Linked by Thom Holwerda on Sat 21st Jan 2006 22:42 UTC, submitted by PlatformAgnostic
Windows "With little fanfare, Microsoft just announced that the x64 version of Windows Vista will require all kernel-mode code to be digitally signed. This is very different than the current WHQL program, where the user ultimately decides how they want to handle unsigned drivers. Vista driver developers must obtain a Publisher Identity Certificate (PIC) from Microsoft. Microsoft says they won't charge for it, but they require that you have a Class 3 Commercial Software Publisher Certificate from Verisign. This costs $500 [EUR 412] per year, and as the name implies, is only available to commercial entities."
Permalink for comment 88329
To read all comments associated with this story, please click here.
RE: Wow
by PlatformAgnostic on Sun 22nd Jan 2006 05:48 UTC in reply to "Wow"
PlatformAgnostic
Member since:
2006-01-02

It's not necessary for security for knowledgeable users. Nothing in usermode can affect kernel-mode without the user's permission. If the user wants to install something, then he/she can do so securely by logging on as an admin and running the install task. Drivers can't just install themselves, especially if they're unsigned. Currently these unsigned drivers can be installed after a user prompt.

This is not a security measure. If anything it's a quality measure and a DRM-enforcement technique. It's probably not going to last, I predict, because all it will do is slow the adoption of X64. After a while Microsoft will probably decide to open it up again.

Reply Parent Score: 2