Feeds

The truth about Redmond's WinXP signed driver plans

You should only accept signed and quality-controlled articles on the subject...

  • alert
  • submit to reddit

The smart choice: opportunity from uncertainty

Has Jim Allchin, Microsoft's Mr XP, finally lost it? Why is he writing letters to ZD denying things Microsoft hasn't been accused of? Doh...

The Register was indeed initially baffled by Jimbo's trenchant defence of XP's implementation of a signed driver regime, as described yesterday by the Smart Partner segment of The Mighty Z. He disputed "findings from beta testers and analysts that under Windows XP all applications and drivers need to be 'signed' or need to be re-registered online before they can run."

Oh really? One can just about grasp how the odd analyst might be deluded enough to believe this twaddle, but as WinXP beta testers will in the main be actually running WinXP, they'd have to be terminally asleep at the switch not to have noticed that this is, er, entirely untrue. But where were these allegations made in the first place? Aha, yes, Smart Partner, May 8th, in a piece encouraging people to refuse to upgrade to XP.

"Then there’s the requirement that all software be signed with a Microsoft-approved bit of code. MS has said that will be the case with device drivers, but it’s unclear whether XP apps will need to be signed, too. A Microsoft source tells me they will be."

You can see why Allchin might get a little bit worked up about this, first because it's entirely untrue on both counts, and second because it spreads precisely the kind of disinformation Microsoft really does not want doing the rounds in the run-up to XP's launch. The reality is that although Microsoft intends to actively encourage the use of signed drivers, and would like to apply a similar system to apps, the position is considerably more complex.

Windows XP does indeed have its defaults set to warn you about installing unsigned drivers, and it does indeed have the facility to be set to refuse to install these drivers. But while Microsoft wishes to encourage people to stick to signed ones, there is no "requirement that all software be signed with a Microsoft-approved bit of code." There's nothing to stop you running installing and running unsigned drivers, and in many cases - at least at the moment - they'll run better than the preferred Microsoft defaults.

The fact that a driver is signed does not per se mean that it is necessarily good, or even works at all. It probably does mean that it's highly unlikely to break your XP installation, which is a start.

The warnings you get seem to be on a graduated scale, but as yet The Register hasn't felt impelled to try to figure out what the rules are. We have however got the impression that matters connected with modems and USB seem to prompt particularly shrill ones, as well they might.

Naturally, as we've said here before, many users are going to be a bit worried by such warnings, which will mean hardware vendors will get griped at about getting their drivers 'up to snuff,' and Microsoft will have a 'told you so, contact your hardware vendor' get-out in cases where XP does break after unsigned drivers are installed. As we've also said here before, this will pressure hardware vendors to support Microsoft's signed driver regime, and will ultimately place even more power in Microsoft's hands. But it's not compulsory, and Redmond probably doesn't think there's any need for it to be.

As for apps, it's definitely not "unclear whether XP apps will need to be signed." Reference to a November piece in, er, Smart Partner (itself a follow-up to a slightly earlier piece in El Reg, reveals that XP will include the option to block all unsigned code. And in a presentation in Seattle earlier this year The Register distinctly heard senior Microsoft reps say that while they were extremely keen on digital signatures for apps, they realised it would be a highly sensitive area, so they were going ot be real careful.

As yet, Microsoft has not set a default to warn against installing unsigned apps, but even it it goes that far - which it quite probably won't, given the howls it would generate from ISVs - it would be politically impossible to set the default to block, at least in this rev of Windows. The pressures that will drive ISVs towards a signed regime are however the same as they are for signed drivers, and no doubt somewhere within Fort Redmond there are people mulling over possible opportunities for 'deflectors on full' editions.

Super-safe, super-crashproof corporate editions? The corps will like signed regimes anyway, because they stop users installing crud. Unbreakable, idiot-proof appliance editions for the home? Could happen - but Redmond's planners are too sophisticated (no, really...) to just slam down the shutters now, in one go.

Allchin's letter does however say something interesting that should be made more of. He correctly states that the default is set to warn, and that "we have been encouraged by computer manufacturers to change the default to block, but we are staying with warn. The warning message you get is scary if you are trying to load an unsigned driver and rightly so, in my view."

Undoubtedly, we are being somewhat economical with l'actualite here. What we presume is really happening is that Microsoft has been busily doing the rounds of the hardware manufacturers, extolling the virtues of signed driver regimes. As such regimes - operating correctly - will involve hardware manufacturers working closely with Microsoft to make sure their drivers work, and that Microsoft says they work, there would seem to be considerable upsides for PC manufacturers here.

They hate getting huge numbers of tech support calls, it costs them when Microsoft accidentally breaks things and then they've got to figure out why and placate their customers - on a level playing field, signed drivers could be a good thing for them. But it's not exactly the case that it's the evil hardware manufacturers who want to lock everything down, and plucky Microsoft that's defending liberty.

Get real, Jim. If they're lobbying for block all unsigned as the default, it's because that's precisely what you've effectively been encouraging them to lobby for. No doubt you'll be finding that your enterprise customers will be demanding that same default for drivers, and swiftly afterwards for apps, RSN.

So what's wrong with signed regimes anyway? Isn't it a good idea to have entirely approved systems where all of the software is guaranteed to work, and not to break things? In principle, nothing, and in principle it'd be great to have a big pile of all the stuff you'd ever need easily and instantly available in a giant store on the Windows Update site. But as we've said before, the problem lies in the nature of the custodian - It's the storekeeper's funny eyes. ®

Related Sm@rts:
XP, just say no, apparently
Allchin show denial
Whistler To Block Unsigned Code

Securing Web Applications Made Simple and Scalable

More from The Register

next story
NO MORE ALL CAPS and other pleasures of Visual Studio 14
Unpicking a packed preview that breaks down ASP.NET
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
Put down that Oracle database patch: It could cost $23,000 per CPU
On-by-default INMEMORY tech a boon for developers ... as long as they can afford it
Google shows off new Chrome OS look
Athena springs full-grown from Chromium project's head
Apple: We'll unleash OS X Yosemite beta on the MASSES on 24 July
Starting today, regular fanbois will be guinea pigs, it tells Reg
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
DARPA-derived secure microkernel goes open source tomorrow
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.