Loading unsigned drivers on Vista

noidea writes: Atsiv is a tool we threw together to help the support the hobbyist community to and to provide support to legacy drivers on Windows Vista without rebooting with special boot options or denial of service.

As I'm sure you are all aware, with Windows Vista, Microsoft have released a new DRM implementation that restricts system performance and limits use of the system in general. One of the best papers we have read on Vista and DRM is a paper by Peter Gutmann who lifts the lid on Vista's DRM implementation .http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.html.

One of the restrictions under Vista is enforced driver signing. Driver signing doesn’t prevent malware, it just prohibits freedom to choose, which on a general purpose operating system is simply not acceptable.

A signed file uniquely identifies the company that developed that file but when companies can be created and registered in jurisdictions known for protecting the privacy of company founders and directors you have to ask what does driver signing actually represent? Signed drivers can be signed by an arbitrary legally registered company. Absent any control over what the driver actually is or does, this provides no real additional security, other than removing author anonymity. So do the new Vista “features” improve system security or only impose limitations?

While driver signing certificates can be revoked new certificates, with enough money, can be created faster than it takes to change a files signature. If this is indeed the case then it is the hobbyists and home user that end up paying the cost.

We have released a free command-line tool for loading unsigned drivers on Windows 32 and 64 bit Vista without requiring the "/debug on" bcdedit boot-option. This isn’t the first PE loading tool but it’s the first one I’ve seen that uses a signed component to load an unsigned component. Enjoy http://www.linchpinlabs.com/resources/atsiv/usage-design.htm