Wednesday, April 14, 2010

Hacking Windows 7

I'm using Windows 7.  It's better than any previous version of Windows.  I haven't tried it on older hardware.  But on hardware that can handle it, it is slick, fast, and stable and has fewer annoying interruptions than Vista. Even on Vista I rebooted nightly in order to keep the machine running smoothly.  I only reboot now after installing stuff that requires a reboot (a few applications and Windows updates.)

I had to crack open my computer case the other day, and I had a Linksys wireless card sitting on my desk gathering dust.  My wireless seems to go down erratically, and I would like to be able to check it from my desktop without having to get out my laptop.  So I stuck the card in.

Microsoft added the concept of "signed" drivers a few versions back.  Its a good concept, in general.  The people who create a driver encrypt it with a secure public key.  They give Microsoft the private key.  Then Microsoft can validate that the driver was developed by a safe source and hasn't been hacked.  This is a reasonable security system.

It happens to also be a good revenue enhancer for hardware manufacturers.  When a new version of Windows comes out the hardware manufacturers can simply fail to create new encrypted drivers for their old hardware.  Now I can't take my older wireless card and reuse it in my new computer.

In all versions of Windows prior to 7, the whole signed drivers security system was optional.  You got a warning, but you could install the driver and use your old hardware with the old drivers.  In Windows 7 it is no longer optional.  Windows 7 refuses to run unsigned drivers.

In this case, I know that the wireless card would work.  I ran the Windows 7 beta, and I had this card running on it with the Vista driver.  The beta of Windows 7 let me run an unsigned driver.

Monday afternoon I found this fabulous blog post on signing drivers.  It turns out that I can install the Windows developer kit and sign my own drivers.  It looks like a decent compromise.  Hard-core propeller-heads can get old equipment to work, and they can take responsibility for the hacks.  They are likely savvy enough to recognize the problems that might arise, so letting them run old hardware is fairly safe.

The Vista driver from Linksys was a .inf file instead of being a .exe (the linked .exe file is just a self-extracting zip file), like in the article.  I had to figure out how to sign a .inf file.  It turns out that .inf files cannot be signed.  I had to convert the .inf to a .cab file, and then sign the .cab file (worked just like .exe files).

Now I have a locally-signed .cab file containing the Vista driver that I know works in Windows 7.  When I install the driver it shows to be digitally signed and generates no errors whatsoever.  I had to set my computer to run in 'Test Mode' to allow locally-signed drivers--I didn't want to submit my hacked driver up to Microsoft as if I were Linksys or providing the driver to the public.  But after a reboot it is working.

No comments:

Post a Comment