>The existing drivers are compatible with Win11 and haven't been blocked by Microsoft yet... The large majority of changes by Microsoft are limited to restricting the Windows API with signature checks that block competitors software (e.g. CreateWindowInBand, NtQuerySystemInformation, NtQueryInformationProcess to name a few) rather than directly targeting the drivers themselves.
>The signature checks added to those functions and classes only block third-parties and this includes signed binaries. We won't be able to implement the same functionality as Task Manager and Process Explorer because of those Microsoft-only signature checks even after we sort out the submission issue.
>Always-on-top, Auto-elevation, DPS statistics, Default taskmgr application preferences (Microsoft hardcoded taskmgr.exe blocking competitors), GPU statistics (deliberately broken on Win10 and Win11 recently) and the DirectUI framework are some examples of features that I want to implement and are currently implemented by Task Manager but are Microsoft-only signature restricted while newer more advanced security like PPL that we desperately need are also Microsoft-only signature restricted.
>The only certificate allowed to use these and other functionality is now limited to Microsoft Windows certificates - the same certificates used with Task Manager and Process Explorer - while SAC has even more powerful functionality than anything else (including Process Hacker) with absolutely no security whatsoever.
So, basically, for some reason, Microsoft wants to make it very hard for you to see whats running on your computer...
It was disallowed for other Microsoft products to call undocumented APIs. Anything called by Office/Azure/whatever needs to be a publicly documented API, and there are automatic checks in all Microsoft codebases to confirm that no undocumented APIs are called.
Windows components, of course, aren't subject to any such rules. There have always been and always will be interfaces necessary for Windows to call itself that the company has no interest in supporting in a backwards-compatible way and publicly documenting. An example is pinning applications to the taskbar: Windows needs to be able to do it, but if it was a public API every app would do it and the experience would be ruined.
Of course, Chrome eventually figured out a way to bypass and do it (I believe using accessibility hooks to simulate user input? I forget the details), at which point the arms race escalated from there - the Windows team added new protections in that area - but I haven't worked in that area in a long time and don't follow it in detail.
I was on a Microsoft page a few days ago reading about some of the Microsoft Store APIs and they were all marked with big warnings that claimed they could only be accessed by apps with special entitlements (so, basically signed versions of winget). Seemed really icky to me.
I don't think "Process Hacker" is a tool that has zero other alternatives. As a former systems dev, I find that very hard to believe. Sorry, I didn't understand what point you were making though.
>The existing drivers are compatible with Win11 and haven't been blocked by Microsoft yet... The large majority of changes by Microsoft are limited to restricting the Windows API with signature checks that block competitors software (e.g. CreateWindowInBand, NtQuerySystemInformation, NtQueryInformationProcess to name a few) rather than directly targeting the drivers themselves.
>The signature checks added to those functions and classes only block third-parties and this includes signed binaries. We won't be able to implement the same functionality as Task Manager and Process Explorer because of those Microsoft-only signature checks even after we sort out the submission issue.
>Always-on-top, Auto-elevation, DPS statistics, Default taskmgr application preferences (Microsoft hardcoded taskmgr.exe blocking competitors), GPU statistics (deliberately broken on Win10 and Win11 recently) and the DirectUI framework are some examples of features that I want to implement and are currently implemented by Task Manager but are Microsoft-only signature restricted while newer more advanced security like PPL that we desperately need are also Microsoft-only signature restricted.
>The only certificate allowed to use these and other functionality is now limited to Microsoft Windows certificates - the same certificates used with Task Manager and Process Explorer - while SAC has even more powerful functionality than anything else (including Process Hacker) with absolutely no security whatsoever.
So, basically, for some reason, Microsoft wants to make it very hard for you to see whats running on your computer...