Unsigned Drivers Are Not A Security Hole
Okay, lets get this clear, driver signing has nothing to do with security. It might help stability, but security – nope, totally unrelated. So when you see Windows developers posting under the title When people ask for security holes as features: Silent install of uncertified drivers, and then talk exclusively about system stability without mentioning security once you really have to wonder.
The security of the system has been breached long before the unsigned driver warning pops up – security is breached the minute the installer starts to run or possibly even by the time the installer downloads.
Now if someone would kindly explain to me why Windows 2003 Server refuses to load the drivers for our backup tape drive because they're unsigned (ie: doesn't provide a yes/no option dialog, just a notice to say it refused to load them) and how I might force it to play nice I'd appreciate it. The whole signing system certainly hasn't improved my user experience with Windows – it's been nothing but a pain in the neck.
August 17th, 2005 at 11:06 pm
(Arrived through Planet LCA.)
I believe that a defence of Chen’s nomenclature can be constructed, but I agree with you that it probably isn’t a major security bug (and this hasn’t really been raised on his blog).
Windows 2003 Server refuses to provide an easy way out because it’s a -server- operating system. It’s supposed to be -stable-. “Sure guys, just go ahead and install any old kernel-mode stuff you want to.”
I guess the WHQL stuff is a bit like the taint warnings on Linux kernels – a ‘You have been warned’ step.
As to fixing it, I assume you’ve checked System Properties (Hardware -> Driver Signing) for this sort of thing. If that doesn’t work, devcon (from Microsoft) might be worth a shot – issuing a devcon update command generally overrides all sanity checks.