Device drivers

Trying to run a device without a driver is like trying to drive a car without your key. The car itself is a fully functional piece of equipment, but it can’t run if it doesn’t have what it needs to get the engine going. Let’s take a closer look at device driver and find out what and how they communicate with the operating system that they’re trying to join...

What is a device driver?

A device driver is a piece of software that makes a piece of hardware work with an operating system. Drivers can be generic - from the manufacturer of the hardware, but not the entire system, say an Intel video card using an Intel video card driver in an HP laptop. They can also be OEM drivers instead; an Intel video card using a HP intel video card driver in a HP laptop. The HP driver is still the Intel driver underneath, but HP will have modified it so maybe they have created an extra management program that will appear in your Control Panel.

You’ll need to find and download all the correct drivers to make sure your computer is running properly. Usually, you will go to the manufacturer's support website or use Windows update which will search Microsoft’s website. Because drivers are so central to how hardware runs, they have a deep level of access to the computers systems. Obviously, this means that drivers could be used for malicious purposes. To stop this from happening, manufacturers design drivers in such a way that cannot be modified. Users, even administrators, would never have more than read access given to them. A question therefore is how do you know the drivers are legitimate and have not been modified?

An example of a Driver File Details dialog box for a virtual keyboard driver. It details the provider, the file version, the copyright, and the digital signer.

Figure 1: A Driver File Details dialog box

Security threats and authentication

The answer to the previous question is that drivers are ‘signed’, which means that we know where they came from. However, even this isn’t enough. Hackers are smart and competent, and they may find a way to bypass the checks and measures that manufacturers use. They may also write their own drivers with back doors in them and have this driver pretend to be the original driver. Therefore, even manufacturer signed drivers isn’t enough. Drivers need to be signed by a company that both the manufacturer and the computer trust, a trusted third party.

A trusted 3^rd party is a company that will sign the certificate and revoke it if necessary. Windows 10 already has a list of these companies. Type ‘certmgr’ into the search box next to the windows icon and then select the MMC offered. Expand Trusted Root Certificate Authorities and look at the names of the companies listed. You should recognise a few of them. As long as the driver certificate is signed by one of these companies, the computer will accept it.

Do note that drivers tend to be operating system specific, so you need to choose one that is written for Windows 10, and they also need updating just as you would update the operating system. You will be able to manage all this through the Device Manager application.

A warning sign.