X64 Windows Vista to require signed drivers

> And you are missing the other problem. Part of the reason to have the ID is

to log on to WinQual and find out that your driver is crashing. Microsoft
reports this for all drivers whether signed or not. One wonders how many
crashes would be cleaned up, if the small companies and third party
developers had access to the data on their drivers.

There you have a point. But apart from this , could there be problem when the
developer provides a unsigned driver as “built for the company” and when
the company receives the driver , he has to care about : obtaining a certificate ,
a PIC and signing the driver himself. The developer could support this
signing procedure ( without receiving the certificate from the company ) if
that procedure itself would be too obscure or difficult to follow. After all ,
I don’t see a reason why the developer himself should be able to provide
the signed “build for the company” driver to the world with his “own” signature.
This would be even illegal in point of view of the company that obtained/distributes
the driver. I also think about the fact that a company wishes to sign the software
he spreads with his own signature , not the signature of the developer …

I think this would at least save the $500 costs for the developer and the time to
spend the time on obtaining the PIC , signing , etc… . After all , the developer
is not to blame about this new driver signing method …

Christiaan

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply

“Bruno van Dooren” wrote in message
> news:xxxxx@ntdev…
> > this will only shift the problem. nobody is going to provide 3d party
> > signing out of the kindness of their hearts. so instead of paying per
> > year, you’ll pay someone else per signature.
> >
> > and then it might not even be legal to do this. it could be against the
> > eula that you no doubt have to agree to before getting the PIC.
> >
> > kind regards,
> > Bruno.
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@compaqnet.be
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>

There is another aspect of this, and Vista security in general.

In my experiance too much security can close the door to using Windows for a
farily large number of specialized applications.

Small specialized industries are an example. Here the requirement may be for
one site to have specialized one-of drivers that control, for example, a
wharehouse full of sewing machines. A single developer could easily develop
and maintain drivers and other components for this environment. There is
absolutely no interest in this case for a wider distribution of drivers in
this closed system. No interest in Microsoft “approval”, etc.

However, if the OS frustrates the developer when installing what is needed
on Windows platforms he (or she) may choose to move to another platform
instead of fighting the security/signing hurdles.

The Vista driver signing requirements certainly won’t encourage use of
Windows in a number of innovative areas.

Thomas F. Divine, Windows DDK MVP

> There is another aspect of this, and Vista security in general.

In my experiance too much security can close the door to using Windows for a
farily large number of specialized applications.

Small specialized industries are an example. Here the requirement may be for
one site to have specialized one-of drivers that control, for example, a
wharehouse full of sewing machines. A single developer could easily develop
and maintain drivers and other components for this environment. There is
absolutely no interest in this case for a wider distribution of drivers in
this closed system. No interest in Microsoft “approval”, etc.

However, if the OS frustrates the developer when installing what is needed
on Windows platforms he (or she) may choose to move to another platform
instead of fighting the security/signing hurdles.

The Vista driver signing requirements certainly won’t encourage use of
Windows in a number of innovative areas.

Thomas F. Divine, Windows DDK MVP

Probably , but people may be inventif on this. Assume there exists a company named
“Driver Sign International Inc.” that signs your driver package for a small fee of $10 and
promptly delivers you the result back within 24 hours.

If legal and , it would prove how ridiculous the driver signing strategy is after all .

C.

P.S. I have no patent on the idea

---

Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@compaqnet.be
To unsubscribe send a blank email to xxxxx@lists.osr.com

Do you remember the discussion on the Summit, Mark?

They promised to allow the admin to install the company’s cert manually to
the machine (like the IE’s option of "Always trust the software from La-La-La
Corporation) and thus make the non-WHQLed driver loadable.

But you see - anyway the company’s cert is needed.

It is very interesting how will they deal with the cert revocation lists in
NTLDR

Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com

----- Original Message -----
From: “Mark Roddy”
To: “Windows System Software Devs Interest List”
Sent: Sunday, January 22, 2006 7:52 PM
Subject: RE: [ntdev] X64 Windows Vista to require signed drivers

> I assume that for testing purposes you can still install test root
> certificates on your test systems and sign your drivers with your own test
> signatures. I could be wrong of course, but I would be surprised if that
> were not the case.
>
> =====================
> Mark Roddy DDK MVP
> Windows 2003/XP/2000 Consulting
> Hollis Technology Solutions 603-321-1032
> www.hollistech.com
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn
> > Sent: Saturday, January 21, 2006 1:23 PM
> > To: Windows System Software Devs Interest List
> > Subject: Re:[ntdev] X64 Windows Vista to require signed drivers
> >
> > Another thing I really love about the new policy is the ways
> > to override it as a developer:
> >
> > . Attaching a kernel debugger. Attaching an active
> > kernel debugger
> > to the target computer disables the enforcement module in
> > Windows Vista and allows the driver to load.
> >
> > . Using the F8 option. An F8 boot option introduced
> > with Windows
> > Vista-“Disable Driver Signature Enforcement”-is available to
> > disable the kernel-signing enforcement only for the current
> > boot session. This setting does not persist across boot sessions.
> >
> > Well using the debugger can impact (admittly slightly) the
> > way a driver runs, so I never consider it a valid final test
> > to have the debugger on the syste,.
> >
> > Of course having to remember that I must choose an F8 boot
> > option, and be by machine everytime it reboots to manually do
> > this is going to be lots of fun.
> > I wonder how this will work for testing an unsigned driver
> > needed to boot windows? I also wonder how it will work with
> > the WDK image provisioning and testing an unsigned driver,
> > gee does that mean in the middle of the automated process, I
> > need a program to wake me up at 2AM to choose the F8 option?
> >
> >
> > –
> > Don Burn (MVP, Windows DDK)
> > Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove
> > StopSpam from the email to reply
> >
> >
> >
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as: xxxxx@hollistech.com
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
> >
>
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com

Read the samples and the MSDN documentation, including the concepts
chapters. Read the book on general NT architecture like Solomon/Russinovich, if
you did not this before Read the Walter Oney’s book - it is very good, as an
advanced version of MSDN’s documentation.

Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com

----- Original Message -----
From: “Bruno van Dooren”
Newsgroups: ntdev
To: “Windows System Software Devs Interest List”
Sent: Sunday, January 22, 2006 10:39 PM
Subject: Re:[ntdev] X64 Windows Vista to require signed drivers

> maybe I can add another point to this discussion that hasn’t yet been
> voiced.
>
> I am a software engineer fo a small consulting company. Device drivers are
> not our business. In fact, it is just something that i started to learn
> because I think it is interesting.
>
> any device driver that i write will likely be just for personal use, like a
> small USB or PCI IO interface to do some simple things for a demo or
> whatever.
> It would be perfectly normal for me to want a driver or kernel service to be
> loaded on my system for whatever reason.
>
> maybe this does not seem important to professional developers, but for
> people like me it can become really problematic. why shouldn’t i be able to
> do this in a normal way?
>
> and even if it was just a one time cost i could understand (like a vendor
> ID), but now you have to keep paying each year. for some of us, this is
> difficult to justify with our bosses. (not to mention having to explain why
> we need to do business with verisign)
>
> kind regards,
> Bruno.
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com

Actually I don’t remember if they said that test certificates would still
work or not, which is why I floated my comment out there, hoping somebody
would say either ‘yes test certificates will still work’ or ‘no test
certificates won’t work’.

The whole thing ends up being obnoxious. Give me an ipl-time switch to
control what level of driver install security I want. How difficult would
that be?

=====================
Mark Roddy DDK MVP
Windows 2003/XP/2000 Consulting
Hollis Technology Solutions 603-321-1032
www.hollistech.com

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Maxim
S. Shatskih
Sent: Sunday, January 22, 2006 7:45 PM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] X64 Windows Vista to require signed drivers

Do you remember the discussion on the Summit, Mark?

They promised to allow the admin to install the company’s
cert manually to the machine (like the IE’s option of "Always
trust the software from La-La-La
Corporation) and thus make the non-WHQLed driver loadable.

But you see - anyway the company’s cert is needed.

It is very interesting how will they deal with the cert
revocation lists in NTLDR

Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com

----- Original Message -----
From: “Mark Roddy”
> To: “Windows System Software Devs Interest List”
> Sent: Sunday, January 22, 2006 7:52 PM
> Subject: RE: [ntdev] X64 Windows Vista to require signed drivers
>
>
> > I assume that for testing purposes you can still install test root
> > certificates on your test systems and sign your drivers
> with your own test
> > signatures. I could be wrong of course, but I would be
> surprised if that
> > were not the case.
> >
> > =====================
> > Mark Roddy DDK MVP
> > Windows 2003/XP/2000 Consulting
> > Hollis Technology Solutions 603-321-1032
> > www.hollistech.com
> >
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com
> > > [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn
> > > Sent: Saturday, January 21, 2006 1:23 PM
> > > To: Windows System Software Devs Interest List
> > > Subject: Re:[ntdev] X64 Windows Vista to require signed drivers
> > >
> > > Another thing I really love about the new policy is the ways
> > > to override it as a developer:
> > >
> > > . Attaching a kernel debugger. Attaching an active
> > > kernel debugger
> > > to the target computer disables the enforcement module in
> > > Windows Vista and allows the driver to load.
> > >
> > > . Using the F8 option. An F8 boot option introduced
> > > with Windows
> > > Vista-“Disable Driver Signature Enforcement”-is available to
> > > disable the kernel-signing enforcement only for the current
> > > boot session. This setting does not persist across boot sessions.
> > >
> > > Well using the debugger can impact (admittly slightly) the
> > > way a driver runs, so I never consider it a valid final test
> > > to have the debugger on the syste,.
> > >
> > > Of course having to remember that I must choose an F8 boot
> > > option, and be by machine everytime it reboots to manually do
> > > this is going to be lots of fun.
> > > I wonder how this will work for testing an unsigned driver
> > > needed to boot windows? I also wonder how it will work with
> > > the WDK image provisioning and testing an unsigned driver,
> > > gee does that mean in the middle of the automated process, I
> > > need a program to wake me up at 2AM to choose the F8 option?
> > >
> > >
> > > –
> > > Don Burn (MVP, Windows DDK)
> > > Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove
> > > StopSpam from the email to reply
> > >
> > >
> > >
> > >
> > > —
> > > Questions? First check the Kernel Driver FAQ at
> > > http://www.osronline.com/article.cfm?id=256
> > >
> > > You are currently subscribed to ntdev as: xxxxx@hollistech.com
> > > To unsubscribe send a blank email to
> xxxxx@lists.osr.com
> > >
> >
> >
> >
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> > To unsubscribe send a blank email to
> xxxxx@lists.osr.com
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@hollistech.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>

>> How difficult would that be?

I think is raher part of a policy. A policy which suxs big time, and
which takes away the rights from me, the user to install and software
I want on my machines.

Microsoft and it;'s engineers should rather spend their time ficing
very serious OS bugs and security holes then implementing
idiotic stuff. But no, they wont fix the bugs in Windows.
No, god fobid. It would be too complicated

They would rather take away rights from the user and shoot into the little
driver
devloper and consultant. Congrats Microsoft. Way to go.

Dan

----- Original Message -----
From: “Mark Roddy”
To: “Windows System Software Devs Interest List”
Sent: Monday, January 23, 2006 2:57 PM
Subject: RE: [ntdev] X64 Windows Vista to require signed drivers

> Actually I don’t remember if they said that test certificates would still
> work or not, which is why I floated my comment out there, hoping somebody
> would say either ‘yes test certificates will still work’ or ‘no test
> certificates won’t work’.
>
> The whole thing ends up being obnoxious. Give me an ipl-time switch to
> control what level of driver install security I want. How difficult would
> that be?
>
> =====================
> Mark Roddy DDK MVP
> Windows 2003/XP/2000 Consulting
> Hollis Technology Solutions 603-321-1032
> www.hollistech.com
>
>> -----Original Message-----
>> From: xxxxx@lists.osr.com
>> [mailto:xxxxx@lists.osr.com] On Behalf Of Maxim
>> S. Shatskih
>> Sent: Sunday, January 22, 2006 7:45 PM
>> To: Windows System Software Devs Interest List
>> Subject: Re: [ntdev] X64 Windows Vista to require signed drivers
>>
>> Do you remember the discussion on the Summit, Mark?
>>
>> They promised to allow the admin to install the company’s
>> cert manually to the machine (like the IE’s option of "Always
>> trust the software from La-La-La
>> Corporation) and thus make the non-WHQLed driver loadable.
>>
>> But you see - anyway the company’s cert is needed.
>>
>> It is very interesting how will they deal with the cert
>> revocation lists in NTLDR
>>
>> Maxim Shatskih, Windows DDK MVP
>> StorageCraft Corporation
>> xxxxx@storagecraft.com
>> http://www.storagecraft.com
>>
>> ----- Original Message -----
>> From: “Mark Roddy”
>> To: “Windows System Software Devs Interest List”
>> Sent: Sunday, January 22, 2006 7:52 PM
>> Subject: RE: [ntdev] X64 Windows Vista to require signed drivers
>>
>>
>> > I assume that for testing purposes you can still install test root
>> > certificates on your test systems and sign your drivers
>> with your own test
>> > signatures. I could be wrong of course, but I would be
>> surprised if that
>> > were not the case.
>> >
>> > =====================
>> > Mark Roddy DDK MVP
>> > Windows 2003/XP/2000 Consulting
>> > Hollis Technology Solutions 603-321-1032
>> > www.hollistech.com
>> >
>> > > -----Original Message-----
>> > > From: xxxxx@lists.osr.com
>> > > [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn
>> > > Sent: Saturday, January 21, 2006 1:23 PM
>> > > To: Windows System Software Devs Interest List
>> > > Subject: Re:[ntdev] X64 Windows Vista to require signed drivers
>> > >
>> > > Another thing I really love about the new policy is the ways
>> > > to override it as a developer:
>> > >
>> > > . Attaching a kernel debugger. Attaching an active
>> > > kernel debugger
>> > > to the target computer disables the enforcement module in
>> > > Windows Vista and allows the driver to load.
>> > >
>> > > . Using the F8 option. An F8 boot option introduced
>> > > with Windows
>> > > Vista-“Disable Driver Signature Enforcement”-is available to
>> > > disable the kernel-signing enforcement only for the current
>> > > boot session. This setting does not persist across boot sessions.
>> > >
>> > > Well using the debugger can impact (admittly slightly) the
>> > > way a driver runs, so I never consider it a valid final test
>> > > to have the debugger on the syste,.
>> > >
>> > > Of course having to remember that I must choose an F8 boot
>> > > option, and be by machine everytime it reboots to manually do
>> > > this is going to be lots of fun.
>> > > I wonder how this will work for testing an unsigned driver
>> > > needed to boot windows? I also wonder how it will work with
>> > > the WDK image provisioning and testing an unsigned driver,
>> > > gee does that mean in the middle of the automated process, I
>> > > need a program to wake me up at 2AM to choose the F8 option?
>> > >
>> > >
>> > > –
>> > > Don Burn (MVP, Windows DDK)
>> > > Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove
>> > > StopSpam from the email to reply
>> > >
>> > >
>> > >
>> > >
>> > > —
>> > > Questions? First check the Kernel Driver FAQ at
>> > > http://www.osronline.com/article.cfm?id=256
>> > >
>> > > You are currently subscribed to ntdev as: xxxxx@hollistech.com
>> > > To unsubscribe send a blank email to
>> xxxxx@lists.osr.com
>> > >
>> >
>> >
>> >
>> >
>> > —
>> > Questions? First check the Kernel Driver FAQ at
>> http://www.osronline.com/article.cfm?id=256
>> >
>> > You are currently subscribed to ntdev as: xxxxx@storagecraft.com
>> > To unsubscribe send a blank email to
>> xxxxx@lists.osr.com
>>
>>
>>
>> —
>> Questions? First check the Kernel Driver FAQ at
>> http://www.osronline.com/article.cfm?id=256
>>
>> You are currently subscribed to ntdev as: xxxxx@hollistech.com
>> To unsubscribe send a blank email to xxxxx@lists.osr.com
>>
>
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@rdsor.ro
> To unsubscribe send a blank email to xxxxx@lists.osr.com

I am not against the policy. I do think that WinQual has made a serious
mistake for years in not providing a way for an individual to get access to
their bug reporting and signing. Personally, I don’t object to the direct
costs of the ID, though I understand people who do.

If WinQual is supposed to be helping increase the quality of Windows. And
if as has been stated at multiple Microsoft conferences, 3rd party drivers
are the biggest cause of crashes, then why is WinQual not doing every thing
in their power to get the bug data out to the responsible parties.

This new policy seems to be failing to recognize they have done a lousy job
of providing access for years. Their solution seems to be rather than fix
their procedures, we will only allow people who use our procedures to ship
drivers. I have wanted to use their procedures for years, but I don’t want
the headaches of having a corporation or working for one.

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply

“Dan Partelly” wrote in message news:xxxxx@ntdev…
>>> How difficult would that be?
>
> I think is raher part of a policy. A policy which suxs big time, and
> which takes away the rights from me, the user to install and software
> I want on my machines.
>
> Microsoft and it;'s engineers should rather spend their time ficing
> very serious OS bugs and security holes then implementing
> idiotic stuff. But no, they wont fix the bugs in Windows.
> No, god fobid. It would be too complicated
>
> They would rather take away rights from the user and shoot into the little
> driver
> devloper and consultant. Congrats Microsoft. Way to go.
>
> Dan
>

Hi Folks,

Just my 2 cents

Sounds like the opportunity to start a new business!

Can’t someone put together a 3rd party “Verification” company?

This company would take submissions from contractors/etc - run some
‘qual’ tests - and then certify with their verisign.

This could be done a many sliding $ scales to make it effective for
contractors/companies to do. You can just budget it into the project
cost and then no hassles with LLCs,INCs/etc

Maybe my company should offer this service?

Steve Spano
President, Finger Lakes Engineering
(V) 607-277-1614 x223
(F) 800-835-7164
(C) 607-342-1150
xxxxx@flconsult.com
www.fl-eng.com

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn
Sent: Monday, January 23, 2006 8:48 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] X64 Windows Vista to require signed drivers

I am not against the policy. I do think that WinQual has made a serious

mistake for years in not providing a way for an individual to get access
to
their bug reporting and signing. Personally, I don’t object to the
direct
costs of the ID, though I understand people who do.

If WinQual is supposed to be helping increase the quality of Windows.
And
if as has been stated at multiple Microsoft conferences, 3rd party
drivers
are the biggest cause of crashes, then why is WinQual not doing every
thing
in their power to get the bug data out to the responsible parties.

This new policy seems to be failing to recognize they have done a lousy
job
of providing access for years. Their solution seems to be rather than
fix
their procedures, we will only allow people who use our procedures to
ship
drivers. I have wanted to use their procedures for years, but I don’t
want
the headaches of having a corporation or working for one.

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply

“Dan Partelly” wrote in message
news:xxxxx@ntdev…
>>> How difficult would that be?
>
> I think is raher part of a policy. A policy which suxs big time, and
> which takes away the rights from me, the user to install and software
> I want on my machines.
>
> Microsoft and it;'s engineers should rather spend their time ficing
> very serious OS bugs and security holes then implementing
> idiotic stuff. But no, they wont fix the bugs in Windows.
> No, god fobid. It would be too complicated
>
> They would rather take away rights from the user and shoot into the
little
> driver
> devloper and consultant. Congrats Microsoft. Way to go.
>
> Dan
>

—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@flconsult.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Nice idea, of course you need to handle test submissions, monitoring and
returning the WinQual reports on the driver etc. You also have to be
willing to enter into 3 way NDA’s between the consultant, the customer and
your firm.

And finally since a test submission to Microsoft is down to around $200, you
probably can’t charge more than that youself for the total cost of getting
the driver through WHQL and subsequent report monitoring.

I hope you have a really cheap lawyer and clerical staff.

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply

“Steve Spano” wrote in message news:xxxxx@ntdev…
> Hi Folks,
>
> Just my 2 cents
>
> Sounds like the opportunity to start a new business!
>
> Can’t someone put together a 3rd party “Verification” company?
>
> This company would take submissions from contractors/etc - run some
> ‘qual’ tests - and then certify with their verisign.
>
> This could be done a many sliding $ scales to make it effective for
> contractors/companies to do. You can just budget it into the project
> cost and then no hassles with LLCs,INCs/etc
>
> Maybe my company should offer this service?
>
>
>
>
> Steve Spano
> President, Finger Lakes Engineering
> (V) 607-277-1614 x223
> (F) 800-835-7164
> (C) 607-342-1150
> xxxxx@flconsult.com
> www.fl-eng.com
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn
> Sent: Monday, January 23, 2006 8:48 AM
> To: Windows System Software Devs Interest List
> Subject: Re:[ntdev] X64 Windows Vista to require signed drivers
>
> I am not against the policy. I do think that WinQual has made a serious
>
> mistake for years in not providing a way for an individual to get access
> to
> their bug reporting and signing. Personally, I don’t object to the
> direct
> costs of the ID, though I understand people who do.
>
> If WinQual is supposed to be helping increase the quality of Windows.
> And
> if as has been stated at multiple Microsoft conferences, 3rd party
> drivers
> are the biggest cause of crashes, then why is WinQual not doing every
> thing
> in their power to get the bug data out to the responsible parties.
>
> This new policy seems to be failing to recognize they have done a lousy
> job
> of providing access for years. Their solution seems to be rather than
> fix
> their procedures, we will only allow people who use our procedures to
> ship
> drivers. I have wanted to use their procedures for years, but I don’t
> want
> the headaches of having a corporation or working for one.
>
>
> –
> Don Burn (MVP, Windows DDK)
> Windows 2k/XP/2k3 Filesystem and Driver Consulting
> Remove StopSpam from the email to reply
>
>
>
> “Dan Partelly” wrote in message
> news:xxxxx@ntdev…
>>>> How difficult would that be?
>>
>> I think is raher part of a policy. A policy which suxs big time, and
>> which takes away the rights from me, the user to install and software
>> I want on my machines.
>>
>> Microsoft and it;'s engineers should rather spend their time ficing
>> very serious OS bugs and security holes then implementing
>> idiotic stuff. But no, they wont fix the bugs in Windows.
>> No, god fobid. It would be too complicated
>>
>> They would rather take away rights from the user and shoot into the
> little
>> driver
>> devloper and consultant. Congrats Microsoft. Way to go.
>>
>> Dan
>>
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@flconsult.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>
>
>

I must agree with Dan here,

Recently someone form MS posted that 80% of system crashes where due to
third-party drivers according to the dumps
that MS receives. However, in the last few years MS platforms have
become increasingly difficult to bring down unless your
actively developing software on one. I believe MS is introducing this
restriction in an attempt to make the platform even more
stable while overlooking the fact that 99% of home and business users
are more so affected by spyware, worms, viruses, ect. that exploit
the vuns in the OS. <- That is the average person’s MAIN concern,
keeping malware out of their system!

I could live with a few bsod’s in exchange for a system that couldn’t be
torn-up be the latest worm. MS just doesn’t seem to understand
what the consumer wants anymore; this is the exact reason GM is laying
off 25,000 workers today - selling crap people don’t need or want.

MS needs to get back to the basics of an ‘easy to use, easy to program’
operating system.

Matt

Dan Partelly wrote:

>> How difficult would that be?
>

I think is raher part of a policy. A policy which suxs big time, and
which takes away the rights from me, the user to install and software
I want on my machines.

Microsoft and it;'s engineers should rather spend their time ficing
very serious OS bugs and security holes then implementing
idiotic stuff. But no, they wont fix the bugs in Windows.
No, god fobid. It would be too complicated

They would rather take away rights from the user and shoot into the
little driver
devloper and consultant. Congrats Microsoft. Way to go.

Dan

----- Original Message ----- From: “Mark Roddy”
> To: “Windows System Software Devs Interest List”
> Sent: Monday, January 23, 2006 2:57 PM
> Subject: RE: [ntdev] X64 Windows Vista to require signed drivers
>
>
>> Actually I don’t remember if they said that test certificates would
>> still
>> work or not, which is why I floated my comment out there, hoping
>> somebody
>> would say either ‘yes test certificates will still work’ or ‘no test
>> certificates won’t work’.
>>
>> The whole thing ends up being obnoxious. Give me an ipl-time switch to
>> control what level of driver install security I want. How difficult
>> would
>> that be?
>>
>> =====================
>> Mark Roddy DDK MVP
>> Windows 2003/XP/2000 Consulting
>> Hollis Technology Solutions 603-321-1032
>> www.hollistech.com
>>
>>> -----Original Message-----
>>> From: xxxxx@lists.osr.com
>>> [mailto:xxxxx@lists.osr.com] On Behalf Of Maxim
>>> S. Shatskih
>>> Sent: Sunday, January 22, 2006 7:45 PM
>>> To: Windows System Software Devs Interest List
>>> Subject: Re: [ntdev] X64 Windows Vista to require signed drivers
>>>
>>> Do you remember the discussion on the Summit, Mark?
>>>
>>> They promised to allow the admin to install the company’s
>>> cert manually to the machine (like the IE’s option of "Always
>>> trust the software from La-La-La
>>> Corporation) and thus make the non-WHQLed driver loadable.
>>>
>>> But you see - anyway the company’s cert is needed.
>>>
>>> It is very interesting how will they deal with the cert
>>> revocation lists in NTLDR
>>>
>>> Maxim Shatskih, Windows DDK MVP
>>> StorageCraft Corporation
>>> xxxxx@storagecraft.com
>>> http://www.storagecraft.com
>>>
>>> ----- Original Message -----
>>> From: “Mark Roddy”
>>> To: “Windows System Software Devs Interest List”
>>> Sent: Sunday, January 22, 2006 7:52 PM
>>> Subject: RE: [ntdev] X64 Windows Vista to require signed drivers
>>>
>>>
>>> > I assume that for testing purposes you can still install test root
>>> > certificates on your test systems and sign your drivers
>>> with your own test
>>> > signatures. I could be wrong of course, but I would be
>>> surprised if that
>>> > were not the case.
>>> >
>>> > =====================
>>> > Mark Roddy DDK MVP
>>> > Windows 2003/XP/2000 Consulting
>>> > Hollis Technology Solutions 603-321-1032
>>> > www.hollistech.com
>>> >
>>> > > -----Original Message-----
>>> > > From: xxxxx@lists.osr.com
>>> > > [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn
>>> > > Sent: Saturday, January 21, 2006 1:23 PM
>>> > > To: Windows System Software Devs Interest List
>>> > > Subject: Re:[ntdev] X64 Windows Vista to require signed drivers
>>> > >
>>> > > Another thing I really love about the new policy is the ways
>>> > > to override it as a developer:
>>> > >
>>> > > . Attaching a kernel debugger. Attaching an active
>>> > > kernel debugger
>>> > > to the target computer disables the enforcement module in
>>> > > Windows Vista and allows the driver to load.
>>> > >
>>> > > . Using the F8 option. An F8 boot option introduced
>>> > > with Windows
>>> > > Vista-“Disable Driver Signature Enforcement”-is available to
>>> > > disable the kernel-signing enforcement only for the current
>>> > > boot session. This setting does not persist across boot sessions.
>>> > >
>>> > > Well using the debugger can impact (admittly slightly) the
>>> > > way a driver runs, so I never consider it a valid final test
>>> > > to have the debugger on the syste,.
>>> > >
>>> > > Of course having to remember that I must choose an F8 boot
>>> > > option, and be by machine everytime it reboots to manually do
>>> > > this is going to be lots of fun.
>>> > > I wonder how this will work for testing an unsigned driver
>>> > > needed to boot windows? I also wonder how it will work with
>>> > > the WDK image provisioning and testing an unsigned driver,
>>> > > gee does that mean in the middle of the automated process, I
>>> > > need a program to wake me up at 2AM to choose the F8 option?
>>> > >
>>> > >
>>> > > –
>>> > > Don Burn (MVP, Windows DDK)
>>> > > Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove
>>> > > StopSpam from the email to reply
>>> > >
>>> > >
>>> > >
>>> > >
>>> > > —
>>> > > Questions? First check the Kernel Driver FAQ at
>>> > > http://www.osronline.com/article.cfm?id=256
>>> > >
>>> > > You are currently subscribed to ntdev as: xxxxx@hollistech.com
>>> > > To unsubscribe send a blank email to
>>> xxxxx@lists.osr.com
>>> > >
>>> >
>>> >
>>> >
>>> >
>>> > —
>>> > Questions? First check the Kernel Driver FAQ at
>>> http://www.osronline.com/article.cfm?id=256
>>> >
>>> > You are currently subscribed to ntdev as: xxxxx@storagecraft.com
>>> > To unsubscribe send a blank email to
>>> xxxxx@lists.osr.com
>>>
>>>
>>>
>>> —
>>> Questions? First check the Kernel Driver FAQ at
>>> http://www.osronline.com/article.cfm?id=256
>>>
>>> You are currently subscribed to ntdev as: xxxxx@hollistech.com
>>> To unsubscribe send a blank email to xxxxx@lists.osr.com
>>>
>>
>>
>>
>>
>> —
>> Questions? First check the Kernel Driver FAQ at
>> http://www.osronline.com/article.cfm?id=256
>>
>> You are currently subscribed to ntdev as: xxxxx@rdsor.ro
>> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@comcast.net
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>

> My guess is, the Microsoft/Verisign monopoly’s idea

of signing drivers with their own signatures is
nothing more than an attempt to suck out hundreds
of dollars a year from developers. Just another
way to get money flowing in.

Oh please. That’s an absolutely trivial cash flow. That wouldn’t pay for a
guy in a mailroom. The reason from Microsoft’s point of view is plainly
obvious – security and reliability. The empirical data is pretty clear –
buggy drivers are the main reason for Windows crashes.

Now, I DO resent the fact that I, as owner of my own computer, will not be
able to make a policy decision to install unsigned drivers. I think that is
wrong, wrong, wrong. I’m fine with big red flashy scary dialog boxes
telling me about all the horrors of unsigned drivers, as long as I still
have a choice to install them.

– arlie

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of cristalink
Sent: Sunday, January 22, 2006 3:13 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] X64 Windows Vista to require signed drivers

Precisely! And I’m all for authenticode signing. That’s exactly what I
was talking about, in place of this misbegotten policy.

I am for authenticode with my own signature, but not Microsoft’s one.
Apparently, there is a guy or two in Microsoft pushing their stupid ideas
about driver signing.

There’s absolutely no point to check driver signatures at boot time, when
the root certificates are not available. The signatures should be checked
while the drivers are installed. Installed drivers should be hashed and the
checksums stored somewhere. At boot time, Windows just re-checks the
checksums not bothering with signatures.

One can say that someone can hack the checksums stored. Well, if one can
hack the checksums, they can easily hack the code that validates the
signatures, too.

My guess is, the Microsoft/Verisign monopoly’s idea of signing drivers with
their own signatures is nothing more than an attempt to suck out hundreds of
dollars a year from developers. Just another way to get money flowing in.

–
http://www.cristalink.com

wrote in message news:xxxxx@ntdev…
Yeah…

Precisely! And I’m all for authenticode signing. That’s exactly what I was
talking about, in place of this misbegotten policy.

You say load-time authenticode validation can’t be done easily. We must
have different ideas of the meaning of “easily” – Calling out to user-mode
when a driver’s loaded isn’t likely to be TRIVIAL, but by the same token,
consider that this is precisely how most anti-virus programs work
(intercepting the file open, and passing the file spec to a user-mode
scanning program). Given the frequency with which drivers are loaded, it’s
not like this is a high-performance path.

I could give you the names of at least a half dozen devs in 26 or 28 that’d
be up to the task. If they’re too busy keeping themselves out of bug jail,
I’m sure Don would be happy to write the code… for a very reasonble fee


P

—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@stonestreetone.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

“Arlie Davis” wrote in message
news:xxxxx@ntdev…
>> My guess is, the Microsoft/Verisign monopoly’s idea
>> of signing drivers with their own signatures is
>> nothing more than an attempt to suck out hundreds
>> of dollars a year from developers. Just another
>> way to get money flowing in.
>
> Oh please. That’s an absolutely trivial cash flow. That wouldn’t pay for
> a
> guy in a mailroom. The reason from Microsoft’s point of view is plainly
> obvious – security and reliability. The empirical data is pretty
> clear –
> buggy drivers are the main reason for Windows crashes.
>
> Now, I DO resent the fact that I, as owner of my own computer, will not be
> able to make a policy decision to install unsigned drivers. I think that
> is
> wrong, wrong, wrong. I’m fine with big red flashy scary dialog boxes
> telling me about all the horrors of unsigned drivers, as long as I still
> have a choice to install them.
>
One additional point in the “desired” scenario: If you (the owner of the
computer) elect to install the unsigned driver the OS should treat it as if
it was signed from a functional perspective.

Here I’m thinking about behaviors that adversly effect the behavior of
unsigned drivers when drivers are updated or new PnP devices arrive. Even
with current Windows the OS does not handle these situations correctly for
unsigned drivers.

Thomas F. Divine, Windows DDK MVP

Hello Maxim,

Read the samples and the MSDN documentation, including the concepts
Did that. I actually bought a second hand DDK reference for 50 euros.
started reading about IRP handling but grew bored after the first 200 pages

Read the book on general NT architecture like Solomon/Russinovich, if
you did not this before
I have bought a copy of windows sytem internals 4th edition. it will be next
after i finish win32 systems programming.

Read the Walter Oney’s book - it is very good, as an advanced version of
MSDN’s documentation.
I have read Oney’s book. 2 times front to back actually. It is the most
comprehensive source of information I have yet come across.

I have also subscribed to the NT insider, and bought the OSR USB-FX2
learning kit.
To be honest, i kind of gave up on wiring a WDM driver when i started
implementing power management. The horror…
Now i have written a USB driver for the USB-FX2 using WDF. WDF and KMDF
rule.

that is the reason i am worried about this driver signing. tinkering with
drivers is something i do for hobby or demo purposes. if i want to develop a
driver for some simple USB devices in our company (that now use virtual om
ports)
that would cost us 500$ a year, which is stupid IMO.

thanks for the advice.

kind regards,
Bruno.

Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com

----- Original Message -----
From: “Bruno van Dooren”
> Newsgroups: ntdev
> To: “Windows System Software Devs Interest List”
> Sent: Sunday, January 22, 2006 10:39 PM
> Subject: Re:[ntdev] X64 Windows Vista to require signed drivers
>
>
>> maybe I can add another point to this discussion that hasn’t yet been
>> voiced.
>>
>> I am a software engineer fo a small consulting company. Device drivers
>> are
>> not our business. In fact, it is just something that i started to learn
>> because I think it is interesting.
>>
>> any device driver that i write will likely be just for personal use, like
>> a
>> small USB or PCI IO interface to do some simple things for a demo or
>> whatever.
>> It would be perfectly normal for me to want a driver or kernel service to
>> be
>> loaded on my system for whatever reason.
>>
>> maybe this does not seem important to professional developers, but for
>> people like me it can become really problematic. why shouldn’t i be able
>> to
>> do this in a normal way?
>>
>> and even if it was just a one time cost i could understand (like a vendor
>> ID), but now you have to keep paying each year. for some of us, this is
>> difficult to justify with our bosses. (not to mention having to explain
>> why
>> we need to do business with verisign)
>>
>> kind regards,
>> Bruno.
>>
>>
>>
>> —
>> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>>
>> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
>> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>

I think the point about special-purpose drivers that are used in-house or by third party companies in very specific markets is a good one.

There are TONS of these drivers, and requiring them to be signed is nothing but a DISincentive for people to move to 64-bit Windows.

Sigh… I’m glad Microsoft is thinking about issues of driver security and reliability, but I really wish they would enter into a dialog with the community about these policies before mandating them. I dare say that even THEY can’t think of every consequence of every proposed policy.

Peter
OSR

To see if we can get Microsoft to initiate a discussion, I urge everyone to
go read the paper at
http://www.microsoft.com/whdc/system/platform/64bit/kmsigning.mspx. At the
end of the paper is the feedback email address for this stuff. If enough of
us make rational comments to that address, Microsoft may realize there is a
problem.

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply

wrote in message news:xxxxx@ntdev…
>
> I think the point about special-purpose drivers that are used in-house or
> by third party companies in very specific markets is a good one.
>
> There are TONS of these drivers, and requiring them to be signed is
> nothing but a DISincentive for people to move to 64-bit Windows.
>
> Sigh… I’m glad Microsoft is thinking about issues of driver security and
> reliability, but I really wish they would enter into a dialog with the
> community about these policies before mandating them. I dare say that
> even THEY can’t think of every consequence of every proposed policy.
>
> Peter
> OSR
>
>
>

Will do.

I find it really odd that this policy is only on X64 systems. As others
have pointed out, it is a huge disincentive to support X64. If it’s
important for x64, it’s at least as important (if not more so) for
32-bit Vista, no?

While I detest the policy, I didn’t think this news was all that new.
Haven’t they been saying all along that you will not be able to install
a driver on Vista if it is not digitally signed? Or is this a new twist
on that policy? I’m confused. But then again, the whole driver signing
process has had me in a state of confusion since I first started looking
into it and now it looks like the process is changing? But only for some
platforms? Huh? ???.

Beverly

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn
Sent: Monday, January 23, 2006 2:36 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] X64 Windows Vista to require signed drivers

To see if we can get Microsoft to initiate a discussion, I urge everyone
to go read the paper at
http://www.microsoft.com/whdc/system/platform/64bit/kmsigning.mspx. At
the end of the paper is the feedback email address for this stuff. If
enough of us make rational comments to that address, Microsoft may
realize there is a problem.

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from
the email to reply

wrote in message news:xxxxx@ntdev…
>
> I think the point about special-purpose drivers that are used in-house
or
> by third party companies in very specific markets is a good one.
>
> There are TONS of these drivers, and requiring them to be signed is
> nothing but a DISincentive for people to move to 64-bit Windows.
>
> Sigh… I’m glad Microsoft is thinking about issues of driver security
and
> reliability, but I really wish they would enter into a dialog with the

> community about these policies before mandating them. I dare say that

> even THEY can’t think of every consequence of every proposed policy.
>
> Peter
> OSR
>
>
>

—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: bbrown@mc.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Good suggestion. My initial reading answers my own question: there will
be no mechanism to allow test signatures in the released VISTA builds.
Instead you have to have a debugger attached or a human attached to
press F8. This seems to be a showstopper for organizations doing
automated testing. It also appears to be at loggerheads with the
admonitions to not get signatures for test builds early on in the paper
(Best Practices for Code Signing through Development, Test, and
Release.)

As usual there is an ‘inside outside’ disconnect at Microsoft. The
mechanism to disable enforcement is itself disabled for the released
versions of Vista - well that works just fine if you are inside
Microsoft working on Vista development, but us outsiders will be doing
development against the released versions of Vista not the pre-release
versions, which of course will have the enforcement disable mechanism in
BCDedit disabled . Sheesh.

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn
Sent: Monday, January 23, 2006 2:36 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] X64 Windows Vista to require signed drivers

To see if we can get Microsoft to initiate a discussion, I urge everyone
to
go read the paper at
http://www.microsoft.com/whdc/system/platform/64bit/kmsigning.mspx. At
the
end of the paper is the feedback email address for this stuff. If
enough of
us make rational comments to that address, Microsoft may realize there
is a
problem.

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply

wrote in message news:xxxxx@ntdev…
>
> I think the point about special-purpose drivers that are used in-house
or
> by third party companies in very specific markets is a good one.
>
> There are TONS of these drivers, and requiring them to be signed is
> nothing but a DISincentive for people to move to 64-bit Windows.
>
> Sigh… I’m glad Microsoft is thinking about issues of driver security
and
> reliability, but I really wish they would enter into a dialog with the

> community about these policies before mandating them. I dare say that

> even THEY can’t think of every consequence of every proposed policy.
>
> Peter
> OSR
>
>
>

—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@stratus.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

It is true they said all drivers must be signed, but in the past they then
said an administrator could sign a driver for a machine or a domain with a
tool Microsoft would provide. The change is that now for 64-bit you have go
through WinQual to get the signature, so a typical administrator cannot do
it.

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply

“Brown, Beverly” wrote in message news:xxxxx@ntdev…
While I detest the policy, I didn’t think this news was all that new.
Haven’t they been saying all along that you will not be able to install
a driver on Vista if it is not digitally signed? Or is this a new twist
on that policy? I’m confused. But then again, the whole driver signing
process has had me in a state of confusion since I first started looking
into it and now it looks like the process is changing? But only for some
platforms? Huh? ???.

It is more painful than I expected as it seems to eliminate any
reasonable mechanism for testing of ‘less than fully signed’ drivers.

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Brown, Beverly
Sent: Monday, January 23, 2006 2:55 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] X64 Windows Vista to require signed drivers

Will do.

I find it really odd that this policy is only on X64 systems. As others
have pointed out, it is a huge disincentive to support X64. If it’s
important for x64, it’s at least as important (if not more so) for
32-bit Vista, no?

While I detest the policy, I didn’t think this news was all that new.
Haven’t they been saying all along that you will not be able to install
a driver on Vista if it is not digitally signed? Or is this a new twist
on that policy? I’m confused. But then again, the whole driver signing
process has had me in a state of confusion since I first started looking
into it and now it looks like the process is changing? But only for some
platforms? Huh? ???.

Beverly

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn
Sent: Monday, January 23, 2006 2:36 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] X64 Windows Vista to require signed drivers

To see if we can get Microsoft to initiate a discussion, I urge everyone
to go read the paper at
http://www.microsoft.com/whdc/system/platform/64bit/kmsigning.mspx. At
the end of the paper is the feedback email address for this stuff. If
enough of us make rational comments to that address, Microsoft may
realize there is a problem.

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove StopSpam from
the email to reply

wrote in message news:xxxxx@ntdev…
>
> I think the point about special-purpose drivers that are used in-house
or
> by third party companies in very specific markets is a good one.
>
> There are TONS of these drivers, and requiring them to be signed is
> nothing but a DISincentive for people to move to 64-bit Windows.
>
> Sigh… I’m glad Microsoft is thinking about issues of driver security
and
> reliability, but I really wish they would enter into a dialog with the

> community about these policies before mandating them. I dare say that

> even THEY can’t think of every consequence of every proposed policy.
>
> Peter
> OSR
>
>
>

—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: bbrown@mc.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: unknown lmsubst tag argument:
‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com