18 Jun
2007
18 Jun
'07
5:18 a.m.
On Monday 18 June 2007 00:34, Siddhesh Poyarekar wrote:
On 6/18/07, Anant Narayanan anant@kix.in wrote:
...which is no different than a driver CD faking a trojan install. You could easily develop a protocol to instruct the OS to only listen to what the program on the ROM says, probably with a checksum to verify its integrity.
You're spot on in case of a new device you'll install. Consider a situation where you're using a device for which you already have a driver installed, has been used elsewhere and has been infected.
Or the original autoloaded driver needs a vital bug fix - which imo is the norm.
--
Rgds
JTD