> iirc, you can load it, but it requires some hoops. getting a hoop-free > version requires a whcl sig, and that costs $75 and a few days of tests.
You can load it in either two ways, you can boot into test mode, which disables signature checking and writes "Test mode" in the bottom right corner of the screen, or you can properly sign the binary yourself and add yourself as a root CA in the certificate store. Loading a kernel mode binary doesn't require a WHQL cross-signature, but WHQL will disable some yellow warnings otherwise shown to the user. WHQL is very expensive, depends on the type of driver, for what I was doing it was in the order of $2k/test. Every new version of the binary required a new test. Other types of drivers are cheaper or more expensive, we never bothered with WHQL, it was too expensive for us. There was no WHQL option for file system and I believe that stands true today as well. Regular, non-WHQL signature you can use are much expensive than $75, they are in the order of $500/year: http://www.symantec.com/verisign/code-signing/microsoft-authenticode/buy -- Aram Hăvărneanu
