
I've always *HATED* application and driver certs
I've always *HATED* application and driver certs. In many ways, it's an ASSAULT ON OPEN SOURCE AND FREE SOFTWARE.
A lot of this started with windows vista, so the problem exists in 7 as well. Microshaft NOW requires all kernel drivers to be signed by *THEM* for a "modest fee", a TOLLBOOTH on the information highway, in essence. It's a TOTAL RIPOFF.
iOS's attempted "lockdown" is no better. At least there's a method by which an indie developer for Android can make an APK available for whoever wants to download it.
anyway...
It was ONLY a MATTER OF TIME before it got CRACKED. THEN they'll issue a "fix", which will "work" for a while, and it will get CRACKED AGAIN.
It's really a false sense of security.
The biggest problem behind this (other than poorly written poorly tested windows code) is RUNNING WITH ADMIN CREDENTIALS *ALL* OF THE TIME!
In Linux (and other POSIX) systems, running as 'root' all of the time is discouraged on many levels. Some programs won't even run without explicitly setting a flag someplace to allow running as 'root'. Others simply warn you and force you to click through an approval every time.
Windows COULD use a POSIX-like security model, too, because 'administrator' usually doesn't give you the *kinds* of access you REALLY need. Unless you're MALWARE...
This "cert" nonsense SHOULD be a reason to NOT use Windows. I think that *eventualy* it COULD become that. In the mean time, Micro-shaft charges a FEE to "certify" your CRapp or driver, to give a FALSE! SENSE! OF! SECURITY! to end-users, because HOW many "the store" CRapps for iOS and Android have been distributed with "certifications" on them, only to require being REMOVED from "the store" because they're really MALWARE???
Yeah. FALSE sense of security. I say let developers make what they want, and let users just BEWARE and EXERCISE CAUTION instead. Like a form of "street smarts" except it's with SOFTWARE.