What are the consequences of disableing driver signature enforcement in Vista 64?

Discussion in 'other security issues & news' started by Close_Hauled, Jun 27, 2007.

Thread Status:
Not open for further replies.
  1. Close_Hauled

    Close_Hauled Registered Member

    Joined:
    Apr 24, 2004
    Posts:
    1,015
    Location:
    California
    Hi,

    I just disabled driver signature enforcement on my Vista 64 PC. I have been building systems for over 20 years, so I have some understanding, but not full, of consequences of what I have done. Therefore I thought that I would bring it up as a topic of discussion.

    I did it so that I could get a Nostromo N52 to work with Vista 64. Belkin has a 64 bit driver for the Nostromo, but it does not Vista 64. Its digital signature requirement blocks the use.

    So far, the Nostromo is working great. The Loadout Manager now works. Games are running great.

    If I know this forum, your thoughts and input should be interesting.
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,

    You did well. More than well.

    Digital signatures signed by MS means - vendors paid money to get the logo so they can sell its products under the umbrella of 'look we're cool, Vista endorses us'. In reality, many times, they are forced to make modifications to make their products work with MS.

    It makes no difference, because:
    1. Any MS product is unstable by design, so why bother.
    2. The manufacturers know what they're doing even if MS do not.

    Mrk
     
  3. Close_Hauled

    Close_Hauled Registered Member

    Joined:
    Apr 24, 2004
    Posts:
    1,015
    Location:
    California
    Thanks for the reply Mrk, but I was more interested in the security aspects. Such as the technical details on how this can make your system more vulnerable to attacks from spyware and viruses.

    Personally I like the idea of the digital signature requirement for the average user. People get viruses and spyware on their systems because they do not understand a lot of the does and don'ts when they are out there on the web. It's the risky be behavior that gets your system infected.

    A lot of people will read that I disabled the signature verification. But notice that I did not publish how I did it. That is because I think that it would be irresponsible to do so. The more responsible forum members can PM me if they need to know how to do it.

    I was hoping to get into more of a technical discussion on the specifics of how this can be dangerous so that others would understand the risks. I personally understand the risks, but do not know the specifics, so I cannot properly convey the principles.

    I really don't want to get into a Windows vs Linux debate because frankly I do not care. I have used more operating systems than any one I know, and I grow very tired of these arguments. They are all very good OSs in their proper venue. Ask me what my favorite OS is and I will tell you VAX/VMS.
     
  4. coolbluewater

    coolbluewater Registered Member

    Joined:
    Feb 10, 2007
    Posts:
    268
    Location:
    next door to Redmond
    For the "average" user, digital signing makes sense.... for now. If and when Vista eats more market share, a large number of users at some point will want to circumvent DRM/digital signing and gain unrestricted access to their hardware or media content and either consciously or inadvertently throw caution to the wind to do it.
    The option you described to disable driver signature enforcement is no big secret; rootkits, in-memory-only bootkits, scripting attacks, social engineering ruses, etc. as well as their delivery methods, will always stay a step ahead of M$, browsers and AV/AS vendors with enough time to do their damage. Unfortunately, it's a defensive game being on the Net.
    What it all boils down to is you're just interested in making your computer's OS usable to you. Other Vista users will, too, if they don't get too frustrated and turn to hacks, Linux or another OS when they are not satisfied.
     
Loading...
Thread Status:
Not open for further replies.