[18235] in cryptography@c2.net mail archive
Re: When people ask for security holes as features
daemon@ATHENA.MIT.EDU (Alex Alten)
Fri Aug 19 10:42:00 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 19 Aug 2005 07:32:14 -0700
To: pgut001@cs.auckland.ac.nz (Peter Gutmann),
cryptography@metzdowd.com
From: Alex Alten <alex@alten.org>
In-Reply-To: <E1E5ey1-0006EM-00@medusa01.cs.auckland.ac.nz>
At 07:37 PM 8/18/2005 +1200, Peter Gutmann wrote:
>Raymond Chen's blog has an interesting look at companies trying to bypass
>Windows XP's checks that a driver has been WHQL-certified:
These guys are amateurs. There are registery flags and COM functions that
will prevent the dialogs from popping up. I've done it myself when developing
a driver and having to reinstall it dozens of times each day. I've even
disabled
XP's personal firewall to install stuff that needed to use a private port
during
install. This was for a appliance, where we controlled the OS version,
hardware,
etc. So any updates to the OS we validated before allowing the user to patch
the appliance.
As a small firm we couldn't afford both the time or money to go through
Microsoft every time we updated a driver. For other firms not using the
appliance approach to shipping software, probably thay are trying to reduce
support costs, which is not unreasonable these days.
- Alex
--
- Alex Alten
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
