and
STOP stop stop stop stop. Be clueful or be quiet.
First: MSFT doesn’t derive any revenue from driver signing. In fact, it’s a COST for them. Maybe it does generate revenue for the Verisigns of the world. But I rather doubt MSFT cares.
Next: Know that few people here are trying to DEFEND the overall practice of *requiring* drivers to be signed to run on 64-bit Vista. I sure as hell am not defending it.
IF you’ve been following this whole Vista-64 driver signing requirement from the beginning, you’all already know that I’m not a big fan of the program. The community worked hard, and I personally worked VERY hard, to get the program modified so it had terms (like test signing, in fact) that we can live with.
Finally: THE most secure systems use non-network connected, quarantined, machines that only have software installed from CD that is obtained directly from the vendor. The images on these CDs are checksummed and the checksums are provided via a separate channel, so they can be independently validated become access. I know companies that do this.
So, like, the people who run these systems are stupid? They should just download thier software from a “reputable source” and save themselves a lot of time, effort, and annoyance??
Lacking the level of physical security I just described, insuring a driver package is signed – let’s ignore Vista-64’s requirement, let’s just talk about authenticode signing (which works down-level and not just on Vista, you DO realize this, right?) – is an excellent way to ensure the package is genuine and not modified.
Saying that’s not necessary or helpful, because you can download your drivers from a “reliable site” just demonstrates that you aren’t thinking through the problem before typing. Maybe nothing on YOUR computer is more valuable than a few naked pictures of your girlfriend, a collection of MP3s, and your Pr0n library… But some people use their computers for, like, real stuff. Do you realize that billions of dollars, fragile equipment, and even people’s lives can depend on proper software integrity?
Nah, screw that. Just download from a “reputable” source. Right…
I’m out of this discussion,
Peter
OSR