Windows 8 Smart Screen Reports Every Application you Install to Microsoft

1 Reply

Windows 8 has some of the most exciting new features to go with the Modern UI.One of the security features is the SmartScreen feature,which is useful mostly for safe browsing.

According to a Computer Security Researcher Nadim Kobeissi,the SmartScreen feature reports all the applications which you install on your Windows 8 system to Microsoft,moreover it does it in away which can be intercepted by the Hackers as well.

Basically what it does is that, the SmartScreen feature tells the users if the application which has been downloaded from the internet is safe to be installed on their PC or not.All it does is that it captures some of the information from opening up the installer,sends it to Microsoft and then Microsoft responds with the result that,if the installer has a valid certificate or not.

According to Nadim,Since this information transfer is through the outdated HTTPS protocol,it can be vulnerable to malicious hacker interceptions of the data and that they can learn the users application installation habits and make a profile for a user to find the exploits.

So it raises a security as well as a privacy concern.Users can disable the SmartScreen feature(by default it is enabled),so that you won’t be reporting your installations to Microsoft.For Microsoft it is necessary to rethink about the implementation about the feature in terms of privacy policy as well as the protocol vulnerabilities.

Source [Nadim Kobeissi Blog]

  • Whoop Whoop!

    Whoo whoo! Whoooope-de-doo-dah, I’m not sure I want Microsoft knowing all the apps I use through SSL, how about RSA 2.0? Or 256-bit encryption? Whoo!