> If your software is used in a piece of medical equipment and causes
someone personal injury
Are you sure uncertified software is allowed to such places?
–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com
>It’s scary that somebody could go to jail if his/her driver BSOD in an surgery room and the patient died.
Yes, and I have major doubts this is a truth.
There should be some certification requirements for such software and special governemental licenses for developing companies (like the gun license for the individual).
Don’t know about software but I remember all electronics components I ordered specifically say “Not
intended for life supporting/sustaining devices” or such.
I saw the same on Solaris OS documentation in around 1993.
–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com
> Creating a business just for acquiring a certificate is out of the question due to the attached
bureaucratic hurdles.
If the one is making a living as independent contractor in software - then I don’t think creating a company is a major bureaucratic issue even here in Russia compared to filing declarations/paying taxes from the personal income.
If the one is an employee - then he could talk to his boss about signing his amateur driver with the employer’s certificate.
–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com
“Maxim S. Shatskih” wrote in message
news:xxxxx@ntdev…
>> games. Why at all an individual may want to poke in the kernel? This is
>> suspicious.
>
> I think the core reason is DRM - DRM breaking kernel-mode software will
> carry a digital signature and make the author prosecutable by DMCA.
And not only DRM (as in entertainment). There are other uses for protected
i/o and UI paths in Windows …
–pa
> And not only DRM (as in entertainment).
Entertainment companies like Disney are the most major supporter of DRM. It is their money.
–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com
> I don’t think creating a company is a major bureaucratic issue
That might change if you are more familiar with laws in some other countries. Take one particular country, name not important. To setup the simplest limited company requires hiring 4 full time employees, paying their wages and social security, monthly paperwork reported to gov, guaranteed surprise on site audits to make sure every employee is there working 8-5 M-F, and a lawyer to handle the bureacratic communications and complex forms. The actual dollar amount per year this comes out to simply sign a driver would astonish anyone. And this is just one example. People in countries like this that wish to simply sign a driver are at a big disadvantage to western countries. Driver signing absolutely limits access and creates an unfair playing field to one extent or another.
I would not say ‘unfair’, but ‘unequal’. With the advent of 64-bit
Microsoft Operating Systems (other than ia64, and any other previously
supported CPUs), it offered them a chance to keep kernel mode code from
being created by the malware folks. The only way to do it that they could
think of was to require cross-signed drivers. It does allow developers to
test their drivers since this requirement is not enforced under certain
circumstances. It does force accountability for the code. Most small
operations would not need to be wary of the lawsuit issue since they could
just go bankrupt and leave nothing for the lawyers to feed upon, though a
large company suing using in-house counsel might proceed just to kill the
target.
If someone has a better idea, maybe they could sell it to Microsoft. I sure
can’t think of a better solution to keep rootkits and other malware out of
the computer. Another reason is to keep DRM protected which seems to be the
thing Microsoft has bought in to.
wrote in message news:xxxxx@ntdev…
>> I don’t think creating a company is a major bureaucratic issue
>
> That might change if you are more familiar with laws in some other
> countries. Take one particular country, name not important. To setup the
> simplest limited company requires hiring 4 full time employees, paying
> their wages and social security, monthly paperwork reported to gov,
> guaranteed surprise on site audits to make sure every employee is there
> working 8-5 M-F, and a lawyer to handle the bureacratic communications and
> complex forms. The actual dollar amount per year this comes out to simply
> sign a driver would astonish anyone. And this is just one example. People
> in countries like this that wish to simply sign a driver are at a big
> disadvantage to western countries. Driver signing absolutely limits access
> and creates an unfair playing field to one extent or another.
>
>
>country, name not important. To setup the simplest limited company requires hiring 4 full time
employees, paying their wages and social security, monthly paperwork reported to gov, guaranteed
surprise on site audits to make sure every employee is there working 8-5 M-F, and a lawyer to handle
the bureacratic communications and complex forms.
Can you name the region where such amazing things do occur?
English-speaking West, other Western countries, Latin America, Asian Pacific, Eastern Europe, ex-USSR, Africa or Muslim world?
–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com
“David Craig” wrote in message news:xxxxx@ntdev…
> it offered them a chance to keep kernel mode code from being created by
> the malware folks.
> […]
>
> I sure can’t think of a better solution to keep rootkits and other malware
> out of the computer.
I don’t see how this stops mallware creators. It’s probably much easier for
a determined mallware creator to register a fake corporation then for me to
register a legit one.
In my country, there is the notion of a “physical person” and “juridic
person”. Normal people are “physical persons” in respect to the law, while
corporations are “juridic persons”. However, it is possible for a
professional to register itself a “juridic person” if he wish to do contract
work without being hired as a full time employee and still be a legal tax
paying citizen. The status of this person is then identical to that of a
corporation in terms of country law, however, the individual does not
possess a business licence etc. Is it possible for this kind of person to
obtain a certificate?
–
Aram Hăvărneanu
>>the individual does not
>possess a business licence etc. Is it possible for this kind of person to obtain a certificate?
I think you must have a VAT number , something like ROxxxx.xxx.xxx
/C
----- Original Message -----
From: “Aram Hăvărneanu”
Newsgroups: ntdev
To: “Windows System Software Devs Interest List”
Sent: Monday, December 14, 2009 10:46 AM
Subject: Re:[ntdev] Personnal VeriSign
“David Craig” wrote in message news:xxxxx@ntdev…
> it offered them a chance to keep kernel mode code from being created by the malware folks.
> […]
>
> I sure can’t think of a better solution to keep rootkits and other malware out of the computer.
I don’t see how this stops mallware creators. It’s probably much easier for
a determined mallware creator to register a fake corporation then for me to
register a legit one.
In my country, there is the notion of a “physical person” and “juridic
person”. Normal people are “physical persons” in respect to the law, while
corporations are “juridic persons”. However, it is possible for a
professional to register itself a “juridic person” if he wish to do contract
work without being hired as a full time employee and still be a legal tax
paying citizen. The status of this person is then identical to that of a
corporation in terms of country law, however, the individual does not
possess a business licence etc. Is it possible for this kind of person to
obtain a certificate?
–
Aram Hăvărneanu
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
On 12/14/2009 10:46 AM, Aram Hăvărneanu wrote:
In my country,[…]it is possible for a professional to register
itself a “juridic person” […]. The status of this person is then
identical to that of a corporation in terms of country law, however,
the individual does not possess a business licence etc. Is it
possible for this kind of person to obtain a certificate?
My advice: Go to a local Registration Authority and ask.
They should be able to give you an authoritative answer.
(Then please come back here and report the result. Thanks!)
Certification Authorities (CAs) like GlobalSign or VeriSign usually
don’t process all certificate applications and do the associated
mandatory checks themselves.
They employ one or more “Registration Authorities” (or “Registrars”, for
short) who handle the process, do the necessary verifications, etc.
One of our reasons to use GlobalSign as a CA is that one of their RAs is
“around the corner”. I.e. they are available for questions, can be met
personally if anything needs to cleared up, etc. This year - when we
needed a new certificate - this already proved to be very helpful.
So ask this “local CA contact” - a local RA very likely knows about
these fine differences and can tell you what’s possible and what not.