Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > Signed drivers are a waste of time

Reply
Thread Tools

Signed drivers are a waste of time

 
 
Lawrence D'Oliveiro
Guest
Posts: n/a
 
      08-11-2007
This latest flaw in a driver for Vista
<http://www.theregister.co.uk/2007/08/10/ati_driver_snafu/> demonstrates
how easy it is to subvert the whole signed driver concept without even
trying. I don't understand why Microsoft even bothered with the idea: all
it does is add to development and certification costs, and complicate the
process of issuing updates, without really increasing security at all.
Those who believe it makes their system more secure are just setting
themselves up for a fall.
 
Reply With Quote
 
 
 
 
Lawrence D'Oliveiro
Guest
Posts: n/a
 
      08-11-2007
In message <f9jmo4$k0o$(E-Mail Removed)>, I wrote:

> This latest flaw in a driver for Vista
> <http://www.theregister.co.uk/2007/08/10/ati_driver_snafu/> demonstrates
> how easy it is to subvert the whole signed driver concept without even
> trying.


More info here <http://blogs.zdnet.com/security/?p=438>: Microsoft can't
revoke the certificate of the buggy driver the way they did with Atsiv,
because that would bugger up half the Vista laptops out there.
 
Reply With Quote
 
 
 
 
Fred Dagg
Guest
Posts: n/a
 
      08-11-2007
On Sat, 11 Aug 2007 19:01:40 +1200, Lawrence D'Oliveiro
<(E-Mail Removed)_zealand> exclaimed:

>This latest flaw in a driver for Vista
><http://www.theregister.co.uk/2007/08/10/ati_driver_snafu/> demonstrates
>how easy it is to subvert the whole signed driver concept without even
>trying. I don't understand why Microsoft even bothered with the idea: all
>it does is add to development and certification costs, and complicate the
>process of issuing updates, without really increasing security at all.
>Those who believe it makes their system more secure are just setting
>themselves up for a fall.


*Yawn*

You really are quite pathetic, Lawrence.
 
Reply With Quote
 
Jonathan Walker
Guest
Posts: n/a
 
      08-11-2007
On Sat, 11 Aug 2007 19:01:40 +1200, Lawrence D'Oliveiro wrote:

> This latest flaw in a driver for Vista
> <http://www.theregister.co.uk/2007/08/10/ati_driver_snafu/> demonstrates
> how easy it is to subvert the whole signed driver concept without even
> trying. I don't understand why Microsoft even bothered with the idea: all
> it does is add to development and certification costs, and complicate the
> process of issuing updates, without really increasing security at all.
> Those who believe it makes their system more secure are just setting
> themselves up for a fall.


What it does is enable Micro$oft to control who can have signed drivers,
and thus who can execute code in Kernel-space.

What M$ should be doing is implementing userland drivers, rather than
closed source third-party proprietary kernel-space drivers.

That way M$ will be able to know exactly what code (only its own) is
running in kernel space, and also, that way people will know that no code
that was not examined and tested and approved by Micro$oft's own
developers is in kernel space.

And therefore, Micro$oft alone will be responsible for the security of the
kernel, and for the security of the system's inter-process communication,
and what processes access what devices at any given time.


--
Jonathan Walker

"The IT industry landscape is littered with the dead
dreams of people who once trusted Microsoft."
 
Reply With Quote
 
Cima
Guest
Posts: n/a
 
      08-11-2007
On 12 Aug 2007 08:30:50 +1200, Jonathan Walker <(E-Mail Removed)> wrote:

>On Sat, 11 Aug 2007 19:01:40 +1200, Lawrence D'Oliveiro wrote:
>
>> This latest flaw in a driver for Vista
>> <http://www.theregister.co.uk/2007/08/10/ati_driver_snafu/> demonstrates
>> how easy it is to subvert the whole signed driver concept without even
>> trying. I don't understand why Microsoft even bothered with the idea: all
>> it does is add to development and certification costs, and complicate the
>> process of issuing updates, without really increasing security at all.
>> Those who believe it makes their system more secure are just setting
>> themselves up for a fall.

>
>What it does is enable Micro$oft to control who can have signed drivers,
>and thus who can execute code in Kernel-space.


More importantly, why does he care? He don't use it, so why give a ****.


 
Reply With Quote
 
Jonathan Walker
Guest
Posts: n/a
 
      08-11-2007
On Sun, 12 Aug 2007 11:18:43 +1200, Cima wrote:

>>> This latest flaw in a driver for Vista
>>> <http://www.theregister.co.uk/2007/08/10/ati_driver_snafu/>
>>> demonstrates how easy it is to subvert the whole signed driver concept
>>> without even trying. I don't understand why Microsoft even bothered
>>> with the idea: all it does is add to development and certification
>>> costs, and complicate the process of issuing updates, without really
>>> increasing security at all. Those who believe it makes their system
>>> more secure are just setting themselves up for a fall.

>>
>>What it does is enable Micro$oft to control who can have signed drivers,
>>and thus who can execute code in Kernel-space.

>
> More importantly, why does he care? He don't use it, so why give a ****.


Indeed - why care about why email servers get swamped with so many
viruses taking up so much bandwidth causing so much caos and frustration,
and downtime!


--
Jonathan Walker

"The IT industry landscape is littered with the dead
dreams of people who once trusted Microsoft."
 
Reply With Quote
 
thingy
Guest
Posts: n/a
 
      08-12-2007
Lawrence D'Oliveiro wrote:
> This latest flaw in a driver for Vista
> <http://www.theregister.co.uk/2007/08/10/ati_driver_snafu/> demonstrates
> how easy it is to subvert the whole signed driver concept without even
> trying. I don't understand why Microsoft even bothered with the idea: all
> it does is add to development and certification costs, and complicate the
> process of issuing updates, without really increasing security at all.
> Those who believe it makes their system more secure are just setting
> themselves up for a fall.


More $ for MS....pure and simple...

regards

Thing
 
Reply With Quote
 
Will Spencer
Guest
Posts: n/a
 
      08-13-2007
On Sun, 12 Aug 2007 11:18:43 +1200, Cima wrote:

> On 12 Aug 2007 08:30:50 +1200, Jonathan Walker <(E-Mail Removed)> wrote:
>
>>On Sat, 11 Aug 2007 19:01:40 +1200, Lawrence D'Oliveiro wrote:
>>
>>> This latest flaw in a driver for Vista
>>> <http://www.theregister.co.uk/2007/08/10/ati_driver_snafu/> demonstrates
>>> how easy it is to subvert the whole signed driver concept without even
>>> trying. I don't understand why Microsoft even bothered with the idea: all
>>> it does is add to development and certification costs, and complicate the
>>> process of issuing updates, without really increasing security at all.
>>> Those who believe it makes their system more secure are just setting
>>> themselves up for a fall.

>>
>>What it does is enable Micro$oft to control who can have signed drivers,
>>and thus who can execute code in Kernel-space.

>
> More importantly, why does he care? He don't use it, so why give a ****.


Negative campaigns never work. I used to be interested in Linux but decided
I didn't want to be involved in an operating systems backed by Commies and
raving lunatics like Lawrence and co. It was a turn off.

-ws
 
Reply With Quote
 
Miguel
Guest
Posts: n/a
 
      08-13-2007
On Tue, 14 Aug 2007 10:17:14 +1200, Will Spencer wrote:

> I used to be interested in Linux but
> decided I didn't want to be involved in an operating systems backed by
> Commies and raving lunatics like Lawrence and co. It was a turn off.
>
> -ws


Just a suggestion but you really shouldn't make decisions based on how
other people act or what other people say. Test drive the operating
system yourself and then make your own decision as to its suitability. If
it's not for you then fine.

FWIW, this suggestion can also be used in conjunction with purchasing
most major household appliances, new cars and potential spouses.

Miguel
 
Reply With Quote
 
Lawrence D'Oliveiro
Guest
Posts: n/a
 
      08-14-2007
In message <1ija8km5j25ys.1pzakfwscfzia$(E-Mail Removed)>, Will Spencer
wrote:

> On Sun, 12 Aug 2007 11:18:43 +1200, Cima wrote:
>
>> On 12 Aug 2007 08:30:50 +1200, Jonathan Walker <(E-Mail Removed)>
>> wrote:
>>
>>>On Sat, 11 Aug 2007 19:01:40 +1200, Lawrence D'Oliveiro wrote:
>>>
>>>> This latest flaw in a driver for Vista
>>>> <http://www.theregister.co.uk/2007/08/10/ati_driver_snafu/>
>>>> demonstrates how easy it is to subvert the whole signed driver concept
>>>> without even trying. I don't understand why Microsoft even bothered
>>>> with the idea: all it does is add to development and certification
>>>> costs, and complicate the process of issuing updates, without really
>>>> increasing security at all. Those who believe it makes their system
>>>> more secure are just setting themselves up for a fall.
>>>
>>>What it does is enable Micro$oft to control who can have signed drivers,
>>>and thus who can execute code in Kernel-space.

>>
>> More importantly, why does he care? He don't use it, so why give a ****.

>
> Negative campaigns never work. I used to be interested in Linux but
> decided I didn't want to be involved in an operating systems backed by
> Commies and raving lunatics like Lawrence and co. It was a turn off.


Odd, isn't it? I didn't make a single mention of Linux in my posting, yet
people like you once again show the chip you have on your shoulder about
this.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Convert a signed binary number into a signed one ? Rob1bureau VHDL 1 02-27-2010 12:13 AM
signed(12 downto 0) to signed (8 downto 0) kyrpa83 VHDL 1 10-17-2007 06:58 PM
VOIP seems a waste of time Ad C UK VOIP 232 08-13-2005 04:10 PM
Generics is a waste of time Sharp Java 21 05-18-2005 03:17 PM
OT: And I thought I knew how to waste time Neil MCSE 10 07-27-2004 02:44 AM



Advertisments