The truth about Redmond's WinXP signed driver plans

You should only accept signed and quality-controlled articles on the subject...

Has Jim Allchin, Microsoft's Mr XP, finally lost it? Why is he writing letters to ZD denying things Microsoft hasn't been accused of? Doh...

The Register was indeed initially baffled by Jimbo's trenchant defence of XP's implementation of a signed driver regime, as described yesterday by the Smart Partner segment of The Mighty Z. He disputed "findings from beta testers and analysts that under Windows XP all applications and drivers need to be 'signed' or need to be re-registered online before they can run."

Oh really? One can just about grasp how the odd analyst might be deluded enough to believe this twaddle, but as WinXP beta testers will in the main be actually running WinXP, they'd have to be terminally asleep at the switch not to have noticed that this is, er, entirely untrue. But where were these allegations made in the first place? Aha, yes, Smart Partner, May 8th, in a piece encouraging people to refuse to upgrade to XP.

"Then there’s the requirement that all software be signed with a Microsoft-approved bit of code. MS has said that will be the case with device drivers, but it’s unclear whether XP apps will need to be signed, too. A Microsoft source tells me they will be."

You can see why Allchin might get a little bit worked up about this, first because it's entirely untrue on both counts, and second because it spreads precisely the kind of disinformation Microsoft really does not want doing the rounds in the run-up to XP's launch. The reality is that although Microsoft intends to actively encourage the use of signed drivers, and would like to apply a similar system to apps, the position is considerably more complex.

Windows XP does indeed have its defaults set to warn you about installing unsigned drivers, and it does indeed have the facility to be set to refuse to install these drivers. But while Microsoft wishes to encourage people to stick to signed ones, there is no "requirement that all software be signed with a Microsoft-approved bit of code." There's nothing to stop you running installing and running unsigned drivers, and in many cases - at least at the moment - they'll run better than the preferred Microsoft defaults.

The fact that a driver is signed does not per se mean that it is necessarily good, or even works at all. It probably does mean that it's highly unlikely to break your XP installation, which is a start.

The warnings you get seem to be on a graduated scale, but as yet The Register hasn't felt impelled to try to figure out what the rules are. We have however got the impression that matters connected with modems and USB seem to prompt particularly shrill ones, as well they might.

Naturally, as we've said here before, many users are going to be a bit worried by such warnings, which will mean hardware vendors will get griped at about getting their drivers 'up to snuff,' and Microsoft will have a 'told you so, contact your hardware vendor' get-out in cases where XP does break after unsigned drivers are installed. As we've also said here before, this will pressure hardware vendors to support Microsoft's signed driver regime, and will ultimately place even more power in Microsoft's hands. But it's not compulsory, and Redmond probably doesn't think there's any need for it to be.

As for apps, it's definitely not "unclear whether XP apps will need to be signed." Reference to a November piece in, er, Smart Partner (itself a follow-up to a slightly earlier piece in El Reg, reveals that XP will include the option to block all unsigned code. And in a presentation in Seattle earlier this year The Register distinctly heard senior Microsoft reps say that while they were extremely keen on digital signatures for apps, they realised it would be a highly sensitive area, so they were going ot be real careful.

As yet, Microsoft has not set a default to warn against installing unsigned apps, but even it it goes that far - which it quite probably won't, given the howls it would generate from ISVs - it would be politically impossible to set the default to block, at least in this rev of Windows. The pressures that will drive ISVs towards a signed regime are however the same as they are for signed drivers, and no doubt somewhere within Fort Redmond there are people mulling over possible opportunities for 'deflectors on full' editions.

Super-safe, super-crashproof corporate editions? The corps will like signed regimes anyway, because they stop users installing crud. Unbreakable, idiot-proof appliance editions for the home? Could happen - but Redmond's planners are too sophisticated (no, really...) to just slam down the shutters now, in one go.

Allchin's letter does however say something interesting that should be made more of. He correctly states that the default is set to warn, and that "we have been encouraged by computer manufacturers to change the default to block, but we are staying with warn. The warning message you get is scary if you are trying to load an unsigned driver and rightly so, in my view."

Undoubtedly, we are being somewhat economical with l'actualite here. What we presume is really happening is that Microsoft has been busily doing the rounds of the hardware manufacturers, extolling the virtues of signed driver regimes. As such regimes - operating correctly - will involve hardware manufacturers working closely with Microsoft to make sure their drivers work, and that Microsoft says they work, there would seem to be considerable upsides for PC manufacturers here.

They hate getting huge numbers of tech support calls, it costs them when Microsoft accidentally breaks things and then they've got to figure out why and placate their customers - on a level playing field, signed drivers could be a good thing for them. But it's not exactly the case that it's the evil hardware manufacturers who want to lock everything down, and plucky Microsoft that's defending liberty.

Get real, Jim. If they're lobbying for block all unsigned as the default, it's because that's precisely what you've effectively been encouraging them to lobby for. No doubt you'll be finding that your enterprise customers will be demanding that same default for drivers, and swiftly afterwards for apps, RSN.

So what's wrong with signed regimes anyway? Isn't it a good idea to have entirely approved systems where all of the software is guaranteed to work, and not to break things? In principle, nothing, and in principle it'd be great to have a big pile of all the stuff you'd ever need easily and instantly available in a giant store on the Windows Update site. But as we've said before, the problem lies in the nature of the custodian - It's the storekeeper's funny eyes. ®

Related Sm@rts:
XP, just say no, apparently
Allchin show denial
Whistler To Block Unsigned Code

Other stories you might like

  • Verizon: Ransomware sees biggest jump in five years
    We're only here for DBIRs

    The cybersecurity landscape continues to expand and evolve rapidly, fueled in large part by the cat-and-mouse game between miscreants trying to get into corporate IT environments and those hired by enterprises and security vendors to keep them out.

    Despite all that, Verizon's annual security breach report is again showing that there are constants in the field, including that ransomware continues to be a fast-growing threat and that the "human element" still plays a central role in most security breaches, whether it's through social engineering, bad decisions, or similar.

    According to the US carrier's 2022 Data Breach Investigations Report (DBIR) released this week [PDF], ransomware accounted for 25 percent of the observed security incidents that occurred between November 1, 2020, and October 31, 2021, and was present in 70 percent of all malware infections. Ransomware outbreaks increased 13 percent year-over-year, a larger increase than the previous five years combined.

    Continue reading
  • Slack-for-engineers Mattermost on open source and data sovereignty
    Control and access are becoming a hot button for orgs

    Interview "It's our data, it's our intellectual property. Being able to migrate it out those systems is near impossible... It was a real frustration for us."

    These were the words of communication and collaboration platform Mattermost's founder and CTO, Corey Hulen, speaking to The Register about open source, sovereignty and audio bridges.

    "Some of the history of Mattermost is exactly that problem," says Hulen of the issue of closed source software. "We were using proprietary tools – we were not a collaboration platform before, we were a games company before – [and] we were extremely frustrated because we couldn't get our intellectual property out of those systems..."

    Continue reading
  • UK government having hard time complying with its own IR35 tax rules
    This shouldn't come as much of a surprise if you've been reading the headlines at all

    Government departments are guilty of high levels of non-compliance with the UK's off-payroll tax regime, according to a report by MPs.

    Difficulties meeting the IR35 rules, which apply to many IT contractors, in central government reflect poor implementation by Her Majesty's Revenue & Customs (HMRC) and other government bodies, the Public Accounts Committee (PAC) said.

    "Central government is spending hundreds of millions of pounds to cover tax owed for individuals wrongly assessed as self-employed. Government departments and agencies owed, or expected to owe, HMRC £263 million in 2020–21 due to incorrect administration of the rules," the report said.

    Continue reading

Biting the hand that feeds IT © 1998–2022