Announcement

Collapse
No announcement yet.

Microsoft in Win8 spies every app you install by default

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Microsoft in Win8 spies every app you install by default

    http://log.nadim.cc/?p=78

    Windows 8 has a new featured called Windows SmartScreen, which is turned on by default. Windows SmartScreen’s purpose is to “screen” every single application you try to install from the Internet in order to inform you whether it’s safe to proceed with installing it or not. Here’s how SmartScreen works:

    You download any application from the Internet. Say, the Tor Browser Bundle.

    You open the installer. Windows SmartScreen gathers some identifying information about your application, and sends the data to Microsoft.

    If Microsoft replies saying that the application is not signed with a proper certificate, the user gets an error that looks something like this.

    There are a few serious problems here. The big problem is that Windows 8 is configured to immediately tell Microsoft about every app you download and install.
    How about some coverage, eh Michael?

  • #2
    Originally posted by curaga View Post
    http://log.nadim.cc/?p=78



    How about some coverage, eh Michael?
    There is a little too much paranoia about this. One is presented an option to opt out if they wish (which like anything else, personally, I feel should be made opt in). The intent of this is to stop people from downloading applications that may do some harm to their system. This is not really any different then openDNS warning you about sites that have been reported as malicious. Heck even some linux distributions install other data gathering applications like smolt by default or default to google as a search engine.

    It's making a mountain out of a molehill.

    Comment


    • #3
      Nope, it's in no way comparable to the Debian or Fedora surveys, because those are opt-in.

      It is comparable to Chrome, whose snooping is opt-out too, that is, both of them spy on you by default.


      But this is MS we're talking about. What is to say that all the "disable SmartScreen" toggle does it enable encryption for those transmissions?

      Comment


      • #4
        That is, the goal of Microsoft here is very likely to gain full info on every app you install. The fact that it also allows for server-side malware checks is just a convenient cherry on top.

        Comment


        • #5
          Originally posted by curaga View Post
          That is, the goal of Microsoft here is very likely to gain full info on every app you install. The fact that it also allows for server-side malware checks is just a convenient cherry on top.
          OK what ever you say Henny Penny.

          Proof to back up your statements or you are completely spreading 100% FUD.

          BTW, if they had a sinister plan they could go through one of the many mechanisms that they have had in place for years such as error reporting and system updates. They have no need to devise another way to get that data.
          Last edited by deanjo; 08-26-2012, 06:14 PM.

          Comment


          • #6
            Then explain why they need any of the data such as app name. For malware checks all they need is a hash of the executable.

            And even that should be done locally, against local databases. Whoops, they do, it's called Windows Defender, with automatically updated databases. Then what excuse could they have for server side checks, assuming they had done it properly and sent only the hash?

            Comment


            • #7
              Originally posted by curaga View Post
              Then explain why they need any of the data such as app name. For malware checks all they need is a hash of the executable.

              And even that should be done locally, against local databases.
              OK Henny Penny, first of all hash checks alone are not the only thing needed to provide proper protection especially since hashes can be replicated and clashes do occur. Also local databases are not always up to date.

              Whoops, they do, it's called Windows Defender, with automatically updated databases. Then what excuse could they have for server side checks, assuming they had done it properly and sent only the hash?
              First of all, not everybody uses Windows Defender. If MS made it mandatory and installed by default, guess what, we have the EU screaming bundling practices again. Secondly, if the updates are behind malware will usually make it impossible to update those profiles. Malware has been disabling various malware scanners and removers for years. By checking against an up to date database of a remote server it allows people/sysadmins to still use their favorite AV solution and lets them update it however they want but still provide the end user with up to date realtime protection.

              Comment


              • #8
                Originally posted by deanjo View Post
                Malware has been disabling various malware scanners and removers for years. By checking against an up to date database of a remote server it allows people/sysadmins to still use their favorite AV solution and lets them update it however they want but still provide the end user with up to date realtime protection.
                Your argument works against itself. What says that malware couldn't also disable smartscreen?

                Comment


                • #9
                  Originally posted by curaga View Post
                  Your argument works against itself. What says that malware couldn't also disable smartscreen?
                  The check is done pre installation. While malware has a simple time of disabling out of date local solutions it is harder to disable an up to date database which an online one would be.

                  It's the same idea as virus checking on an email server.

                  Comment


                  • #10
                    Use some imagination. Cut their net connection / spoof their DNS / remotely disable smartscreen via either a backdoor or some no-install-required exploit...

                    But yes, for a run-of-the-mill annakournikova.exe, that way of scanning can be effective. This has nothing to do with them gathering

                    a) too much data
                    b) data without explicit consent, ie opt-in

                    Both of which alone make them evil, them together multiplying each other.

                    Comment

                    Working...
                    X