The truth about Redmond's WinXP signed driver plans

You should only accept signed and quality-controlled articles on the subject...

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Has Jim Allchin, Microsoft's Mr XP, finally lost it? Why is he writing letters to ZD denying things Microsoft hasn't been accused of? Doh...

The Register was indeed initially baffled by Jimbo's trenchant defence of XP's implementation of a signed driver regime, as described yesterday by the Smart Partner segment of The Mighty Z. He disputed "findings from beta testers and analysts that under Windows XP all applications and drivers need to be 'signed' or need to be re-registered online before they can run."

Oh really? One can just about grasp how the odd analyst might be deluded enough to believe this twaddle, but as WinXP beta testers will in the main be actually running WinXP, they'd have to be terminally asleep at the switch not to have noticed that this is, er, entirely untrue. But where were these allegations made in the first place? Aha, yes, Smart Partner, May 8th, in a piece encouraging people to refuse to upgrade to XP.

"Then there’s the requirement that all software be signed with a Microsoft-approved bit of code. MS has said that will be the case with device drivers, but it’s unclear whether XP apps will need to be signed, too. A Microsoft source tells me they will be."

You can see why Allchin might get a little bit worked up about this, first because it's entirely untrue on both counts, and second because it spreads precisely the kind of disinformation Microsoft really does not want doing the rounds in the run-up to XP's launch. The reality is that although Microsoft intends to actively encourage the use of signed drivers, and would like to apply a similar system to apps, the position is considerably more complex.

Windows XP does indeed have its defaults set to warn you about installing unsigned drivers, and it does indeed have the facility to be set to refuse to install these drivers. But while Microsoft wishes to encourage people to stick to signed ones, there is no "requirement that all software be signed with a Microsoft-approved bit of code." There's nothing to stop you running installing and running unsigned drivers, and in many cases - at least at the moment - they'll run better than the preferred Microsoft defaults.

The fact that a driver is signed does not per se mean that it is necessarily good, or even works at all. It probably does mean that it's highly unlikely to break your XP installation, which is a start.

The warnings you get seem to be on a graduated scale, but as yet The Register hasn't felt impelled to try to figure out what the rules are. We have however got the impression that matters connected with modems and USB seem to prompt particularly shrill ones, as well they might.

Naturally, as we've said here before, many users are going to be a bit worried by such warnings, which will mean hardware vendors will get griped at about getting their drivers 'up to snuff,' and Microsoft will have a 'told you so, contact your hardware vendor' get-out in cases where XP does break after unsigned drivers are installed. As we've also said here before, this will pressure hardware vendors to support Microsoft's signed driver regime, and will ultimately place even more power in Microsoft's hands. But it's not compulsory, and Redmond probably doesn't think there's any need for it to be.

As for apps, it's definitely not "unclear whether XP apps will need to be signed." Reference to a November piece in, er, Smart Partner (itself a follow-up to a slightly earlier piece in El Reg, reveals that XP will include the option to block all unsigned code. And in a presentation in Seattle earlier this year The Register distinctly heard senior Microsoft reps say that while they were extremely keen on digital signatures for apps, they realised it would be a highly sensitive area, so they were going ot be real careful.

As yet, Microsoft has not set a default to warn against installing unsigned apps, but even it it goes that far - which it quite probably won't, given the howls it would generate from ISVs - it would be politically impossible to set the default to block, at least in this rev of Windows. The pressures that will drive ISVs towards a signed regime are however the same as they are for signed drivers, and no doubt somewhere within Fort Redmond there are people mulling over possible opportunities for 'deflectors on full' editions.

Super-safe, super-crashproof corporate editions? The corps will like signed regimes anyway, because they stop users installing crud. Unbreakable, idiot-proof appliance editions for the home? Could happen - but Redmond's planners are too sophisticated (no, really...) to just slam down the shutters now, in one go.

Allchin's letter does however say something interesting that should be made more of. He correctly states that the default is set to warn, and that "we have been encouraged by computer manufacturers to change the default to block, but we are staying with warn. The warning message you get is scary if you are trying to load an unsigned driver and rightly so, in my view."

Undoubtedly, we are being somewhat economical with l'actualite here. What we presume is really happening is that Microsoft has been busily doing the rounds of the hardware manufacturers, extolling the virtues of signed driver regimes. As such regimes - operating correctly - will involve hardware manufacturers working closely with Microsoft to make sure their drivers work, and that Microsoft says they work, there would seem to be considerable upsides for PC manufacturers here.

They hate getting huge numbers of tech support calls, it costs them when Microsoft accidentally breaks things and then they've got to figure out why and placate their customers - on a level playing field, signed drivers could be a good thing for them. But it's not exactly the case that it's the evil hardware manufacturers who want to lock everything down, and plucky Microsoft that's defending liberty.

Get real, Jim. If they're lobbying for block all unsigned as the default, it's because that's precisely what you've effectively been encouraging them to lobby for. No doubt you'll be finding that your enterprise customers will be demanding that same default for drivers, and swiftly afterwards for apps, RSN.

So what's wrong with signed regimes anyway? Isn't it a good idea to have entirely approved systems where all of the software is guaranteed to work, and not to break things? In principle, nothing, and in principle it'd be great to have a big pile of all the stuff you'd ever need easily and instantly available in a giant store on the Windows Update site. But as we've said before, the problem lies in the nature of the custodian - It's the storekeeper's funny eyes. ®

Related Sm@rts:
XP, just say no, apparently
Allchin show denial
Whistler To Block Unsigned Code

Internet Security Threat Report 2014

More from The Register

next story
Euro Parliament VOTES to BREAK UP GOOGLE. Er, OK then
It CANNA do it, captain.They DON'T have the POWER!
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Post-Microsoft, post-PC programming: The portable REVOLUTION
Code jockeys: count up and grab your fabulous tablets
Twitter App Graph exposes smartphone spyware feature
You don't want everyone to compile app lists from your fondleware? BAD LUCK
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
prev story


Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.