computer Whiz goes home and wanders to his bedroom to make >some earth-shattering modifications to – I don't know -- SOME X64 only >driver. I’ll stipulate that Charlie probably isn’t writing a driver for a physical piece of hardware. More likely he's writing a filter or some kind of kernel-mode service. Scary as it sounds, maybe he’s writing a file system. Either way, it doesn't really change the principles involved. >He releases this onto the world. Nobody but other devs who have debuggers >hooked up can load it. This is only a good thing in my opinion. I’m very conservative about what I run on my production machines, and I probably wouldn’t load Charlie’s driver. However, I absolutely reserve the right to do so. This is about the freedom to use one’s own computer, and who gets to decide what’s a “good thing” or not. >Some company picks it up to include in their suite of X64-related Windows >shite. This COMPANY signs it. Charlie doesn't need a Verisign ID. For most open source projects there is no “company” –- there’s just Charlie posting his code on SourceForge. _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
  Message 12 of 76  
22 Jan 06 00:47
Peter Viscarola (OSR)
xxxxxx@osr.com
Join Date:
Posts To This List: 4711
List Moderator
X64 Windows Vista to require signed drivers

Yeah... <QUOTE> This sounds like Authenticode signing, which is already supported in Windows Server 2003. The problem is it???s only enforced when a PnP driver is installed, not when the driver is loaded. Enforcement at load time is more difficult. All the certificate store API???s are in user-mode, so the kernel can???t easily validate an arbitrary root certificate. In the scheme proposed for Vista, the kernel only needs to carry a copy of Microsoft???s public key. </QUOTE> Precisely! And I'm all for authenticode signing. That's exactly what I was talking about, in place of this misbegotten policy. You say load-time authenticode validation can't be done easily. We must have different ideas of the meaning of "easily" -- Calling out to user-mode when a driver's loaded isn't likely to be TRIVIAL, but by the same token, consider that this is precisely how most anti-virus programs work (intercepting the file open, and passing the file spec to a user-mode scanning program). Given the frequency with which drivers are loaded, it's not like this is a high-performance path. I could give you the names of at least a half dozen devs in 26 or 28 that'd be up to the task. If they're too busy keeping themselves out of bug jail, I'm sure Don would be happy to write the code... for a very reasonble fee :-) P
  Message 13 of 76  
22 Jan 06 11:00
Mr. GUID
xxxxxx@hotmail.com
Join Date: 21 Jan 2006
Posts To This List: 8
X64 Windows Vista to require signed drivers

>You say load-time authenticode validation can't be done easily. >We must have different ideas of the meaning of "easily" – Calling >out to user-mode when a driver's loaded isn't likely to be TRIVIAL, >but by the same token, consider that this is precisely how most >anti-virus programs work (intercepting the file open, and passing >the file spec to a user-mode scanning program). Given the frequency >with which drivers are loaded, it's not like this is a high-performance >path. I think signature enforcement is more difficult than AV scanning. I’m not saying it can’t be done -- just that it presents some unique challenges. The big problem is that driver loads need to happen long before Win32 starts. Microsoft even plans to have ntldr verify signatures of boot drivers (that’s why boot driver .sys files need to be signed directly, and not just referenced in a catalog). I suspect that the only way to robustly support Authenticode in the kernel is to support it IN the kernel. _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
  Message 14 of 76  
22 Jan 06 11:54
Mark Roddy
xxxxxx@hollistech.com
Join Date: 25 Feb 2000
Posts To This List: 3683
X64 Windows Vista to require signed drivers

I assume that for testing purposes you can still install test root certificates on your test systems and sign your drivers with your own test signatures. I could be wrong of course, but I would be surprised if that were not the case. ===================== Mark Roddy DDK MVP Windows 2003/XP/2000 Consulting Hollis Technology Solutions 603-321-1032 www.hollistech.com > -----Original Message----- > From: xxxxx@lists.osr.com > [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn > Sent: Saturday, January 21, 2006 1:23 PM > To: Windows System Software Devs Interest List > Subject: Re:[ntdev] X64 Windows Vista to require signed drivers > > Another thing I really love about the new policy is the ways > to override it as a developer: > <...excess quoted lines suppressed...>
  Message 15 of 76  
22 Jan 06 14:39
Bruno van Dooren
xxxxxx@hotmail.com
Join Date: 12 Jan 2006
Posts To This List: 51
X64 Windows Vista to require signed drivers

maybe I can add another point to this discussion that hasn't yet been voiced. I am a software engineer fo a small consulting company. Device drivers are not our business. In fact, it is just something that i started to learn because I think it is interesting. any device driver that i write will likely be just for personal use, like a small USB or PCI IO interface to do some simple things for a demo or whatever. It would be perfectly normal for me to want a driver or kernel service to be loaded on my system for whatever reason. maybe this does not seem important to professional developers, but for people like me it can become really problematic. why shouldn't i be able to do this in a normal way? and even if it was just a one time cost i could understand (like a vendor ID), but now you have to keep paying each year. for some of us, this is difficult to justify with our bosses. (not to mention having to explain why we need to do business with verisign) kind regards, Bruno.
  Message 16 of 76  
22 Jan 06 15:13
cristalink
xxxxxx@cristalink.com
Join Date: 20 Dec 2004
Posts To This List: 77
X64 Windows Vista to require signed drivers

>Precisely! And I'm all for authenticode signing. That's exactly what I was >talking about, in place of this misbegotten policy. I am for authenticode with my own signature, but not Microsoft's one. Apparently, there is a guy or two in Microsoft pushing their stupid ideas about driver signing. There's absolutely no point to check driver signatures at boot time, when the root certificates are not available. The signatures should be checked while the drivers are installed. Installed drivers should be hashed and the checksums stored somewhere. At boot time, Windows just re-checks the checksums not bothering with signatures. One can say that someone can hack the checksums stored. Well, if one can hack the checksums, they can easily hack the code that validates the signatures, too. My guess is, the Microsoft/Verisign monopoly's idea of signing drivers with their own signatures is nothing more than an attempt to suck out hundreds of dollars a year from developers. Just another way to get money flowing in. -- http://www.cristalink.com <xxxxx@osr.com> wrote in message news:74682@ntdev... Yeah... <QUOTE> This sounds like Authenticode signing, which is already supported in Windows Server 2003. The problem is it's only enforced when a PnP driver is installed, not when the driver is loaded. Enforcement at load time is more difficult. All the certificate store API's are in user-mode, so the kernel can't easily validate an arbitrary root certificate. In the scheme proposed for Vista, the kernel only needs to carry a copy of Microsoft's public key. </QUOTE> Precisely! And I'm all for authenticode signing. That's exactly what I was talking about, in place of this misbegotten policy. You say load-time authenticode validation can't be done easily. We must have different ideas of the meaning of "easily" -- Calling out to user-mode when a driver's loaded isn't likely to be TRIVIAL, but by the same token, consider that this is precisely how most anti-virus programs work (intercepting the file open, and passing the file spec to a user-mode scanning program). Given the frequency with which drivers are loaded, it's not like this is a high-performance path. I could give you the names of at least a half dozen devs in 26 or 28 that'd be up to the task. If they're too busy keeping themselves out of bug jail, I'm sure Don would be happy to write the code... for a very reasonble fee :-) P
  Message 17 of 76  
22 Jan 06 15:38
Christiaan Ghijselinck
xxxxxx@CompaqNet.be
Join Date: 21 Mar 2002
Posts To This List: 453
X64 Windows Vista to require signed drivers

> > "Mr. GUID" <xxxxx@hotmail.com> wrote in > message news:74674@ntdev... > > > > Few open source developers will qualify for the Verisign cert, and fewer > > still will fork over $500 a year to get it. That comes pretty close to > > killing open source kernel code right there. Further, a key benefit of > > open source is that everybody is free to modify the code and run their > > modified version. > > <...excess quoted lines suppressed...> Would following scenario be feasable : 1. Someone develops and provides an UNSIGNED device driver ( open source or not ) to a company. 2. The same developer provides all support , scripts or even a program that calls the signing tools, to the company 3. If the company has a valid code signing certificate , signing of the just "just purchased" driver is a 5 minutes job, 4. if the company has NO valid signing certificate , he buys one for $500 and signs the driver with it. Reaction appreciated .... Christiaan > > > -- > Don Burn (MVP, Windows DDK) > Windows 2k/XP/2k3 Filesystem and Driver Consulting > Remove StopSpam from the email to reply > > >
  Message 18 of 76  
22 Jan 06 16:00
Bruno van Dooren
xxxxxx@hotmail.com
Join Date: 12 Jan 2006
Posts To This List: 51
X64 Windows Vista to require signed drivers

this will only shift the problem. nobody is going to provide 3d party signing out of the kindness of their hearts. so instead of paying per year, you'll pay someone else per signature. and then it might not even be legal to do this. it could be against the eula that you no doubt have to agree to before getting the PIC. kind regards, Bruno. "Christiaan Ghijselinck" <xxxxx@CompaqNet.be> wrote in message news:74696@ntdev... > > >> >> "Mr. GUID" <xxxxx@hotmail.com> wrote in >> message news:74674@ntdev... >> > >> > Few open source developers will qualify for the Verisign cert, and >> > fewer >> > still will fork over $500 a year to get it. That comes pretty close to >> > killing open source kernel code right there. Further, a key benefit of <...excess quoted lines suppressed...>
  Message 19 of 76  
22 Jan 06 16:15
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
X64 Windows Vista to require signed drivers

I suggested this to a customer who I wrote a driver for (this wasn't even to sign if was just for WinQual access). Now one of the things I do is provide drivers for customers who can best be described as almost non-technical, they can do a little "C", some Visual Basic and that is about it. What my customers want is access to something that is easy to do in the kernel, and hard or impossible in user space. Anyway I pointed the customer at WinQual, they came back confused enough to tell me to do it. I said I would need their VeriSign ID, but Verisign emphasises that this is your identity keep it safe, so the customer was terrified of giving to me. End result they are shipping a driver, I'm supporting it, but no WinQual data on failures ever gets accesses. Note for a number of these folks, the price I charge is small enough, that cost of changing my business practices to have the Verisign ID, would make the cost to them impractical. In a couple cases, the work I have done was to replace what was close to a malware approach, because they found a hacker who had an approach like hooking to do what has a blessed approach. "Christiaan Ghijselinck" <xxxxx@CompaqNet.be> wrote in message news:74696@ntdev... > > >> >> "Mr. GUID" <xxxxx@hotmail.com> wrote in >> message news:74674@ntdev... >> > >> > Few open source developers will qualify for the Verisign cert, and >> > fewer >> > still will fork over $500 a year to get it. That comes pretty close to >> > killing open source kernel code right there. Further, a key benefit of <...excess quoted lines suppressed...>
  Message 20 of 76  
22 Jan 06 16:28
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
X64 Windows Vista to require signed drivers

And you are missing the other problem. Part of the reason to have the ID is to log on to WinQual and find out that your driver is crashing. Microsoft reports this for all drivers whether signed or not. One wonders how many crashes would be cleaned up, if the small companies and third party developers had access to the data on their drivers. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply "Bruno van Dooren" <xxxxx@hotmail.com> wrote in message news:74697@ntdev... > this will only shift the problem. nobody is going to provide 3d party > signing out of the kindness of their hearts. so instead of paying per > year, you'll pay someone else per signature. > > and then it might not even be legal to do this. it could be against the > eula that you no doubt have to agree to before getting the PIC. > > kind regards, > Bruno.
  Message 21 of 76  
22 Jan 06 17:25
Christiaan Ghijselinck
xxxxxx@CompaqNet.be
Join Date: 21 Mar 2002
Posts To This List: 453
X64 Windows Vista to require signed drivers

> And you are missing the other problem. Part of the reason to have the ID is > to log on to WinQual and find out that your driver is crashing. Microsoft > reports this for all drivers whether signed or not. One wonders how many > crashes would be cleaned up, if the small companies and third party > developers had access to the data on their drivers. > There you have a point. But apart from this , could there be problem when the developer provides a unsigned driver as "built for the company" and when the company receives the driver , he has to care about : obtaining a certificate , a PIC and signing the driver himself. The developer could support this signing procedure ( without receiving the certificate from the company ) if that procedure itself would be too obscure or difficult to follow. After all , I don't see a reason why the developer himself should be able to provide the signed "build for the company" driver to the world with his "own" signature. This would be even illegal in point of view of the company that obtained/distributes the driver. I also think about the fact that a company wishes to sign the software he spreads with his own signature , not the signature of the developer ... I think this would at least save the $500 costs for the developer and the time to spend the time on obtaining the PIC , signing , etc.. . After all , the developer is not to blame about this new driver signing method ... Christiaan > > > -- > Don Burn (MVP, Windows DDK) > Windows 2k/XP/2k3 Filesystem and Driver Consulting > Remove StopSpam from the email to reply > > > "Bruno van Dooren" <xxxxx@hotmail.com> wrote in message <...excess quoted lines suppressed...>
  Message 22 of 76  
22 Jan 06 17:53
Thomas F. Divine
xxxxxx@hotmail.com
Join Date:
Posts To This List: 537
X64 Windows Vista to require signed drivers

There is another aspect of this, and Vista security in general. In my experiance too much security can close the door to using Windows for a farily large number of specialized applications. Small specialized industries are an example. Here the requirement may be for one site to have specialized one-of drivers that control, for example, a wharehouse full of sewing machines. A single developer could easily develop and maintain drivers and other components for this environment. There is absolutely no interest in this case for a wider distribution of drivers in this closed system. No interest in Microsoft "approval", etc. However, if the OS frustrates the developer when installing what is needed on Windows platforms he (or she) may choose to move to another platform instead of fighting the security/signing hurdles. The Vista driver signing requirements certainly won't encourage use of Windows in a number of innovative areas. Thomas F. Divine, Windows DDK MVP
  Message 23 of 76  
22 Jan 06 19:05
Christiaan Ghijselinck
xxxxxx@CompaqNet.be
Join Date: 21 Mar 2002
Posts To This List: 453
X64 Windows Vista to require signed drivers

> There is another aspect of this, and Vista security in general. > > In my experiance too much security can close the door to using Windows for a > farily large number of specialized applications. > > Small specialized industries are an example. Here the requirement may be for > one site to have specialized one-of drivers that control, for example, a > wharehouse full of sewing machines. A single developer could easily develop > and maintain drivers and other components for this environment. There is > absolutely no interest in this case for a wider distribution of drivers in <...excess quoted lines suppressed...> Probably , but people may be inventif on this. Assume there exists a company named "Driver Sign International Inc." that signs your driver package for a small fee of $10 and promptly delivers you the result back within 24 hours. If legal and , it would prove how ridiculous the driver signing strategy is after all . C. P.S. I have no patent on the idea :-D > > > > --- > Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 > > You are currently subscribed to ntdev as: xxxxx@compaqnet.be > To unsubscribe send a blank email to xxxxx@lists.osr.com >
  Message 24 of 76  
22 Jan 06 19:41
Maxim S. Shatskih
xxxxxx@storagecraft.com
Join Date: 20 Feb 2003
Posts To This List: 9501
X64 Windows Vista to require signed drivers

Do you remember the discussion on the Summit, Mark? They promised to allow the admin to install the company's cert manually to the machine (like the IE's option of "Always trust the software from La-La-La Corporation) and thus make the non-WHQLed driver loadable. But you see - anyway the company's cert is needed. It is very interesting how will they deal with the cert revocation lists in NTLDR :) Maxim Shatskih, Windows DDK MVP StorageCraft Corporation xxxxx@storagecraft.com http://www.storagecraft.com ----- Original Message ----- From: "Mark Roddy" <xxxxx@hollistech.com> To: "Windows System Software Devs Interest List" <xxxxx@lists.osr.com> Sent: Sunday, January 22, 2006 7:52 PM Subject: RE: [ntdev] X64 Windows Vista to require signed drivers > I assume that for testing purposes you can still install test root > certificates on your test systems and sign your drivers with your own test > signatures. I could be wrong of course, but I would be surprised if that > were not the case. > > ===================== > Mark Roddy DDK MVP > Windows 2003/XP/2000 Consulting > Hollis Technology Solutions 603-321-1032 <...excess quoted lines suppressed...> http://www.osronline.com/article.cfm?id=256 > > You are currently subscribed to ntdev as: xxxxx@storagecraft.com > To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 25 of 76  
22 Jan 06 19:52
Maxim S. Shatskih
xxxxxx@storagecraft.com
Join Date: 20 Feb 2003
Posts To This List: 9501
X64 Windows Vista to require signed drivers

Read the samples and the MSDN documentation, including the concepts chapters. Read the book on general NT architecture like Solomon/Russinovich, if you did not this before :) Read the Walter Oney's book - it is very good, as an advanced version of MSDN's documentation. Maxim Shatskih, Windows DDK MVP StorageCraft Corporation xxxxx@storagecraft.com http://www.storagecraft.com ----- Original Message ----- From: "Bruno van Dooren" <xxxxx@hotmail.com> Newsgroups: ntdev To: "Windows System Software Devs Interest List" <xxxxx@lists.osr.com> Sent: Sunday, January 22, 2006 10:39 PM Subject: Re:[ntdev] X64 Windows Vista to require signed drivers > maybe I can add another point to this discussion that hasn't yet been > voiced. > > I am a software engineer fo a small consulting company. Device drivers are > not our business. In fact, it is just something that i started to learn > because I think it is interesting. > > any device driver that i write will likely be just for personal use, like a > small USB or PCI IO interface to do some simple things for a demo or <...excess quoted lines suppressed...> http://www.osronline.com/article.cfm?id=256 > > You are currently subscribed to ntdev as: xxxxx@storagecraft.com > To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 26 of 76  
23 Jan 06 07:58
Mark Roddy
xxxxxx@hollistech.com
Join Date: 25 Feb 2000
Posts To This List: 3683
X64 Windows Vista to require signed drivers

Actually I don't remember if they said that test certificates would still work or not, which is why I floated my comment out there, hoping somebody would say either 'yes test certificates will still work' or 'no test certificates won't work'. The whole thing ends up being obnoxious. Give me an ipl-time switch to control what level of driver install security I want. How difficult would that be? ===================== Mark Roddy DDK MVP Windows 2003/XP/2000 Consulting Hollis Technology Solutions 603-321-1032 www.hollistech.com > -----Original Message----- > From: xxxxx@lists.osr.com > [mailto:xxxxx@lists.osr.com] On Behalf Of Maxim > S. Shatskih > Sent: Sunday, January 22, 2006 7:45 PM > To: Windows System Software Devs Interest List > Subject: Re: [ntdev] X64 Windows Vista to require signed drivers > > Do you remember the discussion on the Summit, Mark? > <...excess quoted lines suppressed...>
  Message 27 of 76  
23 Jan 06 08:38
Dan Partelly
xxxxxx@rdsor.ro
Join Date: 03 Jan 2002
Posts To This List: 465
X64 Windows Vista to require signed drivers

>> How difficult would that be? I think is raher part of a policy. A policy which suxs big time, and which takes away the rights from me, the user to install and software I want on my machines. Microsoft and it;'s engineers should rather spend their time ficing very serious OS bugs and security holes then implementing idiotic stuff. But no, they wont fix the bugs in Windows. No, god fobid. It would be too complicated :P They would rather take away rights from the user and shoot into the little driver devloper and consultant. Congrats Microsoft. Way to go. Dan ----- Original Message ----- From: "Mark Roddy" <xxxxx@hollistech.com> To: "Windows System Software Devs Interest List" <xxxxx@lists.osr.com> Sent: Monday, January 23, 2006 2:57 PM Subject: RE: [ntdev] X64 Windows Vista to require signed drivers > Actually I don't remember if they said that test certificates would still > work or not, which is why I floated my comment out there, hoping somebody > would say either 'yes test certificates will still work' or 'no test > certificates won't work'. > > The whole thing ends up being obnoxious. Give me an ipl-time switch to > control what level of driver install security I want. How difficult would > that be? > <...excess quoted lines suppressed...>
  Message 28 of 76  
23 Jan 06 08:48
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
X64 Windows Vista to require signed drivers

I am not against the policy. I do think that WinQual has made a serious mistake for years in not providing a way for an individual to get access to their bug reporting and signing. Personally, I don't object to the direct costs of the ID, though I understand people who do. If WinQual is supposed to be helping increase the quality of Windows. And if as has been stated at multiple Microsoft conferences, 3rd party drivers are the biggest cause of crashes, then why is WinQual not doing every thing in their power to get the bug data out to the responsible parties. This new policy seems to be failing to recognize they have done a lousy job of providing access for years. Their solution seems to be rather than fix their procedures, we will only allow people who use our procedures to ship drivers. I have wanted to use their procedures for years, but I don't want the headaches of having a corporation or working for one. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply "Dan Partelly" <xxxxx@rdsor.ro> wrote in message news:74729@ntdev... >>> How difficult would that be? > > I think is raher part of a policy. A policy which suxs big time, and > which takes away the rights from me, the user to install and software > I want on my machines. > > Microsoft and it;'s engineers should rather spend their time ficing > very serious OS bugs and security holes then implementing > idiotic stuff. But no, they wont fix the bugs in Windows. > No, god fobid. It would be too complicated :P <...excess quoted lines suppressed...>
  Message 29 of 76  
23 Jan 06 09:21
ntdev member 27411
xxxxxx@flconsult.com
Join Date:
Posts To This List: 39
X64 Windows Vista to require signed drivers

Hi Folks, Just my 2 cents Sounds like the opportunity to start a new business! Can't someone put together a 3rd party "Verification" company? This company would take submissions from contractors/etc - run some 'qual' tests - and then certify with their verisign. This could be done a many sliding $ scales to make it effective for contractors/companies to do. You can just budget it into the project cost and then no hassles with LLCs,INCs/etc Maybe my company should offer this service? :) Steve Spano President, Finger Lakes Engineering (V) 607-277-1614 x223 (F) 800-835-7164 (C) 607-342-1150 xxxxx@flconsult.com www.fl-eng.com -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn Sent: Monday, January 23, 2006 8:48 AM To: Windows System Software Devs Interest List Subject: Re:[ntdev] X64 Windows Vista to require signed drivers I am not against the policy. I do think that WinQual has made a serious mistake for years in not providing a way for an individual to get access to their bug reporting and signing. Personally, I don't object to the direct costs of the ID, though I understand people who do. If WinQual is supposed to be helping increase the quality of Windows. And if as has been stated at multiple Microsoft conferences, 3rd party drivers are the biggest cause of crashes, then why is WinQual not doing every thing in their power to get the bug data out to the responsible parties. This new policy seems to be failing to recognize they have done a lousy job of providing access for years. Their solution seems to be rather than fix their procedures, we will only allow people who use our procedures to ship drivers. I have wanted to use their procedures for years, but I don't want the headaches of having a corporation or working for one. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply "Dan Partelly" <xxxxx@rdsor.ro> wrote in message news:74729@ntdev... >>> How difficult would that be? > > I think is raher part of a policy. A policy which suxs big time, and > which takes away the rights from me, the user to install and software > I want on my machines. > > Microsoft and it;'s engineers should rather spend their time ficing > very serious OS bugs and security holes then implementing > idiotic stuff. But no, they wont fix the bugs in Windows. > No, god fobid. It would be too complicated :P <...excess quoted lines suppressed...> little > driver > devloper and consultant. Congrats Microsoft. Way to go. > > Dan > --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@flconsult.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 30 of 76  
23 Jan 06 09:28
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
X64 Windows Vista to require signed drivers

Nice idea, of course you need to handle test submissions, monitoring and returning the WinQual reports on the driver etc. You also have to be willing to enter into 3 way NDA's between the consultant, the customer and your firm. And finally since a test submission to Microsoft is down to around $200, you probably can't charge more than that youself for the total cost of getting the driver through WHQL and subsequent report monitoring. I hope you have a really cheap lawyer and clerical staff. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply "Steve Spano" <xxxxx@flconsult.com> wrote in message news:74735@ntdev... > Hi Folks, > > Just my 2 cents > > Sounds like the opportunity to start a new business! > > Can't someone put together a 3rd party "Verification" company? > > This company would take submissions from contractors/etc - run some > 'qual' tests - and then certify with their verisign. <...excess quoted lines suppressed...>
  Message 31 of 76  
23 Jan 06 09:29
ntdev member 27462
xxxxxx@comcast.net
Join Date:
Posts To This List: 186
X64 Windows Vista to require signed drivers

I must agree with Dan here, Recently someone form MS posted that 80% of system crashes where due to third-party drivers according to the dumps that MS receives. However, in the last few years MS platforms have become increasingly difficult to bring down unless your actively developing software on one. I believe MS is introducing this restriction in an attempt to make the platform even more stable while overlooking the fact that 99% of home and business users are more so affected by spyware, worms, viruses, ect. that exploit the vuns in the OS. <- That is the average person's MAIN concern, keeping malware out of their system! I could live with a few bsod's in exchange for a system that couldn't be torn-up be the latest worm. MS just doesn't seem to understand what the consumer wants anymore; this is the exact reason GM is laying off 25,000 workers today - selling crap people don't need or want. MS needs to get back to the basics of an 'easy to use, easy to program' operating system. Matt Dan Partelly wrote: >>> How difficult would that be? >> > > I think is raher part of a policy. A policy which suxs big time, and > which takes away the rights from me, the user to install and software > I want on my machines. > > Microsoft and it;'s engineers should rather spend their time ficing > very serious OS bugs and security holes then implementing > idiotic stuff. But no, they wont fix the bugs in Windows. <...excess quoted lines suppressed...>
  Message 32 of 76  
23 Jan 06 11:55
ntdev member 25850
xxxxxx@stonestreetone.com
Join Date:
Posts To This List: 207
X64 Windows Vista to require signed drivers

> My guess is, the Microsoft/Verisign monopoly's idea > of signing drivers with their own signatures is > nothing more than an attempt to suck out hundreds > of dollars a year from developers. Just another > way to get money flowing in. Oh please. That's an absolutely trivial cash flow. That wouldn't pay for a guy in a mailroom. The reason from Microsoft's point of view is plainly obvious -- security and reliability. The empirical data is pretty clear -- buggy drivers are the main reason for Windows crashes. Now, I DO resent the fact that I, as owner of my own computer, will not be able to make a policy decision to install unsigned drivers. I think that is wrong, wrong, wrong. I'm fine with big red flashy scary dialog boxes telling me about all the horrors of unsigned drivers, as long as I still have a choice to install them. -- arlie -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of cristalink Sent: Sunday, January 22, 2006 3:13 PM To: Windows System Software Devs Interest List Subject: Re:[ntdev] X64 Windows Vista to require signed drivers >Precisely! And I'm all for authenticode signing. That's exactly what I >was talking about, in place of this misbegotten policy. I am for authenticode with my own signature, but not Microsoft's one. Apparently, there is a guy or two in Microsoft pushing their stupid ideas about driver signing. There's absolutely no point to check driver signatures at boot time, when the root certificates are not available. The signatures should be checked while the drivers are installed. Installed drivers should be hashed and the checksums stored somewhere. At boot time, Windows just re-checks the checksums not bothering with signatures. One can say that someone can hack the checksums stored. Well, if one can hack the checksums, they can easily hack the code that validates the signatures, too. My guess is, the Microsoft/Verisign monopoly's idea of signing drivers with their own signatures is nothing more than an attempt to suck out hundreds of dollars a year from developers. Just another way to get money flowing in. -- http://www.cristalink.com <xxxxx@osr.com> wrote in message news:74682@ntdev... Yeah... <QUOTE> This sounds like Authenticode signing, which is already supported in Windows Server 2003. The problem is it's only enforced when a PnP driver is installed, not when the driver is loaded. Enforcement at load time is more difficult. All the certificate store API's are in user-mode, so the kernel can't easily validate an arbitrary root certificate. In the scheme proposed for Vista, the kernel only needs to carry a copy of Microsoft's public key. </QUOTE> Precisely! And I'm all for authenticode signing. That's exactly what I was talking about, in place of this misbegotten policy. You say load-time authenticode validation can't be done easily. We must have different ideas of the meaning of "easily" -- Calling out to user-mode when a driver's loaded isn't likely to be TRIVIAL, but by the same token, consider that this is precisely how most anti-virus programs work (intercepting the file open, and passing the file spec to a user-mode scanning program). Given the frequency with which drivers are loaded, it's not like this is a high-performance path. I could give you the names of at least a half dozen devs in 26 or 28 that'd be up to the task. If they're too busy keeping themselves out of bug jail, I'm sure Don would be happy to write the code... for a very reasonble fee :-) P --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@stonestreetone.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 33 of 76  
23 Jan 06 12:37
Thomas F. Divine
xxxxxx@hotmail.com
Join Date:
Posts To This List: 537
X64 Windows Vista to require signed drivers

"Arlie Davis" <xxxxx@stonestreetone.com> wrote in message news:74752@ntdev... >> My guess is, the Microsoft/Verisign monopoly's idea >> of signing drivers with their own signatures is >> nothing more than an attempt to suck out hundreds >> of dollars a year from developers. Just another >> way to get money flowing in. > > Oh please. That's an absolutely trivial cash flow. That wouldn't pay for > a > guy in a mailroom. The reason from Microsoft's point of view is plainly > obvious -- security and reliability. The empirical data is pretty <...excess quoted lines suppressed...> One additional point in the "desired" scenario: If you (the owner of the computer) elect to install the unsigned driver the OS should treat it as if it was signed from a functional perspective. Here I'm thinking about behaviors that adversly effect the behavior of unsigned drivers when drivers are updated or new PnP devices arrive. Even with current Windows the OS does not handle these situations correctly for unsigned drivers. Thomas F. Divine, Windows DDK MVP
  Message 34 of 76  
23 Jan 06 14:13
Bruno van Dooren
xxxxxx@hotmail.com
Join Date: 12 Jan 2006
Posts To This List: 51
X64 Windows Vista to require signed drivers

Hello Maxim, > Read the samples and the MSDN documentation, including the concepts Did that. I actually bought a second hand DDK reference for 50 euros. started reading about IRP handling but grew bored after the first 200 pages :( >Read the book on general NT architecture like Solomon/Russinovich, if > you did not this before :) I have bought a copy of windows sytem internals 4th edition. it will be next after i finish win32 systems programming. >Read the Walter Oney's book - it is very good, as an advanced version of >MSDN's documentation. I have read Oney's book. 2 times front to back actually. It is the most comprehensive source of information I have yet come across. I have also subscribed to the NT insider, and bought the OSR USB-FX2 learning kit. To be honest, i kind of gave up on wiring a WDM driver when i started implementing power management. The horror... Now i have written a USB driver for the USB-FX2 using WDF. WDF and KMDF rule. that is the reason i am worried about this driver signing. tinkering with drivers is something i do for hobby or demo purposes. if i want to develop a driver for some simple USB devices in our company (that now use virtual om ports) that would cost us 500$ a year, which is stupid IMO. thanks for the advice. kind regards, Bruno. > > Maxim Shatskih, Windows DDK MVP > StorageCraft Corporation > xxxxx@storagecraft.com > http://www.storagecraft.com > > ----- Original Message ----- > From: "Bruno van Dooren" <xxxxx@hotmail.com> > Newsgroups: ntdev > To: "Windows System Software Devs Interest List" <xxxxx@lists.osr.com> <...excess quoted lines suppressed...>
  Message 35 of 76  
23 Jan 06 14:29
Peter Viscarola (OSR)
xxxxxx@osr.com
Join Date:
Posts To This List: 4711
List Moderator
X64 Windows Vista to require signed drivers

I think the point about special-purpose drivers that are used in-house or by third party companies in very specific markets is a good one. There are TONS of these drivers, and requiring them to be signed is nothing but a DISincentive for people to move to 64-bit Windows. Sigh... I'm glad Microsoft is thinking about issues of driver security and reliability, but I really wish they would enter into a dialog with the community about these policies before mandating them. I dare say that even THEY can't think of every consequence of every proposed policy. Peter OSR
  Message 36 of 76  
23 Jan 06 14:36
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
X64 Windows Vista to require signed drivers

To see if we can get Microsoft to initiate a discussion, I urge everyone to go read the paper at http://www.microsoft.com/whdc/system/platform/64bit/kmsigning.mspx. At the end of the paper is the feedback email address for this stuff. If enough of us make rational comments to that address, Microsoft may realize there is a problem. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply <xxxxx@osr.com> wrote in message news:74764@ntdev... > > I think the point about special-purpose drivers that are used in-house or > by third party companies in very specific markets is a good one. > > There are TONS of these drivers, and requiring them to be signed is > nothing but a DISincentive for people to move to 64-bit Windows. > > Sigh... I'm glad Microsoft is thinking about issues of driver security and > reliability, but I really wish they would enter into a dialog with the > community about these policies before mandating them. I dare say that <...excess quoted lines suppressed...>
  Message 37 of 76  
23 Jan 06 14:55
ntdev member 9926
xxxxxx@mc.com
Join Date:
Posts To This List: 178
X64 Windows Vista to require signed drivers

Will do. I find it really odd that this policy is only on X64 systems. As others have pointed out, it is a huge disincentive to support X64. If it's important for x64, it's at least as important (if not more so) for 32-bit Vista, no? While I detest the policy, I didn't think this news was all that new. Haven't they been saying all along that you will not be able to install a driver on Vista if it is not digitally signed? Or is this a new twist on that policy? I'm confused. But then again, the whole driver signing process has had me in a state of confusion since I first started looking into it and now it looks like the process is changing? But only for some platforms? Huh? ?????. Beverly -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn Sent: Monday, January 23, 2006 2:36 PM To: Windows System Software Devs Interest List Subject: Re:[ntdev] X64 Windows Vista to require signed drivers To see if we can get Microsoft to initiate a discussion, I urge everyone to go read the paper at http://www.microsoft.com/whdc/system/platform/64bit/kmsigning.mspx. At the end of the paper is the feedback email address for this stuff. If enough of us make rational comments to that address, Microsoft may realize there is a problem. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply <xxxxx@osr.com> wrote in message news:74764@ntdev... > > I think the point about special-purpose drivers that are used in-house or > by third party companies in very specific markets is a good one. > > There are TONS of these drivers, and requiring them to be signed is > nothing but a DISincentive for people to move to 64-bit Windows. > > Sigh... I'm glad Microsoft is thinking about issues of driver security and > reliability, but I really wish they would enter into a dialog with the > community about these policies before mandating them. I dare say that > even THEY can't think of every consequence of every proposed policy. > > Peter > OSR > > > --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@mc.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 38 of 76  
23 Jan 06 15:00
ntdev member 2092
xxxxxx@stratus.com
Join Date:
Posts To This List: 1798
X64 Windows Vista to require signed drivers

Good suggestion. My initial reading answers my own question: there will be no mechanism to allow test signatures in the released VISTA builds. Instead you have to have a debugger attached or a human attached to press F8. This seems to be a showstopper for organizations doing automated testing. It also appears to be at loggerheads with the admonitions to not get signatures for test builds early on in the paper (Best Practices for Code Signing through Development, Test, and Release.) As usual there is an 'inside outside' disconnect at Microsoft. The mechanism to disable enforcement is itself disabled for the released versions of Vista - well that works just fine if you are inside Microsoft working on Vista development, but us outsiders will be doing development against the released versions of Vista not the pre-release versions, which of course will have the enforcement disable mechanism in BCDedit disabled . Sheesh. -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn Sent: Monday, January 23, 2006 2:36 PM To: Windows System Software Devs Interest List Subject: Re:[ntdev] X64 Windows Vista to require signed drivers To see if we can get Microsoft to initiate a discussion, I urge everyone to go read the paper at http://www.microsoft.com/whdc/system/platform/64bit/kmsigning.mspx. At the end of the paper is the feedback email address for this stuff. If enough of us make rational comments to that address, Microsoft may realize there is a problem. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply <xxxxx@osr.com> wrote in message news:74764@ntdev... > > I think the point about special-purpose drivers that are used in-house or > by third party companies in very specific markets is a good one. > > There are TONS of these drivers, and requiring them to be signed is > nothing but a DISincentive for people to move to 64-bit Windows. > > Sigh... I'm glad Microsoft is thinking about issues of driver security and > reliability, but I really wish they would enter into a dialog with the > community about these policies before mandating them. I dare say that > even THEY can't think of every consequence of every proposed policy. > > Peter > OSR > > > --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@stratus.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 39 of 76  
23 Jan 06 15:01
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
X64 Windows Vista to require signed drivers

It is true they said all drivers must be signed, but in the past they then said an administrator could sign a driver for a machine or a domain with a tool Microsoft would provide. The change is that now for 64-bit you have go through WinQual to get the signature, so a typical administrator cannot do it. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply "Brown, Beverly" <xxxxx@mc.com> wrote in message news:74768@ntdev... While I detest the policy, I didn't think this news was all that new. Haven't they been saying all along that you will not be able to install a driver on Vista if it is not digitally signed? Or is this a new twist on that policy? I'm confused. But then again, the whole driver signing process has had me in a state of confusion since I first started looking into it and now it looks like the process is changing? But only for some platforms? Huh? ?????.
  Message 40 of 76  
23 Jan 06 15:01
ntdev member 2092
xxxxxx@stratus.com
Join Date:
Posts To This List: 1798
X64 Windows Vista to require signed drivers

It is more painful than I expected as it seems to eliminate any reasonable mechanism for testing of 'less than fully signed' drivers. -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Brown, Beverly Sent: Monday, January 23, 2006 2:55 PM To: Windows System Software Devs Interest List Subject: RE: [ntdev] X64 Windows Vista to require signed drivers Will do. I find it really odd that this policy is only on X64 systems. As others have pointed out, it is a huge disincentive to support X64. If it's important for x64, it's at least as important (if not more so) for 32-bit Vista, no? While I detest the policy, I didn't think this news was all that new. Haven't they been saying all along that you will not be able to install a driver on Vista if it is not digitally signed? Or is this a new twist on that policy? I'm confused. But then again, the whole driver signing process has had me in a state of confusion since I first started looking into it and now it looks like the process is changing? But only for some platforms? Huh? ?????. Beverly -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn Sent: Monday, January 23, 2006 2:36 PM To: Windows System Software Devs Interest List Subject: Re:[ntdev] X64 Windows Vista to require signed drivers To see if we can get Microsoft to initiate a discussion, I urge everyone to go read the paper at http://www.microsoft.com/whdc/system/platform/64bit/kmsigning.mspx. At the end of the paper is the feedback email address for this stuff. If enough of us make rational comments to that address, Microsoft may realize there is a problem. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply <xxxxx@osr.com> wrote in message news:74764@ntdev... > > I think the point about special-purpose drivers that are used in-house or > by third party companies in very specific markets is a good one. > > There are TONS of these drivers, and requiring them to be signed is > nothing but a DISincentive for people to move to 64-bit Windows. > > Sigh... I'm glad Microsoft is thinking about issues of driver security and > reliability, but I really wish they would enter into a dialog with the > community about these policies before mandating them. I dare say that > even THEY can't think of every consequence of every proposed policy. > > Peter > OSR > > > --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@mc.com To unsubscribe send a blank email to xxxxx@lists.osr.com --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: unknown lmsubst tag argument: '' To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 41 of 76  
23 Jan 06 15:22
Lyndon J. Clarke
xxxxxx@neverfailgroup.com
Join Date: 10 Nov 2003
Posts To This List: 227
X64 Windows Vista to require signed drivers

So ... if I understood this paper ... *all* of our test systems will have to have a debugger attached ... this is just ridiculous. "Roddy, Mark" <xxxxx@stratus.com> wrote in message news:74771@ntdev... It is more painful than I expected as it seems to eliminate any reasonable mechanism for testing of 'less than fully signed' drivers. -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Brown, Beverly Sent: Monday, January 23, 2006 2:55 PM To: Windows System Software Devs Interest List Subject: RE: [ntdev] X64 Windows Vista to require signed drivers Will do. I find it really odd that this policy is only on X64 systems. As others have pointed out, it is a huge disincentive to support X64. If it's important for x64, it's at least as important (if not more so) for 32-bit Vista, no? While I detest the policy, I didn't think this news was all that new. Haven't they been saying all along that you will not be able to install a driver on Vista if it is not digitally signed? Or is this a new twist on that policy? I'm confused. But then again, the whole driver signing process has had me in a state of confusion since I first started looking into it and now it looks like the process is changing? But only for some platforms? Huh? ?????. Beverly -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn Sent: Monday, January 23, 2006 2:36 PM To: Windows System Software Devs Interest List Subject: Re:[ntdev] X64 Windows Vista to require signed drivers To see if we can get Microsoft to initiate a discussion, I urge everyone to go read the paper at http://www.microsoft.com/whdc/system/platform/64bit/kmsigning.mspx. At the end of the paper is the feedback email address for this stuff. If enough of us make rational comments to that address, Microsoft may realize there is a problem. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply <xxxxx@osr.com> wrote in message news:74764@ntdev... > > I think the point about special-purpose drivers that are used in-house or > by third party companies in very specific markets is a good one. > > There are TONS of these drivers, and requiring them to be signed is > nothing but a DISincentive for people to move to 64-bit Windows. > > Sigh... I'm glad Microsoft is thinking about issues of driver security and > reliability, but I really wish they would enter into a dialog with the > community about these policies before mandating them. I dare say that > even THEY can't think of every consequence of every proposed policy. > > Peter > OSR > > > --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@mc.com To unsubscribe send a blank email to xxxxx@lists.osr.com --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: unknown lmsubst tag argument: '' To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 42 of 76  
23 Jan 06 15:33
ntdev member 9926
xxxxxx@mc.com
Join Date:
Posts To This List: 178
X64 Windows Vista to require signed drivers

Oh, I was under the impression that test signatures would still be allowed. This is a PITA. OK, so now I have several different groups in my company that need to be involved in this. I need the IT group to get us the VeriSign certificate since they are the only ones who seem to know anything about it. (This will probably take about 6 months even though it shouldn't.) Then I need the release group to use that certificate to get the PIC (another 3 months for them to figure out how) and then sign the driver (some more time for them to figure out how to incroporate this into the automated release process that usually happens once we get the go-ahead from the powers-that-be - not easy since the signing tool that MS currently provides pops up a dialog box and beeps at you for a while beore it's done) when we are at code-complete (this means something different to us than it does to Microsoft - it means all known bugs fixed and if it passes tests, it gets released. Astonishingly, we call feature-complete code something else - "feature-complete" or "functionally frozen" - no new features can be added - only bug fixes.). Then the test group needs to test this signed driver package, but it can't be signed until it's already passed the tests without the signature so it has to be tested twice - first before th esignature and then again afterwards and they are already screaming about how long it takes to test (i.e how much money it costs) on all the flavors of Windows that we need to support. In order to test the drivers, the test group must sit at the system (which is in a lab and usually operated remotely via automated software) to hit F8 to bypass the check for driver signature for all the iteratvie tests that they do for our nightly builds prior to code-complete. This will not go over well at all. Beverly -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn Sent: Monday, January 23, 2006 3:01 PM To: Windows System Software Devs Interest List Subject: Re:[ntdev] X64 Windows Vista to require signed drivers It is true they said all drivers must be signed, but in the past they then said an administrator could sign a driver for a machine or a domain with a tool Microsoft would provide. The change is that now for 64-bit you have go through WinQual to get the signature, so a typical administrator cannot do it. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply "Brown, Beverly" <xxxxx@mc.com> wrote in message news:74768@ntdev... While I detest the policy, I didn't think this news was all that new. Haven't they been saying all along that you will not be able to install a driver on Vista if it is not digitally signed? Or is this a new twist on that policy? I'm confused. But then again, the whole driver signing process has had me in a state of confusion since I first started looking into it and now it looks like the process is changing? But only for some platforms? Huh? ?????. --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@mc.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 43 of 76  
23 Jan 06 15:38
Bruno van Dooren
xxxxxx@hotmail.com
Join Date: 12 Jan 2006
Posts To This List: 51
X64 Windows Vista to require signed drivers

Done. Let's hope it is not in vain... kind regards, Bruno. "Don Burn" <xxxxx@acm.org> wrote in message news:74766@ntdev... > To see if we can get Microsoft to initiate a discussion, I urge everyone > to go read the paper at > http://www.microsoft.com/whdc/system/platform/64bit/kmsigning.mspx. At > the end of the paper is the feedback email address for this stuff. If > enough of us make rational comments to that address, Microsoft may realize > there is a problem. > > > -- > Don Burn (MVP, Windows DDK) <...excess quoted lines suppressed...>
  Message 44 of 76  
23 Jan 06 15:53
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
X64 Windows Vista to require signed drivers

Perhaps between this and the hanging question of Windows 2000 support of KMDF it is time for OSR to consider a new mailist, for complaints about less than inspired concepts from Redmond. OSR could call it NTDUMB. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply "Bruno van Dooren" <xxxxx@hotmail.com> wrote in message news:74774@ntdev... > Done. > > Let's hope it is not in vain... > > kind regards, > Bruno. > >
  Message 45 of 76  
23 Jan 06 16:00
ntdev member 13110
xxxxxx@telusplanet.net
Join Date:
Posts To This List: 97
X64 Windows Vista to require signed drivers

Just a quick point. None of these extra safety provision would have one anything to prevent the Sony root kit. However, it would hinder our product development significantly. We write drivers for our own hardware which runs using a dedicated machine for a relatively few number of customers (compared to consumer goods). It is not unusual for us to have to make quick changes to a driver to add support for some new ability, sometimes for only a single customer. Robert Newton
  Message 46 of 76  
23 Jan 06 16:05
Mark Roddy
xxxxxx@hollistech.com
Join Date: 25 Feb 2000
Posts To This List: 3683
X64 Windows Vista to require signed drivers

Maybe we could appoint Don as the Community Ombudsman of Outrage Liaison? ===================== Mark Roddy DDK MVP Windows 2003/XP/2000 Consulting Hollis Technology Solutions 603-321-1032 www.hollistech.com > -----Original Message----- > From: xxxxx@lists.osr.com > [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn > Sent: Monday, January 23, 2006 3:53 PM > To: Windows System Software Devs Interest List > Subject: Re:[ntdev] X64 Windows Vista to require signed drivers > > Perhaps between this and the hanging question of Windows 2000 > support of KMDF it is time for OSR to consider a new mailist, > for complaints about less than inspired concepts from <...excess quoted lines suppressed...>
  Message 47 of 76  
23 Jan 06 16:07
ntdev member 2092
xxxxxx@stratus.com
Join Date:
Posts To This List: 1798
X64 Windows Vista to require signed drivers

Just ship an F8 flunky with each system. -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Robert Newton Sent: Monday, January 23, 2006 4:00 PM To: Windows System Software Devs Interest List Subject: Re: [ntdev] X64 Windows Vista to require signed drivers Just a quick point. None of these extra safety provision would have one anything to prevent the Sony root kit. However, it would hinder our product development significantly. We write drivers for our own hardware which runs using a dedicated machine for a relatively few number of customers (compared to consumer goods). It is not unusual for us to have to make quick changes to a driver to add support for some new ability, sometimes for only a single customer. Robert Newton --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@stratus.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 48 of 76  
23 Jan 06 16:27
Lyndon J. Clarke
xxxxxx@neverfailgroup.com
Join Date: 10 Nov 2003
Posts To This List: 227
X64 Windows Vista to require signed drivers

Heck even better now you can sell them more hardware - F8 FlunkeeBot(*) - better make sure that if you will use windows as the operating system for F8 FlunkeeBot it wont need custom drivers for those special i/o devices. (*) patent pending "Roddy, Mark" <xxxxx@stratus.com> wrote in message news:74778@ntdev... Just ship an F8 flunky with each system. -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Robert Newton Sent: Monday, January 23, 2006 4:00 PM To: Windows System Software Devs Interest List Subject: Re: [ntdev] X64 Windows Vista to require signed drivers Just a quick point. None of these extra safety provision would have one anything to prevent the Sony root kit. However, it would hinder our product development significantly. We write drivers for our own hardware which runs using a dedicated machine for a relatively few number of customers (compared to consumer goods). It is not unusual for us to have to make quick changes to a driver to add support for some new ability, sometimes for only a single customer. Robert Newton --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@stratus.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 49 of 76  
23 Jan 06 16:36
Mark Roddy
xxxxxx@hollistech.com
Join Date: 25 Feb 2000
Posts To This List: 3683
X64 Windows Vista to require signed drivers

Yikes. Good point. Uh-oh how do I test drivers without an attached debugger on my embedded vista system or my headless vista server lacking that good ol' keyboard with its trusty F8 key? Now I'm thinking that the vista media center remote control might not have the F8 bypass key. I could be wrong. ===================== Mark Roddy DDK MVP Windows 2003/XP/2000 Consulting Hollis Technology Solutions 603-321-1032 www.hollistech.com > -----Original Message----- > From: xxxxx@lists.osr.com > [mailto:xxxxx@lists.osr.com] On Behalf Of Lyndon J Clarke > Sent: Monday, January 23, 2006 4:26 PM > To: Windows System Software Devs Interest List > Subject: Re:[ntdev] X64 Windows Vista to require signed drivers > > Heck even better now you can sell them more hardware - F8 > FlunkeeBot(*) - better make sure that if you will use windows > as the operating system for F8 FlunkeeBot it wont need custom <...excess quoted lines suppressed...>
  Message 50 of 76  
23 Jan 06 16:41
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
X64 Windows Vista to require signed drivers

Actually for headless you can do it through the serial port. But I have found enough surprises in testing, that I don't consider testing complete without running the driver through a sets of tests without the debugger. I guess the automated testing of the WDK will require a new function to make an audible alarm so we know to run and press F8. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply "Mark Roddy" <xxxxx@hollistech.com> wrote in message news:74780@ntdev... > Yikes. Good point. > > Uh-oh how do I test drivers without an attached debugger on my embedded > vista system or my headless vista server lacking that good ol' keyboard > with > its trusty F8 key? > > Now I'm thinking that the vista media center remote control might not have > the F8 bypass key. I could be wrong. > <...excess quoted lines suppressed...>
  Message 51 of 76  
23 Jan 06 17:32
Tim Roberts
xxxxxx@probo.com
Join Date: 28 Jan 2005
Posts To This List: 9634
X64 Windows Vista to require signed drivers

Brown, Beverly wrote: >OK, so now I have several different groups in my company that need to be >involved in this. I need the IT group to get us the VeriSign certificate >since they are the only ones who seem to know anything about it. (This >will probably take about 6 months even though it shouldn't.) Then I need >the release group to use that certificate to get the PIC (another 3 >months for them to figure out how) and then sign the driver (some more >time for them to figure out how to incroporate this into the automated >release process that usually happens once we get the go-ahead from the >powers-that-be - not easy since the signing tool that MS currently >provides pops up a dialog box and beeps at you for a while beore it's <...excess quoted lines suppressed...> And, by that time, your certificate will have expired, so loop back to the IT group... -- Tim Roberts, xxxxx@probo.com Providenza & Boekelheide, Inc.
  Message 52 of 76  
23 Jan 06 18:07
Dmitriy Budko
xxxxxx@vmware.com
Join Date: 18 Sep 2003
Posts To This List: 128
X64 Windows Vista to require signed drivers

It seems that Microsoft doesn't want CS students to use Windows as a development platform for studying driver development and kernel programming. If signing drivers is inconvenient in a corporate development environment it would be almost impossible in universities. It is already hard to find an NCG who knows anything about Windows kernel programming. Well, more mindshare to Linux. Dmitriy Budko VMware
  Message 53 of 76  
23 Jan 06 18:19
ntdev member 9926
xxxxxx@mc.com
Join Date:
Posts To This List: 178
X64 Windows Vista to require signed drivers

Same here. I think MS forgets that there are people using something other thanb commodity hardware in their systems for dedicated purposes as you describe. Beverly -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Robert Newton Sent: Monday, January 23, 2006 4:00 PM To: Windows System Software Devs Interest List Subject: Re: [ntdev] X64 Windows Vista to require signed drivers Just a quick point. None of these extra safety provision would have one anything to prevent the Sony root kit. However, it would hinder our product development significantly. We write drivers for our own hardware which runs using a dedicated machine for a relatively few number of customers (compared to consumer goods). It is not unusual for us to have to make quick changes to a driver to add support for some new ability, sometimes for only a single customer. Robert Newton --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@mc.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 54 of 76  
23 Jan 06 18:38
ntdev member 9926
xxxxxx@mc.com
Join Date:
Posts To This List: 178
X64 Windows Vista to require signed drivers

Oh no! I forgot about the yearly expiration! How does that work? Does my signature on last year's driver get revoked and then I have to sign it again? That sounds like a stupid thing to do. Logic tells me that it wouldn't work that way, but this whole signature thing is illogical (not so much in its concept but in its implementation by MS), so who knows?. Beverly -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Tim Roberts Sent: Monday, January 23, 2006 5:32 PM To: Windows System Software Devs Interest List Subject: Re: [ntdev] X64 Windows Vista to require signed drivers Brown, Beverly wrote: >OK, so now I have several different groups in my company that need to >be involved in this. I need the IT group to get us the VeriSign >certificate since they are the only ones who seem to know anything >about it. (This will probably take about 6 months even though it >shouldn't.) Then I need the release group to use that certificate to >get the PIC (another 3 months for them to figure out how) and then sign >the driver (some more time for them to figure out how to incroporate >this into the automated release process that usually happens once we >get the go-ahead from the powers-that-be - not easy since the signing >tool that MS currently provides pops up a dialog box and beeps at you <...excess quoted lines suppressed...> And, by that time, your certificate will have expired, so loop back to the IT group... -- Tim Roberts, xxxxx@probo.com Providenza & Boekelheide, Inc. --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@mc.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 55 of 76  
23 Jan 06 19:31
David J. Craig
xxxxxx@yoshimuni.com
Join Date:
Posts To This List: 1128
X64 Windows Vista to require signed drivers

I think that if you renew, anything signed with the old certificate and dated during the period it was valid will still check as valid. It is only new stuff that will fail if it was signed with the expired certificate. The only time it should be invalid is if you requested the authority to revoke your certificate because it was compromised or you wanted to force new verifications to use new releases from your company. "Brown, Beverly" <xxxxx@mc.com> wrote in message news:74789@ntdev... Oh no! I forgot about the yearly expiration! How does that work? Does my signature on last year's driver get revoked and then I have to sign it again? That sounds like a stupid thing to do. Logic tells me that it wouldn't work that way, but this whole signature thing is illogical (not so much in its concept but in its implementation by MS), so who knows?. Beverly -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Tim Roberts Sent: Monday, January 23, 2006 5:32 PM To: Windows System Software Devs Interest List Subject: Re: [ntdev] X64 Windows Vista to require signed drivers Brown, Beverly wrote: >OK, so now I have several different groups in my company that need to >be involved in this. I need the IT group to get us the VeriSign >certificate since they are the only ones who seem to know anything >about it. (This will probably take about 6 months even though it >shouldn't.) Then I need the release group to use that certificate to >get the PIC (another 3 months for them to figure out how) and then sign >the driver (some more time for them to figure out how to incroporate >this into the automated release process that usually happens once we >get the go-ahead from the powers-that-be - not easy since the signing >tool that MS currently provides pops up a dialog box and beeps at you <...excess quoted lines suppressed...> And, by that time, your certificate will have expired, so loop back to the IT group... -- Tim Roberts, xxxxx@probo.com Providenza & Boekelheide, Inc. --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@mc.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 56 of 76  
23 Jan 06 20:11
Bill McKenzie
xxxxxx@sbcglobal.net
Join Date:
Posts To This List: 236
X64 Windows Vista to require signed drivers

Don, I can vouch for your statements here. I have been present for two exchanges between you and some MSFT folks, and it went exactly as you say both times: "What is the problem with your just getting incorporated?....Oh, we didn't realize that, we will look into that". Oh well, I guess it is incorporate, work for a corporation, or forget about digital signatures and eventually about Windows software development. Bill M. "Don Burn" <xxxxx@acm.org> wrote in message news:74670@ntdev... >I also don't agree with the current policy, it is going to possibly drive >me out of the business. I do most of my work through various contracting >firms. I don't have a corporate enttity so even though I write drivers, >and in some cases am the Windows Kernel Software Team for some tiny >companies who pay me for the drivers and support, I have never been on >WinQual. > > My problem is that with the tax structure of Massachusetts, I would have > lost money rather than made it the last two (very lean years) since > between business costs and my taxes as a corporate entity I would have <...excess quoted lines suppressed...>
  Message 57 of 76  
23 Jan 06 20:18
Bill McKenzie
xxxxxx@sbcglobal.net
Join Date:
Posts To This List: 236
X64 Windows Vista to require signed drivers

> Probably , but people may be inventif on this. Assume there exists a > company named > "Driver Sign International Inc." that signs your driver package for a > small fee of $10 and > promptly delivers you the result back within 24 hours. Uhmm, I don't think so. This is bad stuff, even for corporations this is a pain in the arse. SFP is already such a freakin nightmare as to be beyond words, adding more annoying checks on a developer machine that cannot be shut off is just insane. I guess when it doesn't affect you its okay...It's good to be the king. Bill M. "Christiaan Ghijselinck" <xxxxx@CompaqNet.be> wrote in message news:74702@ntdev... > > >> There is another aspect of this, and Vista security in general. >> >> In my experiance too much security can close the door to using Windows >> for a >> farily large number of specialized applications. >> >> Small specialized industries are an example. Here the requirement may be >> for <...excess quoted lines suppressed...>
  Message 58 of 76  
23 Jan 06 21:30
cristalink
xxxxxx@cristalink.com
Join Date: 20 Dec 2004
Posts To This List: 77
X64 Windows Vista to require signed drivers

> Oh please. That's an absolutely trivial cash flow. That wouldn't pay for > a guy in a mailroom. Well, it depends on the guy. I personally wouldn't mind having a thousand or two of customers paying me $500 a year for nothing, literally, NOTHING. I think it was $400 until recently. Greedy b... Others, not so lucky to have a monopoly agreement with Microsoft, offer authenticode for only $99. "Arlie Davis" <xxxxx@stonestreetone.com> wrote in message news:74752@ntdev... >> My guess is, the Microsoft/Verisign monopoly's idea >> of signing drivers with their own signatures is >> nothing more than an attempt to suck out hundreds >> of dollars a year from developers. Just another >> way to get money flowing in. > > Oh please. That's an absolutely trivial cash flow. That wouldn't pay for > a > guy in a mailroom. The reason from Microsoft's point of view is plainly > obvious -- security and reliability. The empirical data is pretty <...excess quoted lines suppressed...>
  Message 59 of 76  
23 Jan 06 22:39
Maxim S. Shatskih
xxxxxx@storagecraft.com
Join Date: 20 Feb 2003
Posts To This List: 9501
X64 Windows Vista to require signed drivers

From what I know, the new initiative does not require _WHQL_ signing. It only requires signing by the company which has the Verisign cert. So, if the company has such a cert - then no problems even without WHQL submission. The driver will still be "second-class citizen" (admin allowance will be necessary to install it) - but it will at least load. Maxim Shatskih, Windows DDK MVP StorageCraft Corporation xxxxx@storagecraft.com http://www.storagecraft.com ----- Original Message ----- From: "Don Burn" <xxxxx@acm.org> Newsgroups: ntdev To: "Windows System Software Devs Interest List" <xxxxx@lists.osr.com> Sent: Monday, January 23, 2006 5:27 PM Subject: Re:[ntdev] X64 Windows Vista to require signed drivers > Nice idea, of course you need to handle test submissions, monitoring and > returning the WinQual reports on the driver etc. You also have to be > willing to enter into 3 way NDA's between the consultant, the customer and > your firm. > > And finally since a test submission to Microsoft is down to around $200, you > probably can't charge more than that youself for the total cost of getting > the driver through WHQL and subsequent report monitoring. > <...excess quoted lines suppressed...> http://www.osronline.com/article.cfm?id=256 > > You are currently subscribed to ntdev as: xxxxx@storagecraft.com > To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 60 of 76  
24 Jan 06 09:13
Tony Mason
xxxxxx@osr.com
Join Date:
Posts To This List: 299
List Moderator
X64 Windows Vista to require signed drivers

Someone pointed out to me yesterday (in an offline conversation) that the real issue here is NOT related to drivers, but rather to DRM. Microsoft has to lock down the set of certificates in order to implement their strong DRM policy (otherwise, you could add your own certs and use them to bypass the DRM apparently.) I'm not certain if that's correct, but the person who said this to me is reliable - and it makes a certain type of sense. It explains why they won't use just any root cert (which certainly doesn't matter for drivers, but doe matter for DRM). I'm sure the folks at Microsoft did speak to their customers to determine the impact this would have. After all, it is difficult to imagine that one could make such a fundamental decision like this without consulting with key customers (imagine the sheer embarrassment factor if you need to recant after taking a strong policy position such as this one.) So, while it will be inconvenient for us, they have apparently determined that this is an acceptable cost (and if you don't like it, please refer to "Figure 1" ;-) ) Regards, Tony Tony Mason Consulting Partner OSR Open Systems Resources, Inc. http://www.osr.com -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Peter G. Viscarola Sent: Monday, January 23, 2006 2:29 PM To: ntdev redirect Subject: RE:[ntdev] X64 Windows Vista to require signed drivers I think the point about special-purpose drivers that are used in-house or by third party companies in very specific markets is a good one. There are TONS of these drivers, and requiring them to be signed is nothing but a DISincentive for people to move to 64-bit Windows. Sigh... I'm glad Microsoft is thinking about issues of driver security and reliability, but I really wish they would enter into a dialog with the community about these policies before mandating them. I dare say that even THEY can't think of every consequence of every proposed policy. Peter OSR --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@osr.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 61 of 76  
24 Jan 06 09:27
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
X64 Windows Vista to require signed drivers

Tony, I noticed the emphasis on DRM in the paper, but had to question the value of this. I think most of us in the kernel have over the years realized that with the multiple drivers in the architecture it is possible with work to intercept things so as to bypass many DRM schemes. Now if this new scheme is for DRM, this seems to imply that all the folks who want to bypass it, will not be able to figure that they need to press F8 on boot and choose to allow unsigned drivers! I think a lot of this is confusion in Microsoft. When I first saw the article, I sent off to the various folks I have interacted with in the past about getting access to WinQual an email explaining that this was a poor policy. One of the people who used to administer the signup's for WinQual was truly surprised that the Verisign ID could not be acquired by individuals! I'm not expecting a reversal of their policy, but hopefully some improvements in the environment. Finding a way for individuals to get Verisign ID's without a company, perhaps leaving the BCDedit switch in for the release version, and enhancing test certificates to eliminate the problems discussed here would go a long way. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply "Tony Mason" <xxxxx@osr.com> wrote in message news:74816@ntdev... Someone pointed out to me yesterday (in an offline conversation) that the real issue here is NOT related to drivers, but rather to DRM. Microsoft has to lock down the set of certificates in order to implement their strong DRM policy (otherwise, you could add your own certs and use them to bypass the DRM apparently.) I'm not certain if that's correct, but the person who said this to me is reliable - and it makes a certain type of sense. It explains why they won't use just any root cert (which certainly doesn't matter for drivers, but doe matter for DRM). I'm sure the folks at Microsoft did speak to their customers to determine the impact this would have. After all, it is difficult to imagine that one could make such a fundamental decision like this without consulting with key customers (imagine the sheer embarrassment factor if you need to recant after taking a strong policy position such as this one.) So, while it will be inconvenient for us, they have apparently determined that this is an acceptable cost (and if you don't like it, please refer to "Figure 1" ;-) ) Regards, Tony Tony Mason Consulting Partner OSR Open Systems Resources, Inc. http://www.osr.com -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Peter G. Viscarola Sent: Monday, January 23, 2006 2:29 PM To: ntdev redirect Subject: RE:[ntdev] X64 Windows Vista to require signed drivers I think the point about special-purpose drivers that are used in-house or by third party companies in very specific markets is a good one. There are TONS of these drivers, and requiring them to be signed is nothing but a DISincentive for people to move to 64-bit Windows. Sigh... I'm glad Microsoft is thinking about issues of driver security and reliability, but I really wish they would enter into a dialog with the community about these policies before mandating them. I dare say that even THEY can't think of every consequence of every proposed policy. Peter OSR --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@osr.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 62 of 76  
24 Jan 06 09:53
ntdev member 9926
xxxxxx@mc.com
Join Date:
Posts To This List: 178
X64 Windows Vista to require signed drivers

This paragraph from the document sure does seem to support that: "* Drivers must be signed for devices that stream protected content. This includes audio drivers that use Protected User Mode Audio (PUMA) and Protected Audio Path (PAP), and video device drivers that handle protected video path-output protection management (PVP-OPM) commands." As soon as I read that, I thought "So that's the reason they're doing this." I hate DRM. It protects a few media publishers and side effects of things that get put in place to support DRM cripple everybody else - ultimatley giving the consumer fewer choices which will lead to less quality in the long run. It seems to me that they could make this a requirement for only those devices, though. Leave the rest of us alone. Beverly -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Tony Mason Sent: Tuesday, January 24, 2006 9:13 AM To: Windows System Software Devs Interest List Subject: RE: [ntdev] X64 Windows Vista to require signed drivers Someone pointed out to me yesterday (in an offline conversation) that the real issue here is NOT related to drivers, but rather to DRM. Microsoft has to lock down the set of certificates in order to implement their strong DRM policy (otherwise, you could add your own certs and use them to bypass the DRM apparently.) I'm not certain if that's correct, but the person who said this to me is reliable - and it makes a certain type of sense. It explains why they won't use just any root cert (which certainly doesn't matter for drivers, but doe matter for DRM). I'm sure the folks at Microsoft did speak to their customers to determine the impact this would have. After all, it is difficult to imagine that one could make such a fundamental decision like this without consulting with key customers (imagine the sheer embarrassment factor if you need to recant after taking a strong policy position such as this one.) So, while it will be inconvenient for us, they have apparently determined that this is an acceptable cost (and if you don't like it, please refer to "Figure 1" ;-) ) Regards, Tony Tony Mason Consulting Partner OSR Open Systems Resources, Inc. http://www.osr.com -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Peter G. Viscarola Sent: Monday, January 23, 2006 2:29 PM To: ntdev redirect Subject: RE:[ntdev] X64 Windows Vista to require signed drivers I think the point about special-purpose drivers that are used in-house or by third party companies in very specific markets is a good one. There are TONS of these drivers, and requiring them to be signed is nothing but a DISincentive for people to move to 64-bit Windows. Sigh... I'm glad Microsoft is thinking about issues of driver security and reliability, but I really wish they would enter into a dialog with the community about these policies before mandating them. I dare say that even THEY can't think of every consequence of every proposed policy. Peter OSR --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@osr.com To unsubscribe send a blank email to xxxxx@lists.osr.com --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: unknown lmsubst tag argument: '' To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 63 of 76  
24 Jan 06 10:20
ntdev member 27462
xxxxxx@comcast.net
Join Date:
Posts To This List: 186
X64 Windows Vista to require signed drivers

Tony, What do you mean DRM? Is this going to be like having Sony's root-kit built right into the kernel??? Rumors *do* spread fast on the Internet! Matt Tony Mason wrote: >Someone pointed out to me yesterday (in an offline conversation) that >the real issue here is NOT related to drivers, but rather to DRM. >Microsoft has to lock down the set of certificates in order to implement >their strong DRM policy (otherwise, you could add your own certs and use >them to bypass the DRM apparently.) I'm not certain if that's correct, >but the person who said this to me is reliable - and it makes a certain >type of sense. It explains why they won't use just any root cert (which >certainly doesn't matter for drivers, but doe matter for DRM). > >I'm sure the folks at Microsoft did speak to their customers to <...excess quoted lines suppressed...>
  Message 64 of 76  
24 Jan 06 10:46
ntdev member 2092
xxxxxx@stratus.com
Join Date:
Posts To This List: 1798
X64 Windows Vista to require signed drivers

Microsoft, along with everybody else in the consumer computer industry, is focused on replacing that thing on top of your tv with something that they build/manage that streams content into your home that is licensed and generates revenue. Lots of revenue. From this discussion it is clear that the downside of this is that other uses of their OS, from general purpose server systems to various forms of low box count specialized systems are going to lose out when decisions are made and there are conflicting goals. -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Brown, Beverly Sent: Tuesday, January 24, 2006 9:52 AM To: Windows System Software Devs Interest List Subject: RE: [ntdev] X64 Windows Vista to require signed drivers This paragraph from the document sure does seem to support that: "* Drivers must be signed for devices that stream protected content. This includes audio drivers that use Protected User Mode Audio (PUMA) and Protected Audio Path (PAP), and video device drivers that handle protected video path-output protection management (PVP-OPM) commands." As soon as I read that, I thought "So that's the reason they're doing this." I hate DRM. It protects a few media publishers and side effects of things that get put in place to support DRM cripple everybody else - ultimatley giving the consumer fewer choices which will lead to less quality in the long run. It seems to me that they could make this a requirement for only those devices, though. Leave the rest of us alone. Beverly -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Tony Mason Sent: Tuesday, January 24, 2006 9:13 AM To: Windows System Software Devs Interest List Subject: RE: [ntdev] X64 Windows Vista to require signed drivers Someone pointed out to me yesterday (in an offline conversation) that the real issue here is NOT related to drivers, but rather to DRM. Microsoft has to lock down the set of certificates in order to implement their strong DRM policy (otherwise, you could add your own certs and use them to bypass the DRM apparently.) I'm not certain if that's correct, but the person who said this to me is reliable - and it makes a certain type of sense. It explains why they won't use just any root cert (which certainly doesn't matter for drivers, but doe matter for DRM). I'm sure the folks at Microsoft did speak to their customers to determine the impact this would have. After all, it is difficult to imagine that one could make such a fundamental decision like this without consulting with key customers (imagine the sheer embarrassment factor if you need to recant after taking a strong policy position such as this one.) So, while it will be inconvenient for us, they have apparently determined that this is an acceptable cost (and if you don't like it, please refer to "Figure 1" ;-) ) Regards, Tony Tony Mason Consulting Partner OSR Open Systems Resources, Inc. http://www.osr.com -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Peter G. Viscarola Sent: Monday, January 23, 2006 2:29 PM To: ntdev redirect Subject: RE:[ntdev] X64 Windows Vista to require signed drivers I think the point about special-purpose drivers that are used in-house or by third party companies in very specific markets is a good one. There are TONS of these drivers, and requiring them to be signed is nothing but a DISincentive for people to move to 64-bit Windows. Sigh... I'm glad Microsoft is thinking about issues of driver security and reliability, but I really wish they would enter into a dialog with the community about these policies before mandating them. I dare say that even THEY can't think of every consequence of every proposed policy. Peter OSR --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@osr.com To unsubscribe send a blank email to xxxxx@lists.osr.com --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: unknown lmsubst tag argument: '' To unsubscribe send a blank email to xxxxx@lists.osr.com --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: unknown lmsubst tag argument: '' To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 65 of 76  
24 Jan 06 12:29
Tim Roberts
xxxxxx@probo.com
Join Date: 28 Jan 2005
Posts To This List: 9634
X64 Windows Vista to require signed drivers

MM wrote: > > What do you mean DRM? Is this going to be like having Sony's root-kit > built right into the kernel??? DRM == Digital Rights Management. It is the idea that EVERYTHING you see or listen to is owned by someone else, and that the owner should have complete control over what you are allowed to do with it. The Digital Millennium Copyright Act, perhaps the most pernicious piece of legislation ever passed, essentially signs control of every piece of electronic equipment you own to corporate America, and makes it a crime for you to interfere with that control. Sony's root kit was one manifestation of DRM. This driver signing requirement is, apparently, another. Many people are not aware that, if your graphics card was made in the last 10 years and has a composite or SVideo output jack, it was required to have Macrovision copy-protection encoding built-in before it could be sold in America, so that you could not play DVD content and record it. That's also DRM. > Rumors *do* spread fast on the Internet! Huh? Microsoft's policy was stated in a press release. It's not much of a rumor. -- Tim Roberts, xxxxx@probo.com Providenza & Boekelheide, Inc.
  Message 66 of 76  
24 Jan 06 18:22
Lyndon J. Clarke
xxxxxx@neverfailgroup.com
Join Date: 10 Nov 2003
Posts To This List: 227
X64 Windows Vista to require signed drivers

"So now all restaurants are Taco Bells." "Mr. GUID" <xxxxx@hotmail.com> wrote in message news:74665@ntdev... > With little fanfare, Microsoft just announced that the X64 version of > Windows Vista will REQUIRE all kernel-mode code to be digitally signed. > The details are here: > http://www.microsoft.com/whdc/system/platform/64bit/kmsigning.mspx. This > is very different than the current WHQL program, where the user ultimately > decides how they want to handle unsigned drivers. > > Vista driver developers must obtain a Publisher Identity Certificate (PIC) > from Microsoft. Microsoft says they won't charge for it, but they require > that you have a Class 3 Commercial Software Publisher Certificate from <...excess quoted lines suppressed...>
  Message 67 of 76  
24 Jan 06 18:30
Peter Viscarola (OSR)
xxxxxx@osr.com
Join Date:
Posts To This List: 4711
List Moderator
X64 Windows Vista to require signed drivers

And with that, ladies and gentlemen, this thread becomes tied with the discussion about ddkbuild.bat for the most replies to any thread in past year. This reply makes 66 replies total, plus the original post, thereby putting it in the lead. I'm not sure I can stand the excitement. Peter OSR
  Message 68 of 76  
24 Jan 06 19:48
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
X64 Windows Vista to require signed drivers

The question is "Is anyone in Redmond reading this and responding?" -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from the email to reply <xxxxx@osr.com> wrote in message news:74841@ntdev... > And with that, ladies and gentlemen, this thread becomes tied with the > discussion about ddkbuild.bat for the most replies to any thread in past > year. > > This reply makes 66 replies total, plus the original post, thereby putting > it in the lead. I'm not sure I can stand the excitement. > > Peter > OSR > <...excess quoted lines suppressed...>
  Message 69 of 76  
24 Jan 06 20:22
Bill McKenzie
xxxxxx@sbcglobal.net
Join Date:
Posts To This List: 236
X64 Windows Vista to require signed drivers

>and if you don't like it, please refer to "Figure 1" ;-) ) I think you forgot "yet again" on the end of that sentence :-) Bill M. "Tony Mason" <xxxxx@osr.com> wrote in message news:74816@ntdev... Someone pointed out to me yesterday (in an offline conversation) that the real issue here is NOT related to drivers, but rather to DRM. Microsoft has to lock down the set of certificates in order to implement their strong DRM policy (otherwise, you could add your own certs and use them to bypass the DRM apparently.) I'm not certain if that's correct, but the person who said this to me is reliable - and it makes a certain type of sense. It explains why they won't use just any root cert (which certainly doesn't matter for drivers, but doe matter for DRM). I'm sure the folks at Microsoft did speak to their customers to determine the impact this would have. After all, it is difficult to imagine that one could make such a fundamental decision like this without consulting with key customers (imagine the sheer embarrassment factor if you need to recant after taking a strong policy position such as this one.) So, while it will be inconvenient for us, they have apparently determined that this is an acceptable cost (and if you don't like it, please refer to "Figure 1" ;-) ) Regards, Tony Tony Mason Consulting Partner OSR Open Systems Resources, Inc. http://www.osr.com -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Peter G. Viscarola Sent: Monday, January 23, 2006 2:29 PM To: ntdev redirect Subject: RE:[ntdev] X64 Windows Vista to require signed drivers I think the point about special-purpose drivers that are used in-house or by third party companies in very specific markets is a good one. There are TONS of these drivers, and requiring them to be signed is nothing but a DISincentive for people to move to 64-bit Windows. Sigh... I'm glad Microsoft is thinking about issues of driver security and reliability, but I really wish they would enter into a dialog with the community about these policies before mandating them. I dare say that even THEY can't think of every consequence of every proposed policy. Peter OSR --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@osr.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 70 of 76  
24 Jan 06 22:45
ntdev member 7779
xxxxxx@nvidia.com
Join Date:
Posts To This List: 53
X64 Windows Vista to require signed drivers

Just need one of those bobbing birds and poise it over the F8 key. (Memories of a classic Simpsons episode are coming back to me) -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Lyndon J Clarke Sent: Monday, January 23, 2006 1:26 PM To: Windows System Software Devs Interest List Subject: Re:[ntdev] X64 Windows Vista to require signed drivers Heck even better now you can sell them more hardware - F8 FlunkeeBot(*) - better make sure that if you will use windows as the operating system for F8 FlunkeeBot it wont need custom drivers for those special i/o devices. (*) patent pending "Roddy, Mark" <xxxxx@stratus.com> wrote in message news:74778@ntdev... Just ship an F8 flunky with each system. -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Robert Newton Sent: Monday, January 23, 2006 4:00 PM To: Windows System Software Devs Interest List Subject: Re: [ntdev] X64 Windows Vista to require signed drivers Just a quick point. None of these extra safety provision would have one anything to prevent the Sony root kit. However, it would hinder our product development significantly. We write drivers for our own hardware which runs using a dedicated machine for a relatively few number of customers (compared to consumer goods). It is not unusual for us to have to make quick changes to a driver to add support for some new ability, sometimes for only a single customer. Robert Newton --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@stratus.com To unsubscribe send a blank email to xxxxx@lists.osr.com --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@nvidia.com To unsubscribe send a blank email to xxxxx@lists.osr.com
  Message 71 of 76  
25 Jan 06 00:48
Maxim S. Shatskih
xxxxxx@storagecraft.com
Join Date: 20 Feb 2003
Posts To This List: 9501
X64 Windows Vista to require signed drivers

> What do you mean DRM? Is this going to be like having Sony's root-kit > built right into the kernel??? No. The Sony's issue was not to create a DRM restriction driver. They could do this other ways, and just spit errors to the user if the user will try to play the protected content without this driver. Sony's issue was _using the unsafe programming techniques to harden this driver's removal_ (but it can be removed for sure by booting the Windows recovery environment and saying "disable something", as any stealth malware can). Maxim Shatskih, Windows DDK MVP StorageCraft Corporation xxxxx@storagecraft.com http://www.storagecraft.com
  Message 72 of 76  
25 Jan 06 02:36
ntdev member 27462
xxxxxx@comcast.net
Join Date:
Posts To This List: 186
X64 Windows Vista to require signed drivers

Tim Roberts wrote: > The >Digital Millennium Copyright Act, perhaps the most pernicious piece of >legislation ever passed, essentially signs control of every piece of >electronic equipment you own to corporate America, and makes it a crime >for you to interfere with that control. > > The supreme court struck down almost a third of the DMCA including that part when that Norwegian kid Jon Johansen cracked the dvd copy protection (deccs I think it was called). It's no longer a crime. >Sony's root kit was one manifestation of DRM. This driver signing >requirement is, apparently, another. > > When I hear DRM, I associate it with audio and video protections, NOT validating a cert in some driver. Boot Start drivers were mentioned earlier in this thread, and for a driver to have it's cert checked before the win32 loads, that means there are a bunch of crypto api's coming to kernel land which happen to be many of the same api's used in windows media player's DRM implementation. Now with this functionality in kernel land, why couldn't it be added to the filesystem (or a filter) to prevent me from having 'unauthorized' content on my HD or prevent me from ripping or copying a CD? This scenario would be the rumor I was referring too... If this is the case, a lot of people are going to be upset.
  Message 73 of 76  
25 Jan 06 07:58
Ankit Raizada
xxxxxx@gmail.com
Join Date: 14 Nov 2005
Posts To This List: 14
X64 Windows Vista to require signed drivers

I dont understand one thing, to whom these DRM techniques are being targated towards? Real pirates? definitly not going to work. With a trusty debugger any one can theoritically (and practically always!) break any DRM! Average Joes? no they dont need to do it themselves just find the content already ripped out. The DRM is just becoming one unnecessary pain to the ppl who are trying to make legitimate use of the machine, be it us the kernel devs, the userland devs developing any media app or hardware vendors(My company has to pay for MacroVision for every TV encoder we ship!). As far as this whole issue of compulsory driver signing is there yes its a postirior pain atleast and devastating at max, I mean if i am an individual developer I am devastated as far as the development and delivery process is concerned as no longer I can support (and get paid) those ppl from local factories coming for getting an automated setup developed for thing like controling swinging machies, gates etc! what can be easily done in software (in kernel mode ofcourse!) will now need a CPLD or something! What if I have been surviving by selling low-cost, smart software solutions to other small scale bussiness for custom requirements. One more thing! btw I dont understand one thing, Is this policy really enforcable to the extent that no one can break it? I mean what it will take to patch the kernel mode crypto code to let pass everything! As long as memory is not shadowed or protected one can always do this although it will be much harder! remember all PCs (to the best of my knowledge!) start in the real mode so if one really wants to bring down this signing mechanism, what I mean to say is that all these mechanisims are NOT enforcable and not resistant to patching ofcourse! On 1/25/06, MM <xxxxx@comcast.net> wrote: > > Tim Roberts wrote: > > > The > >Digital Millennium Copyright Act, perhaps the most pernicious piece of > >legislation ever passed, essentially signs control of every piece of > >electronic equipment you own to corporate America, and makes it a crime > >for you to interfere with that control. > > > > <...excess quoted lines suppressed...> -- Ankit Raizada Room No. 349 Boys Hostel IIITA Campus Deoghat Jhalwa Allahabad - 211012 Email: xxxxx@iiita.ac.in xxxxx@yahoo.com xxxxx@gmail.com --
  Message 74 of 76  
25 Jan 06 08:23
ntdev member 27462
xxxxxx@comcast.net
Join Date:
Posts To This List: 186
X64 Windows Vista to require signed drivers

Here's a link from last 8-04-05 I found, I suppose this explains a little of this DRM crap. Also explains why this DRM crap is landing in the kernel, however, I still believe what I wrote in my last post about the OS preventing CD, DVD copies and backups. I still wouldn't be surprised if this DRM crap gets tied in with the file system somehow. I don't appreciate MS misleading everyone with this driver signing thing when 'signed drivers' clearly isn't the objective. MS is screwing-over all of you independant developers in order to appease Hollywood and the recording industry.... http://www.informationweek.com/showArticle.jhtml?articleID=167101058 Matt Ankit Raizada wrote: > I dont understand one thing, to whom these DRM techniques are being > targated towards? Real pirates? definitly not going to work. With a > trusty debugger any one can theoritically (and practically always!) > break any DRM! Average Joes? no they dont need to do it themselves > just find the content already ripped out. The DRM is just becoming one > unnecessary pain to the ppl who are trying to make legitimate use of > the machine, be it us the kernel devs, the userland devs developing > any media app or hardware vendors(My company has to pay for > MacroVision for every TV encoder we ship!). As far as this whole issue > of compulsory driver signing is there yes its a postirior pain atleast <...excess quoted lines suppressed...>
  Message 75 of 76  
25 Jan 06 09:06
Mr. GUID
xxxxxx@hotmail.com
Join Date: 21 Jan 2006
Posts To This List: 8
X64 Windows Vista to require signed drivers

>The question is "Is anyone in Redmond reading this and responding?" I know they're reading, but the silence of their non-response is deafening. _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
  Message 76 of 76  
25 Jan 06 10:25
ntdev member 9926
xxxxxx@mc.com
Join Date:
Posts To This List: 178
X64 Windows Vista to require signed drivers

Wow! It even beat the rootkit thread? Don't you OSR folks have some influence in Redmond? Can you start a dialog with them about this? It clearly affects a large part of the driver developing community (and consumers in the long run, but they won't know it until it's too late to do anything about it except maybe switch to Linux) Beverly -----Original Message----- From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@osr.com Sent: Tuesday, January 24, 2006 6:30 PM To: Windows System Software Devs Interest List Subject: RE:[ntdev] X64 Windows Vista to require signed drivers And with that, ladies and gentlemen, this thread becomes tied with the discussion about ddkbuild.bat for the most replies to any thread in past year. This reply makes 66 replies total, plus the original post, thereby putting it in the lead. I'm not sure I can stand the excitement. Peter OSR --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 You are currently subscribed to ntdev as: xxxxx@mc.com To unsubscribe send a blank email to xxxxx@lists.osr.com
Posting Rules  
You may not post new threads
You may not post replies
You may not post attachments
You must login to OSR Online AND be a member of the ntdev list to be able to post.

All times are GMT -5. The time now is 16:11.


Copyright ©2014, OSR Open Systems Resources, Inc.
Based on vBulletin Copyright ©2000 - 2005, Jelsoft Enterprises Ltd.
Modified under license