|This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.|
This topic discusses security issues for the GPS Intermediate Driver. To mitigate security risks, use the following best practices.
Protect location information from unintended use
Never allow location information to be used without the user's consent. For example, the user should explicitly initiate any use of location information. Use of this information should only occur if an application prompts the user with a notification of privacy concerns, and if the user gives explicit consent. Furthermore, a user who has approved the use of location information for a specific purpose should have the ability to revoke the consent at any time.
Consider restricting GPS Intermediate Driver access to trusted processes
Device manufacturers can choose to restrict GPS Intermediate Driver access to trusted processes only by using the DEVFLAGS_TRUSTEDCALLERONLY flag with the ActivateDeviceExfunction. Device manufacturers can set this flag, per device driver, using the registry.
By default any application can access the GPS Intermediate Driver. To restrict access to trusted applications only, first modify the Flagssetting under the registry key HKEY_LOCAL_MACHINE\Drivers\BuiltIn\GPSID. Next, change the Flagsregistry setting to also contain DEVFLAGS_TRUSTEDCALLERONLY for the multiplexer under the registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\GPS Intermediate Driver\Multiplexer\ActiveDevice. For more information, see GPS Intermediate Driver Multiplexer Registry Settings.
|Using the DEVFLAGS_TRUSTEDCALLERONLY flag for the GPS Intermediate Driver can make it more difficult for a malicious application to obtain location information that it might then transmit or use in other unpredictable ways. Even with the flag specified, however, a malicious application might still be able to access location information by opening the GPS hardware device driver directly. The device manufacturer can mitigate the danger by ensuring that the GPS hardware device driver is also available only to trusted applications.|
Using the DEVFLAGS_TRUSTEDCALLERONLY flag does not restrict access to files produced by the GPS Intermediate Driver. Specifically, the CurrentLogFile, OldLogFile, and MaxLogFileSizeregistry entries control files that can contain location information. For more information about these registry entries, including information that explains how to ensure that a device does not save log data to a file, see GPS Intermediate Driver General Registry Settings.
Be aware of registry settings that impact security
If a value has security implications, you will find a security note in the registry settings documentation. For more about GPS Intermediate Driver registry information, see GPS Intermediate Driver Registry Settings.