SparkFun Electronics Commentsurn:uuid:214d0e4e-f1b1-d287-ce26-ac5b4c9f82492024-03-29T05:28:18-06:00SparkFun ElectronicsCustomer #1465370 on Enginursday: Windows Drivers & SecurityCustomer #1465370urn:uuid:16308631-01de-33df-de98-5185e35154f12018-11-05T04:05:20-07:00<p>hi</p>
.Brent. on Enginursday: Windows Drivers & Security.Brent.urn:uuid:7bc6aea8-fd3b-66d4-4d71-b9f1417e4e6d2015-09-26T13:05:19-06:00<p>The signed drivers are available on GitHub (https://github.com/sparkfun/SF32u4_boards & https://github.com/sparkfun/Arduino_Boards) or through the Arduino IDE board manager. In the case of the Redboard, it still uses the FDTI drivers. Boards such as the Redboard that use an FTDI enumerate to the OS as an FTDI device and work well with their drivers. I've signed the drivers that have a SparkFun USB vendor ID only.</p>
.Brent. on Enginursday: Windows Drivers & Security.Brent.urn:uuid:21e28e49-a601-eef0-caf2-c1b83c6a6b6b2015-09-26T13:01:01-06:00<p>The link should be good, but it looks like there is a bug somewhere. I've notified IT to look into it. You are correct though.</p>
Valen on Enginursday: Windows Drivers & SecurityValenurn:uuid:9144bb0a-2a6b-154d-7dd0-c0b9a88292f52015-09-26T02:56:13-06:00<p>P.S. So where exactly are those signed drivers downloadable? I can't find a link to them. The Redboard product page still links to the FDTI download site.</p>
Valen on Enginursday: Windows Drivers & SecurityValenurn:uuid:691297b5-2c7b-37b4-cf7f-cdd4faad54912015-09-26T02:47:12-06:00<p>Is the link at the end of the TL;DR section at the top of the page correct? It leads to a Bluetooth tutorial, and has nothing about disabling driver security. Whereas it seems this one is more approriate:<p>https://learn.sparkfun.com/tutorials/disabling-driver-signature-on-windows-8</p></p>
.Brent. on Enginursday: Windows Drivers & Security.Brent.urn:uuid:5cab7ed7-0797-243e-f580-0850859356ca2015-09-14T11:39:26-06:00<p>What makes you say this? My understanding is the OS roughly does a hash to verify the driver hasn't changed before loading it, and then it's the same. Doesn't take long at all to hash a file and compare it to the signed signature.</p>
PCB Manufacturer on Enginursday: Windows Drivers & SecurityPCB Manufacturerurn:uuid:1f41f222-06e6-d8ab-08e7-d8218895399c2015-09-12T05:10:31-06:00<p>These Securities are good but it makes sometime system too slow . Processing really becomes difficult sometime.</p>
.Brent. on Enginursday: Windows Drivers & Security.Brent.urn:uuid:580e0f8a-9b53-851c-8a4d-3083c05347d32015-09-03T16:10:22-06:00<p>Security is always a security/usability trade off. That's why all of my bank passwords are on this post-it note on my monitor; I want them hard to guess. ;-) They have to hit the average user, or the biggest part of the market. Large corporations can install their own self-signed root certificate authority certificates on the machines they own and then sign all of the internal drivers they want w/o further inconveniencing their employees. That might be a workaround a more advanced user such as yourself could use for your own customized drivers. I did that to one of my machines to practice before we spent the money on the real deal.</p>
.Brent. on Enginursday: Windows Drivers & Security.Brent.urn:uuid:cc3953b2-928a-f30f-ffa2-4051e7509c442015-09-03T16:00:32-06:00<p>Funny you call us out on that. I thought the same thing. Legally our company name is "Spark Fun Electronics Inc". SparkFun is a registered trade name that we use. I assume Spark Fun was registered before it was cool to make new words by smashing together 'real' words. http://tinyurl.com/ovsoaza</p>
DemolishManta on Enginursday: Windows Drivers & SecurityDemolishMantaurn:uuid:dfa35e75-b076-ad1b-1049-6352abd4fd202015-09-03T14:38:18-06:00<p>There is nothing more frustrating to using MS Windows than driver signing. Even in Windows 7. I use a utility called com0com to create virtual serial ports for industrial equipment. To use it practically I have to get a version some guy signed out of the goodness of his heart and the fact he had the resources at his company to do so. This barrier to using the OS has caused me to reevaluate my usage of the platform in an industrial setting. For instance, if I need to write a custom driver for a specific purpose then I have to get that signed? So I lose all the benefit of the com0com project being open source. In the future we plan on moving all of our control consoles to Linux as it affords us much more control and freedom on our platforms. Not to mention way better security tools. I do appreciate Sparkfun making the effort to ease the usage of their hardware. It makes testing and deployment a lot less frustrating and time consuming.<p>It is sad that Windows 7 was a giant leap forward in MS OS lineup. Now they are regressing so quickly with Win8 and WinX that I have to wonder what is really going on in Redmond.</p></p>
Valen on Enginursday: Windows Drivers & SecurityValenurn:uuid:820d45c3-09db-d176-085f-4a63c28e26c92015-09-03T14:23:55-06:00<p>You sure that signed driver image at the end is legit? Isn't it called "SparkFun" without the space? ;)</p>
.Brent. on Enginursday: Windows Drivers & Security.Brent.urn:uuid:f2fd319a-5877-8c1a-1b5f-ee7764ee61e52015-09-03T11:26:58-06:00<p>There isn't really such a thing as true security, especially if humans are involved. Our gov't used Stuxnet to break those centrifuges in Iran even with air gaped machines. You, or someone with enough computing power can nearly always brute-force attack any encryption (as you stated). The goal is to never be the target of an attack. MS Windows has benefited from all of the attacks and is getting more and more solid. The bigger concern is all of the privacy invasions / ease of use features they released with Windows 10 and and now back porting to earlier versions. Do you really want the following in the privacy policy of your OS?<p>"We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to protect our customers or enforce the terms governing the use of the services."</p></p>
GaryiOS on Enginursday: Windows Drivers & SecurityGaryiOSurn:uuid:d6220695-2cbd-a35e-e4a6-8afe825695502015-09-03T10:14:20-06:00<p>Great article and agree with chriscrowder's post. On Safari my screen keeps shifting and is freaking my eyes out.</p>
.Brent. on Enginursday: Windows Drivers & Security.Brent.urn:uuid:736a02a8-2bb0-b5b6-40a7-0cc96421ac6c2015-09-03T10:03:05-06:00<p>Sorry guys. I made it stop.</p>
OldFar-SeeingArt on Enginursday: Windows Drivers & SecurityOldFar-SeeingArturn:uuid:d8eb7041-efe1-376c-db07-330c7fe856ba2015-09-03T09:53:09-06:00<p>What @chriscrowder said and it's driving me nuts. Using Firefox/Win7... please make it stop!!!</p>
chriscrowder on Enginursday: Windows Drivers & Securitychriscrowderurn:uuid:ff36fcfb-8a0e-376f-d6de-3f104831b6ba2015-09-03T09:37:31-06:00<p>You guys got something weird going on with your post (at least for me in Chrome). It appears the spacing between lines is shifting every so often when the main page is loaded. Really annoying when you towards the bottom and everything shifts a line or 2. Only seeing it on your main page. Not on any of the other post pages.</p>
LukeW on Enginursday: Windows Drivers & SecurityLukeWurn:uuid:bf22117b-a4e3-1f66-148b-50187632b9f42015-09-03T09:34:19-06:00<p>Kudos to you guys for making this decision/investment. As an IT manager, I cringe any time I see someone that has been trained (by usually well-meaning folks) to ignore security warnings when they usually don't have the skill to tell if there is really a problem or not. Self-signed SSL certs are just as bad a problem as unsigned drivers.</p>