The truth about Redmond's WinXP signed driver plans

You should only accept signed and quality-controlled articles on the subject...

  • alert
  • submit to reddit

High performance access to file storage

Has Jim Allchin, Microsoft's Mr XP, finally lost it? Why is he writing letters to ZD denying things Microsoft hasn't been accused of? Doh...

The Register was indeed initially baffled by Jimbo's trenchant defence of XP's implementation of a signed driver regime, as described yesterday by the Smart Partner segment of The Mighty Z. He disputed "findings from beta testers and analysts that under Windows XP all applications and drivers need to be 'signed' or need to be re-registered online before they can run."

Oh really? One can just about grasp how the odd analyst might be deluded enough to believe this twaddle, but as WinXP beta testers will in the main be actually running WinXP, they'd have to be terminally asleep at the switch not to have noticed that this is, er, entirely untrue. But where were these allegations made in the first place? Aha, yes, Smart Partner, May 8th, in a piece encouraging people to refuse to upgrade to XP.

"Then there’s the requirement that all software be signed with a Microsoft-approved bit of code. MS has said that will be the case with device drivers, but it’s unclear whether XP apps will need to be signed, too. A Microsoft source tells me they will be."

You can see why Allchin might get a little bit worked up about this, first because it's entirely untrue on both counts, and second because it spreads precisely the kind of disinformation Microsoft really does not want doing the rounds in the run-up to XP's launch. The reality is that although Microsoft intends to actively encourage the use of signed drivers, and would like to apply a similar system to apps, the position is considerably more complex.

Windows XP does indeed have its defaults set to warn you about installing unsigned drivers, and it does indeed have the facility to be set to refuse to install these drivers. But while Microsoft wishes to encourage people to stick to signed ones, there is no "requirement that all software be signed with a Microsoft-approved bit of code." There's nothing to stop you running installing and running unsigned drivers, and in many cases - at least at the moment - they'll run better than the preferred Microsoft defaults.

The fact that a driver is signed does not per se mean that it is necessarily good, or even works at all. It probably does mean that it's highly unlikely to break your XP installation, which is a start.

The warnings you get seem to be on a graduated scale, but as yet The Register hasn't felt impelled to try to figure out what the rules are. We have however got the impression that matters connected with modems and USB seem to prompt particularly shrill ones, as well they might.

Naturally, as we've said here before, many users are going to be a bit worried by such warnings, which will mean hardware vendors will get griped at about getting their drivers 'up to snuff,' and Microsoft will have a 'told you so, contact your hardware vendor' get-out in cases where XP does break after unsigned drivers are installed. As we've also said here before, this will pressure hardware vendors to support Microsoft's signed driver regime, and will ultimately place even more power in Microsoft's hands. But it's not compulsory, and Redmond probably doesn't think there's any need for it to be.

As for apps, it's definitely not "unclear whether XP apps will need to be signed." Reference to a November piece in, er, Smart Partner (itself a follow-up to a slightly earlier piece in El Reg, reveals that XP will include the option to block all unsigned code. And in a presentation in Seattle earlier this year The Register distinctly heard senior Microsoft reps say that while they were extremely keen on digital signatures for apps, they realised it would be a highly sensitive area, so they were going ot be real careful.

As yet, Microsoft has not set a default to warn against installing unsigned apps, but even it it goes that far - which it quite probably won't, given the howls it would generate from ISVs - it would be politically impossible to set the default to block, at least in this rev of Windows. The pressures that will drive ISVs towards a signed regime are however the same as they are for signed drivers, and no doubt somewhere within Fort Redmond there are people mulling over possible opportunities for 'deflectors on full' editions.

Super-safe, super-crashproof corporate editions? The corps will like signed regimes anyway, because they stop users installing crud. Unbreakable, idiot-proof appliance editions for the home? Could happen - but Redmond's planners are too sophisticated (no, really...) to just slam down the shutters now, in one go.

Allchin's letter does however say something interesting that should be made more of. He correctly states that the default is set to warn, and that "we have been encouraged by computer manufacturers to change the default to block, but we are staying with warn. The warning message you get is scary if you are trying to load an unsigned driver and rightly so, in my view."

Undoubtedly, we are being somewhat economical with l'actualite here. What we presume is really happening is that Microsoft has been busily doing the rounds of the hardware manufacturers, extolling the virtues of signed driver regimes. As such regimes - operating correctly - will involve hardware manufacturers working closely with Microsoft to make sure their drivers work, and that Microsoft says they work, there would seem to be considerable upsides for PC manufacturers here.

They hate getting huge numbers of tech support calls, it costs them when Microsoft accidentally breaks things and then they've got to figure out why and placate their customers - on a level playing field, signed drivers could be a good thing for them. But it's not exactly the case that it's the evil hardware manufacturers who want to lock everything down, and plucky Microsoft that's defending liberty.

Get real, Jim. If they're lobbying for block all unsigned as the default, it's because that's precisely what you've effectively been encouraging them to lobby for. No doubt you'll be finding that your enterprise customers will be demanding that same default for drivers, and swiftly afterwards for apps, RSN.

So what's wrong with signed regimes anyway? Isn't it a good idea to have entirely approved systems where all of the software is guaranteed to work, and not to break things? In principle, nothing, and in principle it'd be great to have a big pile of all the stuff you'd ever need easily and instantly available in a giant store on the Windows Update site. But as we've said before, the problem lies in the nature of the custodian - It's the storekeeper's funny eyes. ®

Related Sm@rts:
XP, just say no, apparently
Allchin show denial
Whistler To Block Unsigned Code

Combat fraud and increase customer satisfaction

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Inside the Hekaton: SQL Server 2014's database engine deconstructed
Nadella's database sqares the circle of cheap memory vs speed
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
IRS boss on XP migration: 'Classic fix the airplane while you're flying it attempt'
Plus: Condoleezza Rice at Dropbox 'maybe she can find ... weapons of mass destruction'
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
New Facebook phone app allows you to stalk your mates
Nearby Friends feature goes live in a few weeks
prev story


Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.