| Windows 10 driver signing question [message #108948] |
Thu, 08 October 2015 17:16  |
mikeaudet
Messages: 474
Registered: February 2009
|
Senior Member |
|
|
Hi All,
I have a dilemma that I think I've somewhat resolved, but I wanted to consult with the community about it because there is no perfect solution.
Windows 10 has changed the driver signing rules, and the changes aren't good.
Secure boot is a mechanism that checks that boot loader code is digitally signed. It was added in Windows 8.
For me to update the scherzo driver for windows 10 and support secure boot, I'll now have to buy an 'extended validation' security certificate that will cost about $600 Canadian per year. That's completely unfordable for me.
I'll also have to upload the driver to Microsoft servers for them to sign, and I'll have to agree to watch for telemetry data for bugs. That's a good thing if people agree to send telemetry data, but sending telemetry data is mandatory in Windows 10. I personally see mandatory data collection, that includes a list of all applications installed on a personal computer, as a serious privacy violation. I'd be participating in something I'm strongly against in its current form.
I can use the old cross certificate mechanism that Windows 7/8 used, but it will only work with Windows 10 if secure boot is disabled in the BIOS.
All PCs up until the new crop of Windows 10 logo PCs were required to have a BIOS option to turn off secure boot. With new PCs, this switch will be optional. It's possible that some new PCs will not have the ability to disable secure boot.
There's really no good option.
I've contacted Microsoft and asked for help, and they have refused.
There's also the SHA1 vs 2 change that's coming. If I get a new certificate, it will have to be SH2, which will only work on recently patched Windows 7 PCs. Windows VISTA won't load the driver, nor will older builds of Windows 7.
Basically, Microsoft sucks.
I'm leaning to getting a 3 year regular cross certificate and just not supporting secure boot on Windows 10.
What would you guys do?
All the best,
Mike
[Updated on: Thu, 08 October 2015 18:19] Report message to a moderator |
|
|
|
The PARIS Forums
Search
Help
Members
Register
Login
Home
