Announcement

Collapse
No announcement yet.

Driver signature override

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Driver signature override

    http://www.ngohq.com/home.php?page=dseo

    Driver Signature Enforcement Overrider 1.3b
    It seems that Microsoft has forgotten end users when it introduced a very restricted module of driver signature enforcement in Windows Vista and Windows 7. All drivers and system files must be digitally verified or they cannot run when using both 32-bit and 64-bit versions of Windows Vista and Windows 7. In the past, it was possible to turn that feature off in Vista, but due to new kernel security updates, it is impossible to turn it off without degrading security and stability of your operating system or putting your master boot records in risk by using other software alternatives.

    So what is the problem with digital certificates? Well, the problem is… developers have to pay Microsoft to receive verified certificates, and that makes many applications inaccessible under Windows Vista and Windows 7. However, it is still possible to turn it off by pressing the F8 function key during system boot up, but pressing F8 every time on boot up can be a serious pain in the butt. Others have found workarounds, but most of them are too risky and may trash your master boot records, at least until now thanks to our latest tool.
    ______________________________
    Nothing is impossible, some things are just unlikely.

  • #2
    This is a bad thing. Very bad. Signed drivers are the core of Windows XP/Vista/Win7. In 64-bit operating systems, it is a requirement, and for damned good reasons.

    Purchasing a Certificate from Microsoft is not something you just go out and do: If you get a certificate, you also get WHQL certification for that driver. This is Microsoft signing off on your work.

    This applet will allow unsigned driver code to run on a system carte blanche. Bad.

    This applet will not allow unsigned code to execute without admin rights - good and bad. Good because the user initiating it will have a slightly higher chance of knowing what they are doing, bad because it will run at all. Down the road, if the device is a USB or serialized USB device, you will need admin rights to replace the device or have it function in a different USB Port. This is a problem waiting for an opportunity to occur.

    In short: this allows crappy drivers to live on.

    This may be acceptable for some developers for one-off uses, but for consumers this is bad, especially if this catches on. Unscrupulous developers might use this as a band-aid for resolving a specific problem. If I were Microsoft, or any security software vendor, I would flag the applet as potential badware.

    My professional opinion is that this applet is asking for trouble, and I don't recommend using it except in the most dire of circumstances. As a senior developer for nearly 200,000 physical and several thousand virtual systems, I see the effects of band-aids and workarounds everyday. Some of these can take years of work to undo. Something as trivial as an unsigned third party printer driver can play havoc with systems management, especially if it needs to be installed and configured silently.
    Hey, Donny! We got us a German who wants to die for his country... Oblige him. - Lt. Aldo Raine

    Comment


    • #3
      Of course it is a bad thing for any stable system, but there are many situations where it can be useful. I used the F8 trick to make a touchscreen work on Windows 7 beta, as the manufacturer didn't have the driver ready yet. It could also help to run older hardware for which no new driver is made.
      While I fully understand the importance of signed drivers to aid in a stable system, I feel that a system should allow the power user to bypass it; at his own risk. As such, he has no rights complaining about stability issues when he does bypass it. It remains bad practise for any production system.
      pixar
      Dream as if you'll live forever. Live as if you'll die tomorrow. (James Dean)

      Comment


      • #4
        As if Signing and WHQL actualy made a diff
        If there's artificial intelligence, there's bound to be some artificial stupidity.

        Jeremy Clarkson "806 brake horsepower..and that on that limp wrist faerie liquid the Americans call petrol, if you run it on the more explosive jungle juice we have in Europe you'd be getting 850 brake horsepower..."

        Comment

        Working...
        X