The SmartScreen Filter is a new technology in the Windows 8 operating system that is protecting users from installing unsigned applications, malicious programs or click on links that lead to known phishing websites. This works with hash values that the program creates on the local system. These hashes are then send to Microsoft where they are checked against a database before a result is returned to the local PC.
Earlier today Nadim Kobeissi revealed that Microsoft's SmartScreen Filter was informing Microsoft about every software installation on the system. The issues that he identified with the process are listed below:
The first point he makes should be obvious as the product is designed this way. The local PC communicates with the server to retrieve the information needed to either display the warning message on the screen or not. While Microsoft could record the hashes and assign IP addresses to them, there is no proof that Microsoft does that.
The second point is only true if the communication uses an insecure protocol. Nadim found the web server to support insecure SSLv2 connections, but did not provide proof that SmartScreen Filter was using SSLv2 when communicating with the server.
Lastly, he pointed out that users were not given an option about SmartScreen Filter in first place. While that is true for users who select the Express Setup option during installation, it is not true for users who select Customize here. Under Settings, there is an option to turn SmartFillter off for Internet Explorer or Windows apps and files.
Do not get me wrong. Some of the points that he is making need some explaining from Microsoft so that you and I understand exactly how data is transferred and if data is stored by Microsoft. For now, it is a too sensationalist and without proof that this is really a privacy issue.
If you do not want to take any risks, disable SmartScreen Filter to stay on the safe side.
Update: Microsoft responded to the claims and confirmed that the insecure protocol is not used to transfer the data. The company furthermore noted that it does not use the data to identify, contact or target advertising to its users, and that the data is not shared with third parties.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.