Thread: SoftICE DEAD?
View Single Post
  #7  
Old 04-18-2006, 08:42
taos's Avatar
taos taos is offline
The Art Of Silence
  
Join Date: Aug 2004
Location: In front of my screen
Posts: 580
Rept. Given: 65
Rept. Rcvd 54 Times in 19 Posts
Thanks Given: 69
Thanks Rcvd at 137 Times in 36 Posts
taos Reputation: 54
Quote:
Originally Posted by JCB
Also remember that more motherboards are introducing Trusted platform chips (Think about Palladium which is part of Vista) It will really make it difficult to run applications that are not "authorized" on your PC if you decide to use Vista and you have the hardware to enforce the protection. Currently everything I have seen so far you can disable but who knows how long that will last.
This will be enable/disable like PENTIUM serial number, because you can put a demand to hardware factory because they can fail (with others SO for example)

Trusted HW with trusted soft, its sounds like IPOD or PSP protection and you know what is the result...

BTW:

M$ informs that the need to use signed drivers ARE ONLY FOR 64 BITS version. Maybe to stability.

Link:
hxxp://download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fde-d599bac8184a/DrvCompat_Vista.doc


• Digital signatures are required for 64-bit kernel-mode drivers. Signed catalog (.cat) files are required for all kernel-mode packages that are to be installed on the 64-bit editions of Windows Vista. This applies to any software module that loads in kernel mode, including device drivers, filter drivers, and kernel services. The operating system does not load unsigned kernel modules that lack a signed catalog file.
There are two ways to obtain an appropriately signed catalog file:
• Obtain a Windows Vista logo. Drivers that pass Windows Hardware Quality Lab (WHQL) testing receive a catalog file that is signed with the WHQL certificate.
• Obtain a publisher identity certificate (PIC) and use the PIC to sign the package��s catalog file. To obtain a PIC, a publisher must first obtain a VeriSign Class 3 Commercial Software Publisher Certificate and then use that certificate to obtain a PIC from Microsoft that can be used to sign kernel-mode modules intended for 64-bit Windows Vista.
For boot drivers, hardware manufacturers must also use a PIC to embed a signature in the driver binaries. This requirement applies to CD-ROM and disk drivers, ATA/ATAPI controllers, mouse and other pointing devices, SCSI and RAID controllers, and system devices.
Solution: Sign all catalog files for 64-bit drivers by using a PIC or get a WHQL-signed catalog file by obtaining a Windows Vista logo. Sign boot driver binaries by using a PIC.
For more information, see the white paper titled ��Digital Signatures for Kernel Modules on x64-based Systems Running Windows Vista.��
Last edited by taos; 04-18-2006 at 08:55.
Reply With Quote