Security researcher Nadim Kobeissi has discovered that the Windows 8 SmartScreen feature, meant to screen downloads for malicious software, actually reports the data about which applications users are installing to Microsoft. He also says that "the Microsoft server is configured to support SSLv2 which is known to be insecure and susceptible to interception."
The two main concerns are the ability of law enforcement to subpoena Microsoft for the information and of hackers to intercept user data, but how much of a risk does the filter really pose?
First, according to VentureBeat, there's a good chance that Microsoft removes identifying information like IP addresses from the information collected by SmartScreen. If this is the case, the data would be completely useless even if it was subpoenaed. Programmer Rafael Rivera says that it's possible, but unlikely, that the company is actually using this as a way to track user activity.
The problem here is that even if it isn't a huge security risk, it's still an issue that Microsoft never mentioned that the filter reports user activity. Even if the information doesn't have personal details attached to it, users deserve to know that it's being collected. There is, however, a very easy way to disable SmartScreen (built in by Microsoft).
In the Control Panel, open System and Security, then click on the Action Center. Under Windows SmartScreen, click Change Settings and you'll be given the option to disable the SmartScreen.
The bottom line is that there probably isn't a high likelihood that you'll be hacked because of this, but you do deserve to know about and choose how your information is used. So if it makes you uneasy, turn off the SmartScreen and be sure to let Microsoft know how you feel.
Will you disable your SmartScreen filter, or do you think this is all being blown out of proportion? Sound off in the comments.
Just updated your iPhone? You'll find new Apple Intelligence capabilities, sudoku puzzles, Camera Control enhancements, volume control limits, layered Voice Memo recordings, and other useful features. Find out what's new and changed on your iPhone with the iOS 18.2 update.
4 Comments
If you're paranoid about people sniffing your network traffic and are savvy enough to know what's safe to download and what's not, then sure. Turn it off. For the larger majority of people who aren't as tech savvy, you would be wise to leave SmartScreen on. It'll do wonders to help protect unsuspecting victims from phishing scams, trojans, and viruses.
Also, if your sick of your Ma calling you up to "fix her computer", make sure you turn this on for her.
In fact: If you are this paranoid, don't use windows at all.
any tech savvy person wouldn't get windows 8 anyways its a piece of crap, I did the public test thing and it is worse than the mac OS I am really disappointed in MS for putting out an operating system that is the same crap on a smartphone, the only reason people accept it on the smart phone is because of the limitations with screen size and speed but to put this as an OS for a PC is just crap, I like droid but wouldn't want that as my OS on PC. I think this OS is gonna bomb harder than vista
Share Your Thoughts