Requiring WHQL signed drivers: Good or evil?
Recently Microsoft announced the requirement for Kernel mode drivers to be signed, this is diffrerent than WHQL signing, all this does is tie a driver to a publisher. It provides no testimony to the quality of the driver, in fact, it is stated in the
announcement
:
-
Important: The process of obtaining a PIC is separate from the Windows Logo Program submission process. The PIC signing capability does not replace the WHQL program. Microsoft encourages publishers to use the WHQL programs such as the Logo and Driver Reliability Signing programs, whenever possible. The primary purpose of the PIC program is to introduce identity into the kernel-mode and driver ecosystem, in cases where participation in the WHQL program might not be suitable. The PIC signing capability does not require the publisher to pass certain Windows Logo Program testing requirements associated with WHQL.
I personally believe that all drivers should need to be WHQL signed. This is a topic I've been interested in for quite awhile and I think that WHQL signed driver requirements are a good thing. Hopefully I can convince you of that as well. There were discussions to make this required in Windows XP but due to several issues (lack of signed drivers, large legacy driver base) it was decided against for Windows XP(The setting is still available, buried deep in a policy setting gpedit.msc->Local Computer Policy->Computer Configuration->Windows Settings->Security Settings ->Local Policies->Security Options -> Devices:Unsigned driver installation behavior). In the 5 years since Windows XP shipped, the world has changed, Windows XP has become the dominant operating system, The unfortunate rise of spyware, the new focus on security and a new hardware platform expected to be the dominant within a few years.
| Reason/OS | Windows XP | Vista 32bit | Vista 64bit |
| Legacy base of unsigned drivers | Yes | Yes | No |
| Compatibility with unsigned 32 bit kernel drivers | Yes | Yes | No |
| New User Mode Driver Framework | No? | Yes | Yes |
Now that backwards compatibility isn't an issue, what are the benefits of having a requirement for WHQL signed drivers?
- Predictably driver quality
- Have you ever had a driver that just wasn't quite right? That claimed "Compatibility" but didn't work with say, fast user switching, or crashes when you put it on a hyperthreaded, dual core, or dual processor system? Hopefully this will catch these problems
- Spyware deterrence
- Hopefully, no rootkits will be signed;)
As with all good debates there are always two sides to each argument, so what are the drawbacks?
- Can't force drivers to install on compatible hardware
- Unfortunately, this is something I have to do on my 64 bit laptop for both my video and bluetooth drivers
- Community drivers are not normally signed
- Not that there are too many open source drivers for Windows, but there are a few that support such things as old video cards and capture drivers
- DRM
- I'm not a big fan of DRM, but I'm also not a content producer, this will, by controlling what runs in the kernel will enable DRM
So, given both sides of the argument I'm still in favor of the requirement for drivers to be WHQL signed. Hopefully, It will reduce the amount of crappy drivers and prevent the spread of spyware and
Rookits What's your opinion?
