Slashdot Mirror
Windows Vista x64 To Require Signed Drivers
Anonymous Coward writes "With little fanfare, Microsoft just announced that the x64 version of Windows Vista will require all kernel-mode code to be digitally signed. This is very different than the current WHQL program, where the user ultimately decides how they want to handle unsigned drivers. Vista driver developers must obtain a Publisher Identity Certificate (PIC) from Microsoft. Microsoft says they won't charge for it, but they require that you have a Class 3 Commercial Software Publisher Certificate from Verisign. This costs $500 [EUR 412] per year, and as the name implies, is only available to commercial entities."
everyone else is calling it amd64... or x86_64... or even em64t. what's the point of introducing yet another name for this architecture, especially if neither of the chip makers use it?
All this is going to do is prevent software that emulate hardware (Daemon Tools for example) from working properly under Vista. As I recall these types of software pretend to be hardware using unsigned drivers, so this won't work unless they get the drivers signed somehow. Looks like a way to enforce DRM to me.
capitalism driving the market looks like. Hmm.
Next, applications? I'm not sure how they'll deal with developer machines, but then again, that problem should apply for drivers too. It's not really a slippery slope. They've been doing it on the xbox for years, after all. It's not so much the money as the control they have to vet everything that can run on their system.
The summary is a bit brief (as well as being plagarized verbatim from OSNews.com, but a brief perusal of the cited Microsoft article is rather illuminating:
It would seem that Microsoft cares more about the profits of the record companies than it does about the ability of its users to be able to use its software. Just one more reason to switch to Linux.
____
~ |rip/\/\aster /\/\onkey
All I can say is what's probably come to everyone else's mind: the banging sound of hammer against coffin.
This will certainly quiet complaints about Windows' crashing (since many crashes are related to poorly written drivers, WHQL or not), but how did whomever thought this would be a good idea completely forget about the serious compatbility issues that this will raise?
While I applaud the idea of signed drivers and the like, this looks like a very clever way to shut out OSS developers. Heck - some of the smaller commercial outfits might even balk at having to spend that kind of money on the certificate.
What pains me is knowing full well that this really won't necessarily increase the quality of the drivers, though. So they're signed. So what? All this might do is delay upgrades, if anything.
You can accomplish anything you set your mind to. The impossible just takes a little longer.
Good post. Mod him up!
www.jiggedyjoo.com
Is this an Intel "sponsored" move to halt the advance of AMD-64 ? Bull shit - this means we will not see many drivers for WinXP X64 - it's already a problem which will be much more severe now. Pretty much guarantees that x64 will not succeed on the desktop. Or are they looking at X64 as the exclusively server side platform?
Its in the white paper attatched. Is it perfect? no... but it won't absolutely prevent you from doing stuff. Here's the relevent text:
// Disable enforcement - no signing checks
// Enable enforcement - signing checks apply
// Disabling integrity check on an alternate OS
// specified by a GUID for the system ID
How to Disable Signature Enforcement during Development
During the early stages of development, developers can disable enforcement in Windows so that driver signing is not necessary. The following options are available for developers to disable digital signature enforcement temporarily so that Windows will load an unsigned driver.
Attaching a kernel debugger. Attaching an active kernel debugger to the target computer disables the enforcement module in Windows Vista and allows the driver to load.
Using the F8 option. An F8 boot option introduced with Windows Vista--"Disable Driver Signature Enforcement"--is available to disable the kernel-signing enforcement only for the current boot session. This setting does not persist across boot sessions.
Setting the boot configuration. A boot configuration setting is available for prerelease builds that allows the suppression of the enforcement module in Windows to be persisted across boot sessions. Windows Vista includes a command-line tool, BCDedit, which can be used to set this option. To use BCDedit, the user must have Elevated User or Administrator privileges on the system. The most straightforward approach is to create a desktop shortcut to cmd.exe, and then right-click -> Run Elevated. The following shows an example of running BDCedit at the command prompt:
Bcdedit.exe -set nointegritychecks ON
Bcdedit.exe -set nointegritychecks OFF
Bcdedit.exe -set {4518fd64-05f1-11da-b13e-00306e386aee} nointegritychecks ON
"Waste not one watt!" - CZ
Some software of that variety takes the approach of acting as an iSCSI device. So long as the OS has native iSCSI support, the application need not install its driver.
I'm considerably more worried about the impact on projects like OpenVPN.
"Drivers must be signed for devices that stream protected content."
That's on all Vista systems, not just 'x64' systems (What the hell is 'x64'?). That means users won't get the benefit of frequent driver releases like they have now under XP, and won't be able to do what they like with their media. Also that people who pirate content will have hacked kernel binaries that bypass the signature check.
Hardly a big deal. Nobody is going to run Vista unless they want to shell out for an HDCP compatable monitor anyway. XP has only recently passed 2000 in running installations, so I figure we've got a good seven years before we have to deal with this crap.
Looks like when I get a Athlon 64 setup, I'll just be using XP. The Ext2/3 driver is too useful to go without on a dual-boot system.
Finally a really REALLY good reason to get off my ass and switch to Linux
Greatt.... now we can look forward to hacking the "signed drivers" mechanism. Or shell out a fortune to get our home-made device drivers "signed"
That's it no open source drivers on Windows Vista.
It's not unlike the early "Analog Hole" legislation beinbg proposed by "Fritz" Hollings. The legislation attempted to link DRM and national security and, in one form, would have required a license to program a computer, possibly even certification of each binary prior to development.
The question is, how long until a workaround is found? When developing code I don't like the idea of signing each interim binary before testing it that would just lengthen the whole cycle pointlessly. Sooner or later somebody will find a way around this but not without much frustration, perhaps a specially signed "Developer Edition" of the OS.
No wonder there wasn't much fanfaire.
Does Microsoft even know the amount of drivers that ARE NOT signed?? This is stupid and it won't prevent anything. Is Microsoft going to look over thousands of drivers just to make sure they don't cause anything bad so they can put thier little WHQL seal and sign the blasted thing? What's to prevent someone from creating a hack that gets around this? Nothing. Why even try to do something like this? At least give users the option to screw up the system.
Gorkman
M$ is watching you... :X
~ Mooga
So, what's to stop me from replacing the certificate which comes with Windows with my own, and then just resigning all the drivers?
(Okay, the DMCA for one... grrr....)
I don't think this if going to make Windows unhackable until hardware support for the certs is added. (which is pretty close, I think...)
There'll be no need to hack it yourself, just connect the machine to the net and after a while all your drivers will be free to do anything.
I have almost no experience in writing Windows drivers, but I think that the work arounds should be simple. All is needed is a signed driver that loads unsigned drivers. Any driver guru that thinks otherwise?
if you actually read the MSDN page on this subject you will find that non administrators will be prevented from installing unsigned drivers... so not unlike many OSS OS's... you just need to SU or runas up to a root/Administrators account and install you drivers and then revert back to your normal privileges.
It's just that easy!
Help Brendan pay off his student loans
Our bigger worry is when Linux doesn't run on signed hardware. Think TCPA.
I'm not subscribed but I can see "IT: Windows Vista x64 To Require Signed Drivers" before the article is published and access its content.
Is it a planned feature or a mistake?
In hours -TPM or not.
DVD-Jon to the rescue?
"Speaking the Truth in times of universal deceit is a revolutionary act." -- George Orwell
If it means I can get DirecTV feeds and QAM via CableCard into my computer, I'll put up with it. I don't own a modern PC -- I have a cobbled together six year old system running MCE 2005 I got from my MSDN account just to see how it works with my 360. Very well, I have to say.
From the standpoint of someone who ran Linux as his primary desktop OS since 1992/1993 (until switching to OSX), I still just don't care. DRM sucks. But I am neither in a place to do anything about it, nor do I have enough free time to worry about that. If it means I can't load software that has the primary purpose of stealing media content (regardless of the BS the people who make excuses spout), so be it. At least I'll be able to watch TV once in a while without being subjected to the crap Comcast and DirecTV offer right now.
Will then call other, unsigned drivers. Whoopie.
"Speaking the Truth in times of universal deceit is a revolutionary act." -- George Orwell
In other words, it's Microsoft's way of shutting any open source project out of Vista development. Think about it, unless they all use the 'commercially accepted drivers', without using drivers of their own, then the project can't go anywhere. The cost as such is also prohibitive for any but the big players to develop their own windows extensions. (like Direct X)
Are there seriously going to be any adopters for Vista beyond MS lackeys, and those in congress who received the top limit on campaign donations?
As per TFA:
...
"Included in this white paper:
How to Disable Signature Enforcement during Development"
We'll have to see what the WDK offers when it becomes available.
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
The certificate "vouches" for the publishing party using a third party. In this case Verisign will issue the certificate that encrypts the publisher's public key. Since the Verisign public key is well known, the cert is decrypted, the publishers info and public key are then available. The signature is a hash of the binary encrypted using the publishers private key. The public key from the cert is used to decrypt the hash, and a new hash of the binary is compared to the signed hash. If the hashes are equal the integrity of the software can be trusted so long as the publisher's private key and Verisign's private key are kept secret, the certificate has not expired, the encryption method itself is trusted, and the code that checks the signature is trusted.
As an alternative, it may be possible to run a driver "interpreter" which is itself signed and trusted, and capable of running "script" or other dynamically-loaded unsigned code in a generic manner in kernel mode, exposing common pieces of hardware to a variety of purposes. This would in essense emulate an open driver API.
change isnt always bad. this could help to minimize exploits in the new OS. or at least, we can hope...
Microsofts Vista is a digital prison for the proles, they'll try to associate free software with piracy and join the **AA fucks in crying for it to be outlawed. We foresaw this from the start, Microsoft can't even innovate in business strategy anymore. This is all highly amusing, laugh.
This is the beginning of microsoft's death. Anyone who's read "In the beginning was the command line" by Neal Stephenson should recognize these early signs. It's the same reason apple never got really big: they used proprietary hardware and therefore limited the amount of users that could use their OS. Therefore, prices stayed relatively high, and most users chose the more flexible PC platform. Microsoft is requiring their users to use (sort of) proprietary software and drivers. This will of course result in the fact that other (more flexible) OS's will become more popular. I'm just now getting to see the usefulness in Linux. I've used it off and on for the past 6 years, but now it's getting to the point where my machine is in Linux mode for a week at a time before I need to do some Maple or Matlab stuff. All I can say is that I will most definitely have a dual-boot system from now on, and that the more restrictive MS gets, the more I will stay in Linux to rip MY OWN FRIGGIN CD's and whatever else they consider potentially unlawful at MS. It's a self-stabilizing situation within the market, so don't worry too much about it. It's the beginning of a new era where Windows will not have the majority of the market.
Read on, it says that the BCDEDIT option will be removed before final Vista code ships, perhaps as early as Vista RC1.
Did I read the white paper wrong? It just said the driver had to be signed, not that it had to be WHQL. I don't think this particular requirement is being implemented for reliability reasons, but for accountability reasons. With a signed driver you know where it came from--that's it. No guarantee of quality or even security, but at least you know who to blame when the driver has problems.
If all the drivers are signed with certs, does that mean I can maintain a black list of driver manufacturers that I don't want to install on my machine? For example, Sony's rootkit driver? :)
Kormac
Individual OSS developers might be out of luck, but any project that is used by a significant number of people can either get the certificate or find someone who will help them out like I outlined in another comment.
Not under the current draft of the GNU General Public License version 3, which considers the private signing key to be part of the Complete Corresponding Source Code.
Why not on the 32bit version ?
This doesn't make any sense to me.
Alexis 'jeriqo' BRET
Looks like when I get a Athlon 64 setup, I'll just be using XP.
Unless Microsoft stops selling copies of XP for the period starting when Windows Vista is released and ending in 2097, and you don't get your Athlon 64 until after this date.
Sooner or later somebody will find a way around this but not without much frustration, perhaps a specially signed "Developer Edition" of the OS.
Which would only be available through MSDN subscription, which in turn would only be available to corporations that have a D-U-N-S tracking number.
raise the $500 each year for the certificate and then each time you want your code signed, you upload it and its signed within minutes!
And watch the signing certificate be revoked for violation of the non-disclosure provisions of the certificate's terms of service.
what is fantastic about this is that it will prevent nafarious entities from installing low level code or drivers. it will also create a chain of accountability for the software running on users machines.
/clap
admittedly, five hundred dollars isn't a great deal - but as an end user i'd rather know where my software is coming from.
what's amusing about this is that when windows 2000 introduced code signing, a lot of people got upset saying that msft would use it as a way to control who could develop software for windows. fortunately, signing has not been used as an anti-competitive tool, rather it's now being used to protect us from malware.
Because if anyone wants to actually excercise their rights under any open source license (i.e. wants to modify the software for any reason), the key won't work!!
I don't know why I keep having repeat myself to get people to understand this; it's an obvious and logical consequence of signed software:
If you try to modify signed software, it's not signed anymore. In other words, ALL Free Software WILL NOT WORK if signing is required!!
There are NO exceptions to this.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
One of the major reasons (IMO) linux is lagging is a lack of drivers. There have been good steps towards hardware support, but I still can't get my wireless card to run under linux. I wonder if this will cut the amount of supported hardware, (not even counting the DRM monitors not yet being manufactured...) and if that in turn will cause people to either stay away from Vista, or get pissed at MS (and maybe use linux instead?)
Perhaps the linux community should make sure to get as much driver support as possible for the falllout when people realize their hardware doesn't work on Vista.
This not only means that you can't have third-party drivers, it ALSO means you can't have 1st party drivers from start-ups. It effectively prohibits anyone new from entering the hardware arena.
But there's more! Although Microsoft's license is "free", they aren't necessarily going to give a license to everyone. Thus, they can effectively ban technology they don't like. Blu-Ray vs. HD-DVD is going to be the shortest battle on record, if all it will take is for Microsoft to prohibit rival systems running on "their" desktops.
There is a way round the problem, but it puts you at risk from the DMCA as (by definition) it is circumventing security technology. By having a hypervisor-like OS running at the lowest level, and then having Vista run on top of that, you can make any piece of physical hardware look like any other piece of hardware that you like. Nothing Vista can do about it, as it can't see the hardware directly, all it can see is the results of pushing data of one type in one direction, then pulling data of another type in the opposite direction.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
There will be some way of loading unsigned drivers. If not, it will be basically impossible to write a driver - since there will be no way of loading it for debug/test. (Unless you really want to go through the pain of signing every single debug build you make). My bet is there will be some "secret" registry key turned on by the DDK - which will stay secret for about an hour. After that, everyone will be able to load unsigned drivers.
You guys are bitching over 500 dollars most software companies who sell any amount of software can afford that a year. And remember this is for drivers! Not software. The only people that will need it in the opensource area are the people who create things like open cd burning software. This just makes it so lets say i go buy a mouse unless the company pays $500 dollars a year they can used signed drivers on the 64bit edition of windows vista. Before you guys start forcasting the downfall of windows and start touting linux as the new big boy remember the reason dumb users use windblows is cause it is easy for them. I use linux and my parents could never figure it out. So get over the fact that microsoft is trying to protect dumb users. Linux still has light years to go in usability for the average dumb person.
I am giving away 2000 premium accounts on my new dating website myfantasyromance.com check it out!
This is going to be one for http://europa.eu.int/comm/commission_barroso/kroes /index_en.html the European Competition commissioner. Following in the footsteps of Super Mario, it looks like this one could run and run.
Pining for the fjords
"they require that you have a Class 3 Commercial Software Publisher Certificate from Verisign. This costs $500 [EUR 412] per year, and as the name implies, is only available to commercial entities."
What about the "geek-next-door" that writes a better program then the big guys down on main avenue; But, cannot or will not become "a commerical entity" and pay verisign 500 bucks a year for a cert. This type of freeware/shareware is uaually very useful software. And it gives up and coming programers experience and exposure.
It sounds like tucows, and places like tucows, as well as the programers, will be out of business.
Something smells fishy.
This has been another valuable and informative opinion from:
Catahoula!
There is no denying that XP won the last round of the OS wars. This was mainly down to the fact the the same 90% that bought PCs thought that Macs were just for animation and graphics (groan) and that Linux is just for nerds. Most people just don't know that there are alternatives.
.Net and Java developer I would still say that Java is easier to write threaded software with, and the Java 5 language additions have really closed the gap on C#, but preventing it from shipping with Ubuntu has pushed it further from home users than ever.
This time round Microsoft are faced by OS X which, thanks to iPod, is now routinely hailed as 'cool' and a Linux which is not only robust enough to be deployed in some businesses (Red Hat and SuSE) but also easy enough for your Nan to install and use (Ubuntu). The message about security is slowly sinking in. People are no longer asking me to defrag their harddisks, they're asking me to install anti-malware and firewalls, but when told about more secure OSs like BSD, Linux and OSX they are still dubious about getting Office to work and getting their old programs to run, unaware that there are free alternatives for most of their apps. I'd say that was a shrinking concern though. I'd also go out on a limb and say that Joe Public was, in general more tech savvi. The game is being played on a very different field.
Who wins boils down to hardware support. If NVidia start to update their drivers more frequently for Linux than for Windows, gamers will start to pay attention. If HP and Epson get tired of having to licence each minor revision of their printers maybe they'll start looking towards OSs with cheaper release cycles.
There is also software to think about. Why learn new APIs for Vista when you can use existing, cross platform APIs like Mono and Qt?
Perhaps even more scary is that Java is really starting to show its head on the desktop. Azurerus is a success, as is eclipse, but perhaps more shocking than either of them is Jake2. Java can already be deployed effectively on single CPU systems, but it really starts to shine when given a few more processors to play with. As a
I have no doubt that Vista will be the dominant OS over the next 5-6 years, but I don't expect it to have close 90% market share at the end of that period.
Scared of flying, pointy things snce 1979!
True. It won't be the average users that will persuade Microsoft to drop this approach (or suffer), and it won't be us nerds either. It will be hardware vendors and potential customers in emerging markets, like China.
... anyway. Eventually, this low end Asian (or even African) market is going to take over what we currently consider mainstream, at least in volume. What little chance there ever was for MS to be on the majority of those systems is certainly nilled by discussed initiative.
Initially this won't actually hurt MS since buying their software isn't the fashion there anyway. But increasingly, high-end hardware vendors like ATI and nVidia will provide drivers for (more or less) open systems like Linux, BSD and Solaris or help others to do so - MS no longer has the control to leverage their platform.
Meanwhile, some small low-end ("brandless") vendors will provide only unsigned drivers as their hardware doesn't end up in your typical Dell, Compaq, Packard-Bell, Toshiba,
I think Microsoft is seeing the threat. That's why they tentatively try pushing only the 64b systems. That's where it's most likely (or least unlikely) to succee. If it does, they may move to 32b (if that still exists by the time Vista is released) and if it doesn't (cos the 64b loot is already taken by Sun, Apple, RedHat - whoever) the'll certainly reconsider.
By the way - this doesn't mean typical hardware geeks won't suffer. As with all of MS' "plans" it could be over next week or it may be a long bloody battle.
This is the "foot in the door". Next release of Windows will almost certainly support 64 bit only, then they have no unsigned drivers anymore. This gives a transition time to force all the holdovers like VMware who ship unsigned drivers to get them signed....what choice do they have, abandon the vast majority of their potential market?
Doing it all at once would attract too much attention outside the rabble rousers like Slashdot. By the time the implications are noticed by the popular press, its been this way "since the beginning" for 64 bit drivers and they'll trot out some statistics on crashes to prove this is better. And getting those stats will be easy, since you need a relatively new system to run 64 bit Vista, they WILL have better reliability so MS won't even have to lie.
Currently it's possible to read/write ext3 volumes from Windows XP using an installable file system (IFS) driver.
Will this be a thing of the past after Longhorn ships?
I'd be willing to bet that Microsoft is already plotting to charge the various entertainment companies for every piece of content that gets streamed over their OS. Oh, Microsoft will be all nice to them at first, but as soon as they've established a stranglehold on the industry, that's when they'll lower the boom. After all, what company wouldn't want to tax a multi-billion dollar industry, given the opportunity? And it's not like we haven't seen this pattern before from Microsoft.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
So you think these programers do not write drivers? ha!
This has been another valuable and informative opinion from:
Catahoula!
I'm quite farmiliar with how PKIs and code-signing work. The problem with any PKI, is that you have to have a root to base the trust from. Verisign's "well known public key" isn't "well known", it's just stored in the local certificate store and marked as a trusted CA. There is nothing stopping a user from substituting their own certificate in Verisign's place, and resigning all the binaries on the box. (Well, until you get into hardware crypto...)
Ah, yes, how very true it is that more testing leads to software that's buggier than software that's never tested. Thank you for that wonderfully insightful comment.
MOD
PARENT
UP!!!1111!!!!OMGLOL!!11
Tech, life, family, faith: Give me a visit
Don't rootkits run as kernel mode drivers?
It's true that this will inconvenience some OSS projects, and it will put a relatively small barrier up for small hardware vendors; however, don't forget about the benefits to end-users of Windows.
The vast majority of blue screens on a Windows 2000/XP system today are from (kernel) mode drivers. With protected memory, programs and user level drivers are not a big problem anymore -- not like the bad old days of Windows 9x. If programs misbehave, they don't bring down the whole system (typically).
Say what you will about this, but don't forget that there are benefits to locking down critical parts of the operating system.
No more ext2 filesystem driver.
No more free/cheap hardware hacking (like the Nissan ECU software I have for my SR20 motor, that has it's own USB driver hacked by the hobbyist board-maker)
Fuck windows :)
Stick with the XP/2K way of requiring confirmation/prompting, flash up a big warning that you will receive no support or whatever... but if they do this, they're just hurting people more than helping...
smash.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
As a monopoly, they have the ability to enforce their will on the market. If you don't like it, talk to the justice department.
They won't listen. I voted against the administration that gave Microsoft a slap on the wrist.
Or don't use Windows.
Please give me SANE drivers for my paid-for Microtek Scanmaker 4850 or buy me a different scanner to replace it. If you advocate that more people switch to linux, then you will need to help them find alternatives to unsupported peripherals, just as Microsoft will need to help people who switch from Windows XP to Windows Vista find alternatives to peripherals that do not have a signed driver.
I use a few open source windows drivers myself, but even still, I recognise that the majority of crashes in Windows are likely due to buggy drivers and I think locking-down on that is a good step forward. That said, I remember reading a while back on The Old New Thing about how developers would go about defrauding the WHQL driver certification process, and I just cannot see how forcing it to be signed for certification is any different that just certifying it. Developers can still pull the same old tricks to get it certified while still bending the rules.
Still, though... at least it helps against malicious code. Provided they haven't forged a signature. The less zombie-boxes out there the better for all of us. One thing I don't know, though; I saw somewhere that only kernel-level drivers will need to be signed... (I didn't read TFA... only TFC) is it possible to re-write most of those OSS drivers to be user-mode drivers? Is such a thing even possible?
For those that cannot or did not RTFA, here is a quote from the article that clearly states this topic is not just about DRIVERS:
:-)
------
"Digital signatures allow the administrator or end user who is installing Windows-based software to know whether a legitimate publisher has provided the software package."
Nuff said
This has been another valuable and informative opinion from:
Catahoula!
Nothing on the Verisign site http://www.verisign.com/products-services/security -services/code-signing/digital-ids-code-signing/in dex.html indicates that ever single piece of software requires a new certificate. So nothing prevents a group of opensource developers from getting together, incorporating, obtaining a cert, and then signing the software of those they trust. For example, Sourceforge could get a cert, and then offer driver-signing services to trusted projects.
6 ,00.html).
Want to go it alone? It's $75 - $500 to incorporate, depending upon the type (http://www.entrepreneur.com/article/0,4621,28798
Keep in mind that driver-signing doesn't 100% guarantee stability. My ATI card's signed drivers still periodically flake out...
Beware: I believe all are created equal, and have the right to life, liberty, and the pursuit of happiness.
However, it may be difficult to obtain the credentials verisign requires before issuing these certs. See http://msdn.microsoft.com/library/en-us/dnauth/htm l/signfaq.asp?frame=true#10b for a little more info.
So, about the whole $500 deal in order to get your drivers signed...why couldn't the GNU community or someone buy one. Then, when someone comes out with some nice piece of code submit it to the owners. Then, he or she could get it signed and distribute the signed code? Or is that somewhere on page 17623875 of the EULA?
Won't work. The Verisign cert is only the first step. You take your Verisign cert to Microsoft, agree to their terms and conditions, and then they'll give you the PIC actually used to sign drivers. One of Microsoft conditions is you have to agree to safeguard the PIC private key.
Well, you seem to be forgetting something: crappy, sometimes BSOD-inducing NVIDIA chipset drivers. Look around the web, on http://www.nforcershq.com/forum and nvidia's own forums and you'll see the issues people are having. In contrast, I've heard that ATI's northbridge at least doesn't need many special drivers, though I have no personal experience.
It isn't clear yet that they are trying to *securely* prevent loading unsigned drivers into the kernel. There might just be a config setting or other toggle that hackish users can flip to load unsigned code into the kernel.
In fact it would seem they would have to have such a toggle. Otherwise how are even commercial software companies supposed to develop this code? Not only would it be a pain to sign the driver every time you are testing the latest code changes it would require giving access to the signing keys to whoever compiles a kernel extension.
As an aside this scheme seems totally useless for the proposed purpose. The makers of malware are just going to steal a legitamate software developers secret key and sign their code with that. MS won't be able to anything because tons of people will be mad if windows update breaks their computer. However, I don't know whether to credit this to stupidity or malicousness (just want to make it difficult for normal people to use OSS kernel level code).
If you liked this thought maybe you would find my blog nice too:
I'm sure it wasn't that bad when the NAZIs started...
Godwin alert! Godwin alert!
'If you're flammable and have legs, you are never blocking a fire exit.'
How will this work for machines behind a router/NAT/firewall box?
You'd have to have a router that follows Trusted Network Connect.
Will MS force everyone to replace or reprogram their network gateways?
That's the idea. Alsee estimated that residential ISPs' transition to Trusted Network Connect would occur between 2011 and 2015, once 99 percent of PCs still in operation have a working TPM.
I bet this is directly related to Sony's refusal to allow M$ to integrate Blu-Ray drives with XBox. My understanding is that Sony's DRM will not allow the XBox to stream content through from Windows MCE to a TV.
Sounds like a case of 'two can play at this game"..
isn't it better for vendors to supply source code & md5 hash? yes, every tarbal of linux is signed so far. as well as some drivers not included in kernel (yet) and distributed on vendor homepages... just the md5 & source :)
I think MS has suffered from unfortunate wording here. The Word document attached to the KB article states:
.cat file. Note that publishers should have tested the package that before submitting it to the Windows Logo Program. In order to verify that the driver loads and operates correctly, publishers can sign the driver or driver catalog with the PIC. Note that boot driver binaries must include an embedded signature using a PIC before submission to the Logo or DRS programs. .cat file and sign it with the publisher's PIC.
During much of the development process, signing driver packages is unnecessary. Instead, developers can use one of several mechanisms to suppress digital signature enforcement on test systems. However, when the project approaches the end of a milestone, the package must be signed in one of the following ways:
Windows Logo Program. The publisher submits the driver package for the Windows Logo Program. Drivers that qualify for the logo receive a WHQL-signed
PIC-based signing. For drivers that do not qualify for the logo, the publisher can create a
So actually, you don't **have** to have a PIC.
See also my blog entry about this.
This actually sounds like a pretty good thing. Given a short amount of time, and the techie crowd will find a way around it - however the vast majority of users won't even know it exists. This means that all hardware vendors will need to get their drivers checked by MS first - a good thing as most people agree that the majority of BSOD's are caused by buggy drivers.
Techie's will find a way round it so we can destory our systems, whilst the home users should have a even more stable system.
Plus (I'm going to get flammed for this), there really aren't a huge amount of OSS drivers that are used anyway - we are talking drivers at the kernel level, not some OSS C# project - OSS will still run; it's just that hardware kernel drivers will have to be checked by MS. (which need a cert from VeriSign that costs $500 - which lets face it isn't exactly a huge hole in the pocket.)
Drivers for boot-start devices must include an embedded PIC. This requirement applies for these devices: CD-ROM, disk drivers, ATA/ATAPI controllers, mouse and other pointing devices, SCSI and RAID controllers, and system devices.
That's 5 to 9 years away! This is an eternity in Internet time.
And if during those 5 to 9 years, we just sit on our behinds, then what argument will there be against the widespread implementation of Trusted Network Connect by the majority of residential Internet service providers?
Look how slowly the much vaunted transition to HD TV is going.
The transition to Trusted Network Connect is not analogous to the transition to high-definition television but to the transition to digital television. When analog TVs "stop working" because nobody is broadcasting analog signals anymore...
I suspect the HD DVD will bomb spectacularly since this technology doesn't offer a really compelling advantage over existing DVD.
Other than continuing availability of new titles and of reprints of older titles? Where is your VHS now?
What advantage will a new computer with TPM have over even a Win98 box for a Joe or Jane who just want to e-mail their kids and grandkids?
Other than that the motherboard and the hard drive still work? Computer hardware wears out and eventually fails catastrophically. How many Windows 98 boxes will still be running Windows 98 or even XP in 2011?
Even for millions of users, government, businesses and home users to be required to replace their still otherwise perfectly working networking components will be a tough sell.
All new computers that are preloaded with Windows Vista will have a Trusted Platform Module. If the only hardware that can be purchased at retail by the general public is so-called "trusted" hardware, then ISPs will have an easier time justifying TNC.
DVD's are random access, don't wear and did not need the replacement of the rest of the reproducing equipment.
DVD is just as scratchable as CD-ROM, as they use roughly the same polycarbonate layer. Blu-ray, on the other hand, has been said to be more scratch-resistant, and this could be an advantage with G-rated animated movies.
A well made computer can last for a pretty long time.
Even a $500 eMachines PC?
It is also still useful as a programmer for a number of X-10 power control modules scattered around the house.
Nothing to do with pop-under ads, right?
Hard drives are pretty cheap these days.
RAM is cheap, but don't tell that to anybody who has a motherboard that takes single-speed SDRAM. Likewise, as PC OEMs move to Serial ATA, watch it become hard to find old-fashioned parallel ATA drives new in box at an affordable price.
tepples wrote: All new computers that are preloaded with Windows Vista will have a Trusted Platform Module
arminw wrote: Are you saying that MS will not make a version of VISTA to upgrade the millions of already existing ordinary PCs?
Not exactly. Windows Vista Upgrade won't require a TPM except to access some high-security features such as, say, HD-DVD playback or whole-disc encryption. Windows Vista OEM version, on the other hand, will need a TPM, or the PC vendor or motherboard vendor won't be allowed to advertise the hardware as "Designed for Microsoft Windows Vista". And the TPM has to be version 1.2 or newer.
However, if this were true, then that is another good reason to buy an OSX or Linux system.
Macintel has a working TPM, and Rosetta is rumored to use it. As for Linux, no Linux PCs are advertised on national TV, so watch residential Linux users be dismissed as collateral damage once the TNC transition occurs.
MS has tried and failed to control the Internet
As long as 67 percent of residential users who use a web browser use IE as the primary web browser, Microsoft controls at least the World Wide Web side of the Internet.
I still think Sourceforge could set it up as a service. If you're referring to the D&B rating, it's not that hard to get: Sourceforge is owned by the Open Source Technology Group, which is owned by VA Software.
a sp?prodid=&catalog=&GUID=7F577E4E-B03B-4123-B0BE-B 805583CC740&cm_mmc=Proprietary*DNB.com*Home%20Page *Search%20Box
Both already have D&B ratings: http://smallbusiness.dnb.com/company-information.
Beware: I believe all are created equal, and have the right to life, liberty, and the pursuit of happiness.
Why can't Sourceforge keep the private-key a secret, and offer signing as a service to "certified" OSTG members? I've yet to read anything in the MSDN docs that make this impossible.
Beware: I believe all are created equal, and have the right to life, liberty, and the pursuit of happiness.