Tag: 贵族宝贝Harvey

Windows 8 reports every program you install but theres a darn good

first_imgWindows 8 includes a whole raft of features designed to make it the most secure Microsoft desktop OS ever. One of those features is the retooled SmartScreen, which it turns out is reporting back to Redmond with details about every piece of software you install on your computer. Coder Nadim Kobeissi blogged about the privacy and security implications he discovered while analyzing a Smart Screen intervention.To the privacy-minded, this sounds like pretty serious offense — but what’s really going on?SmartScreen is designed to be a first line of defense against malware — heading off untrusted and potentially dangerous programs before an unwary user ever gets the chance to click the install button. It’s not something that is totally new in Windows 8, either. It’s been evolving since the arrival of Internet Explorer 8, where it was introduced to check for malicious URLs on the web. In order to determine whether or not a particular file or URL is malicious, SmartScreen verifies each download against a cloud database that contains loads of user-submitted data. As of May 2011, SmartScreen had already thwarted more than 1.5 billion malware attacks — and was clocking between two and five millions blocks per day.So what gets reported back? The file name (encoded in base64) and hashed data including the executable contents and the transmitting IP address. That’s what could be used to identify every piece of software you install — which might be scary, if IP addresses were permanent and unique.They’re not, of course — the average WAN connection that isn’t used by a business is assigned a dynamic IP. At best, then, Microsoft knows where a program wound up on a specific date and time. Unless they’re also gathering something more specific like your Windows Live ID, they’d have to collaborate with your ISP to really know who is trying to install what.Windows coding ninja and blogger Rafael Rivera is right on the money when he says that Microsoft could use this data in some scary way, but it won’t. Few companies are under the microscope as often as Microsoft, and there’s not even a snowball’s chance that Redmond wants to risk an investigation or fine just to know how many people are installing uTorrent, OpenOffice, or Firefox. Beyond that, with only an IP address and file name as identifiers, the database wouldn’t be as laser-accurate as it would have to be for us to all be scared that something nefarious is going on.You can, however, disable SmartScreen quite easily if you’re genuinely concerned. Microsoft hasn’t even made it that hard to do: just head to the Action Center and shut it off, and then make sure to tell Action Center itself not to notify you about the fact that SmartScreen is no longer running.More at Within Windows and Naim Kobeissi’s bloglast_img read more