"The Win32k filter is already used in Edge, however at the moment only Microsoft can use it as the executable signature is checked before allowing the filter to be enabled."<p>I find this disturbing and anti-competitive. Microsoft is clearly giving Edge an edge here (pun intended).
Is it just me, or does it seem trivial to MitM this HDCP API by just faking out the certificate chain, then faking out the method return values?<p>> Fortunately this doesn’t compromise the security guarantees of the original API because of the way Microsoft designed it. To prevent a MitM attack against the API calls (i.e. you hook the API and return the answer the caller expects, such as HDCP is enabled) the call is secured between the caller and graphics driver using a X.509 certificate chain returned during initialization.
That must have been a hell of a workload. Thanks for this.<p>There are three pieces that left me shivering:<p>> After discussion with my original contact at Adobe they didn’t have access to the DRM code for Flash.<p>WHAT? Adobe ships (to them!) unknown, unauditable binary crap to users? Security by obscurity or what? This is totally irresponsible of Adobe.<p>> though I’ll admit something about sending binary blobs to a graphics driver gives me the chills.<p>What a joke that DRM crap is. Hasn't been sending crap to graphics drivers been a cause of a boatload of exploits, and they're still doing so?<p>> The stability issues are likely down to interactions with third party code (such as AV) which inject their own code into Chrome processes.<p>LOLOLOLOL. For what is this even needed, given that AV software usually has kernel-level code anyway? Also, why on earth do AV vendors think they can mess around with third-party software?<p>The only ones who get clogged up with the inevitable bug reports are software devs who don't test their own software across all possible AV solutions - I doubt any company except Apple, Microsoft, Google's Android and Chrome divisions and Adobe actually have the install base for doing such tests "in the wild" like Chrome did.
So tomorrow Microsoft ships an update for Windows that causes a runtime function to call an additional Win32k function and suddenly Chrome crashes?<p>This seems somewhat impossible to maintain.