If you install a Driver on Windows XP which is not
blessed by Microsoft, you get a nasty Dialog box with a warning. - Microsoft tries to tell people this is for stability reasons - See this blog entry at
The Old New Thing for someone arguing for it, and read the comments for reasons why this idea only sounds good in writing.
About a year ago this had also come up on the OpenVPN mailinglist (see here). Someone in that thread pointed out, that Microsoft says you can't change it in your program which tiggered my hacker gene to see how this could be done anyways.
Liberal usage of regmon revealed that the value is indeed stored in the Policy key of
HKLM\Software\Microsoft\Driver Signing, but there was also a write to the PrivateHash key of
With the help of apispy it was easily found out that the PrivateHash is an MD5 hash of the 4-byte-extended value of the Policy Key and some seed. The Seed is the 4-byte value of the
seed key from
This was quickly written down in a small proof of concept program. - And please, don't even think about ugly things like automating a mouse click to acknowledge such a dialog box again. :)