Vista DRM Prevents Kernel Tampering

mjdroner writes "A ZDNet blog reports on a new DRM feature for Vista that 'protects' the kernel from tampering. The blog quotes a Microsoft document: 'Code (CI) protects Windows Vista by verifying that system binaries haven't been tampered with by malicious code and by ensuring that there are no unsigned drivers running in kernel mode on the system.' The blog says that much of the DRM in Vista is simply a port from XP, but that this feature is new to the OS."

Re:innovative

[EvanED]

What makes Sony's legitimate but the ones from Rootkit.com not?

If anything I would argue that rootkit.com is a more legit distribution mechanism than Sony.

Re:Coercion?

[perlchild]

It does contribute to fighting open source, any way you look at it. I'm using a tap driver from the openvpn project, it isn't signed, and I don't know for sure, but I don't remember openvpn being a commercial entity. However, I'm not current enough in vista to know if they couldn't just get out of the kernel, and move to user-space for the required features.

Quis custodiet ipsos custodes

[megaditto]

Cracking such a thing is trivial once you answer the question who watches the watchman?

As Apple just learned with their TPM kernel extension, all that hackers need to do is replace the binary that verifies all other binaries, and the "goodies" are up for grabs.

Re:Coercion?

[Aladrin]

I totally disagree. You are assuming they have a commercial application in mind. What about someone who wants to write drivers for their new hardware they just built by hand? They shouldn't be required to go through this.

It doesn't matter, though, because if you make it too hard to write software for Windows, people will stop. They'll find another platform that is more enticing to them. It won't happen immediately, of course. But it'll happen.