Microsoft gave its digital imprimatur to a rootkit that decrypted encrypted communications and sent them to attacker-controlled servers, the company and outside researchers said.
The blunder allowed the malware to be installed on Windows machines without users receiving a security warning or needing to take additional steps. For the past 13 years, Microsoft has required third-party drivers and other code that runs in the Windows kernel to be tested and digitally signed by the OS maker to ensure stability and security. Without a Microsoft certificate, these types of programs can’t be installed by default.
One of the reasons Windows 11’s hardware requirements are so stringent is because Microsoft wants to force Trusted Platform Modules and Secure Boot down everyone’s throat, in the name of security. This way, Windows users can feel secure in knowing Microsoft looks out for them, and will prevent malware and viruses from…
I can’t keep writing this with a straight face.
I still think the signing of apps and drivers is a good thing. I absolutely hate the Windows XP reasoning that all drivers need to be accepted, which the reason Windows XP allowed applications to install unsigned kernel drivers without even warning the user about it (which led to the Sony XCP rootkit, the Sony MicroVault rootkit and other nasty hard-to-remove and hard-to-detect malware). You know your OS sucks security-wise when even paid software uses malware tactics because employing malware tactics is just too easy. At least with signing, bad actors (and their drivers) can be blacklisted.
Also, there is a case to be made for SecureBoot (bootloader malware is a thing), as long as it can be disabled easily by the user and is not required for upgrades and custom builds.
TPM is pretty much security theater. Bitlocker will allow you to have an encrypted drive by using a USB drive as the token, so you don’t even need TPM for using Bitlocker.
So, overall, I liked Microsoft’s security improvements made from Windows Vista to Windows 10 (including enforcing driver signatures), it’s the Windows 11 security theater I don’t like.