Vista Signed Drivers: Good or Bad Social Move?


Yesterday brought the news of Windows Vista requiring, here's some jargon:

"Vista driver developers must obtain a Publisher Identity Certificate (PIC) from Microsoft. Microsoft says they won't charge for it, but they require that you have a Class 3 Commercial Software Publisher Certificate from Verisign. This costs $500 per year, and as the name implies, is only available to commercial entities."

How is this a bad social move? Well, there are several factors that play into this both from the standpoint of rights you have to run software of your choice on your PC/OS but also from the PR point that makes this look very disheartening towards the x64 archtecture. Lets look at them one by one. Social Problem When you purchase a computer should you be allowed to make a decision on whether or not you trust a piece of software to work on your PC and OS? Microsoft does not think so. There are far too many security implications which make this move more than valid but it effectively eliminates the ability for open source developers (read: kids playing around with software development at home) to publish software. The trouble for Microsoft is two fold now: it looks bad for discouraging young people from developing software for the Microsoft platform and it deals a blow to the open source movement which is thriving even for the Windows world. This is not a short-term bad move that you're accustomed to, this is a long term move of further encouraging software developers to seek more open platforms. Windows will be more secure though. Valid tradeoff? Business Problem Microsoft, right after Intel, should be blamed the most for the lack of 64bit adoption. They sided with Intel Itanium (or Itanic) chip on the server and nobody showed up. Same was done with the 64bit Windows XP but AMD X64 effectively cornered that market with cheaper, cooler and more powerful chips. But I challenge you to find people that are happy with Windows XP 64bit or that have had a positive experience. You will not find many. So what do we have here, enforcement and restriction of development on the 64bit platform while the 32bit one is free to roam. Is this a good business move for the platform that you are trying to encourage everyone to upgrade to? Certainly not. So what we have here is a tradeoff between security and rights of use, public relations confusion over whether to upgrade to X64 now or never. I have to admit, it bothers me, but I'll be fine with X64 and signed drivers. There will always be a way to pirate stuff even with the DRM junk. No more dealnews hardware though 🙂

6 Responses to Vista Signed Drivers: Good or Bad Social Move?

  1. happyfunboy says:

    if you look at ms’ stated goals for this move, it becomes readily apparent that the primary factor is to enforce drm content protection.

  2. Anonymous says:

    Oh, absolutely. But thats not all I don’t think. Vlad makes a great point, these enforcements are not made on the 32bit edition.

  3. happyfunboy says:

    but do you honestly think, given the chance to start from scratch, that ms (and the content providers urging this kind of move) wouldn’t push the same enforcements on the 32-bit side?

    this is a play to get more drm enforcement in place on a platform this is still “new” (thanks to all the things vlad correctly points out).

    it’s that newness that makes this kind of move possible.

    i can guarantee that the major content providers and their enforcement organizations (riaa, mpaa, etc. etc.) are putting tremendous pressure for drm.

    but this should in no way shock anyone.

    ms has historically been one of the more content provider rights friendly companies.

    and why wouldn’t they be?

    how much $$$ do you think ms loses to piracy worldwide?

    even so, $500 bucks a year for a PIC isn’t insignificant, but won’t deter anyone who is serious about developing.

    my bigger question is…just what does this move solve for anyone, other than those interested in more drm?

    not being a dev myself…how common is driver development?

    is this a move for better system stability?

    i’d suggest that a better move in that direction would be for ms to flex some of its muscle and get devs to toe the line on lua.

    or…perhaps work on speeding their own response to found exploits.

  4. Jerz says:

    It’s funny… at the TS2 events we are being rallied to really push Vista as soon as it’s released… this point you bring up is a very good one; the last thing that I want is some of the stuff I use off of to become unuseable… seems a bit ridiculous… maybe instead of Vista I’ll look at some other stuff on the market; fsck drm.



  5. Tim Long says:

    In a way I think software vendors have only themselves to blame for this. MS tried the self-regulation approach and most vendors just put instructions in their user guide on how to get around the unsigned driver dialog. Result: end users are largely ignorant of what driver signing even means which makes the whole thing worthless.

    IMO, Microsoft has let third parties rifle through the system directories for far too long. To me, this is a step in the right direction. Requiring a $500 certificate seems harsh to me, but I suppose anyone supplying device drivers is also supplying hardware and they can probably afford it. For this reason, I’m not sure that the effect on open source software will be all that big either. Typically, you get your device driver with the hardware – I have never needed to find an open source driver for a device I’ve used in Windows.

  6. Vlad says:

    Deamon tools and a few other video drivers, mostly for crappy outdated video/tv cards.

Comments are closed.