Gee, I remember an age where you didn't have all of this signed driver bs that puts you, the end consumer, at the mercy of a supply chain, and at least left you with the option of writing your own.
Those were the days...
But no...
Computing must be gatekept through the supply chain for the benefit of cloud providers, malicious IC/HW fabs, and software companies!
I'd take having to scan and recompute hashes on my drivers on a regular basis for this stupid driver signature enforcement and trusted computing BS to either get ripped out wholesale, or be changed to be opt-in instead of "there really is no opt-out for non-developers.
After all, as long as it's the default, there is no incentive to making turning it on or off an easier process. Again though. That's industry's goal. Let us lock down your computing experience! It's too dangerous to have an Unwashed User with an unvetted computing environment!
I feel like they should do something. I’m not really sure what. Revoking the driver keys seems a little extreme but I’m not sure what else they would be able to do.
My suggestion: remove the malicious driver from Windows Update, push another update to all affected victims that puts them back on the old legitimate driver, and warn Prolific that if they ever do something like this again, that next time the consequence will be revocation.
that would set an inconvenient precedent for the future, when MS/Apple themselves start bricking your hardware for using unapproved software or failing to comply with Disinformation Governance Board regulations
Also, the user is left with a device that is NFG.
Gee, I remember an age where you didn't have all of this signed driver bs that puts you, the end consumer, at the mercy of a supply chain, and at least left you with the option of writing your own.
Those were the days...
But no...
Computing must be gatekept through the supply chain for the benefit of cloud providers, malicious IC/HW fabs, and software companies!
I'd take having to scan and recompute hashes on my drivers on a regular basis for this stupid driver signature enforcement and trusted computing BS to either get ripped out wholesale, or be changed to be opt-in instead of "there really is no opt-out for non-developers.
After all, as long as it's the default, there is no incentive to making turning it on or off an easier process. Again though. That's industry's goal. Let us lock down your computing experience! It's too dangerous to have an Unwashed User with an unvetted computing environment!