Quote:
Originally Posted by chants
There is always hacking the private key of a trusted signing authority.
|
No, there is not. The only trusted authority which has ever existed is Microsoft itself and all intermediate cross-certificates signed by Microsoft have expired at least two years ago.
Quote:
Originally Posted by chants
Also you could crack Windows to not check, although if on EFI, might have to hack that private key as well. Or fallback to MBR.
|
If you don't want Windows to check driver signatures on your own computer, then you can just turn it off. Windows provides several official ways to load drivers without proper signatures, but they are all limited to your computer and will not work when trying to distribute the driver to regular Windows systems without modifications. Microsoft is
not like Apple, so Windows still allows you to switch off security features.
Quote:
Originally Posted by Elisa3167
Another thing you could do... Fake the timestamp-server response.
|
And why would Windows trust your fake timeserver's signature? Also, as explained above, the timestamp doesn't really matter for kernel driver signatures.