Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results
Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.More Info on Driver Writing and Debugging
The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.
Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/
Question using trust Driver signing
Gova_Gimer
Member - All Emails Posts: 65
Hello,
I have some questions :
Someone legally signs their kernel driver with a legally purchased certificate and signs it with Microsoft portal service for windows 10.11 compatibility,
He is amateur (confirmed) on windows kernel driver development.
What happens if its driver deployed contains bugs making the Windows system unstable?
What happens if the use of its driver causes BSODs?
What happens if a some users complains ?
What happens if the developer is not able to correct system instability and BSOD bugs caused by his driver (the developer's)?
INFO: Developing a driver becomes more and more complicated when a new windows is deployed.
Thanks.
Howdy, Stranger!
| Upcoming OSR Seminars | ||
|---|---|---|
| OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead! | ||
| Kernel Debugging | 16-20 October 2023 | Live, Online |
| Developing Minifilters | 13-17 November 2023 | Live, Online |
| Internals & Software Drivers | 4-8 Dec 2023 | Live, Online |
| Writing WDF Drivers | 10-14 July 2023 | Live, Online |
Comments
This is a legal question and generally none of us, especially me, are qualified to answer the question. However, the general practice is to include a license with your software that basically states that you or your corporation are not liable for damages resulting from defects in your software. This is the case for all software, all of which can have defects that can result in harm to the user.
The purpose of the digital signature is not to ensure quality. The purpose is to ensure that there is a rock-solid path toward establishing your identity for liability purposes. If you distribute an unsigned driver that causes BSODs and instability, you could always say "well, I don't know where they got that, I didn't produce it." But if the package had your digital signature, then it has to be you. Those who were damaged can use the certificate chain to locate you and sue you.
Tim Roberts, [email protected]
Providenza & Boekelheide, Inc.
Rock solid or not, a chain of identity does not indicate in any way what they can sue you for. Everything varies by jurisdiction, but generally software, especially free software, is provided as is without any warrantee or guarantee of fitness for a purpose.
Certainly being sued - even when you have no culpability or liability still sucks