Any good reason not to disable signed driver requirements on Vista 64?

[Skeeedunt]

Are there any realistic security implications for doing this? Anything else I should worry about?

It seems like this is a marginally useful feature at best, but I'd like to get opinions from somewhere besides the blogosphere that google returns when you try to search about it.

 

[bsobel]

Originally posted by: Skeeedunt
Are there any realistic security implications for doing this? Anything else I should worry about? It seems like this is a marginally useful feature at best, but I'd like to get opinions from somewhere besides the blogosphere that google returns when you try to search about it.

Yes unsigned drivers if loaded into the kernel for all effective purposes have full control of your machine. You really really need to be carefull what drivers get loaded (many malware strains now include drivers).

 

[Skeeedunt]

Originally posted by: bsobel
Yes unsigned drivers if loaded into the kernel for all effective purposes have full control of your machine.

Isn't that the case with pretty much all malware though? Maybe the outcome of a kernel infection is marginally worse, but I figure it's game-over once you run any malicious software with escalated privileges. Hell, the installer could just disable driver signing on its own and schedule the install for the next reboot, couldn't it?

Obviously running any malware-infected installer is going to be trouble, but assuming you stick to reputable sites (e.g. VMWare), is there really any additional risk from just having the option to install unsigned drivers?