Windows 8 contacts Microsoft every time software is installed

By on August 24, 2012, 5:00 PM

Observant software hacker Nadim Kobeissi stumbled upon an interesting observation today while running a network packet analyzer under Windows 8. It appears, by default, Microsoft's latest operating system is sending information to Redmond servers each time a user installs an application. Before the hearts of our readers are aflutter with panic though, allow me to stress this point: this behavior is simple to disable.

Actually, this isn't entirely a surprise. In fact, it served as an instant reminder of this TechSpot news post in April: Windows 8 to get native SmartScreen file checking. However, Kobeissi's experimentation offers us a clearer glimpse into what precisely is going on under the hood though.

Enabled by default, Windows 8's SmartScreen feature aims to protect unwitting users from nasty malware and other unsavory files. Even if this is the first time you've heard of it though, it may still sound strikingly familiar. That's because the technology was originally introduced with Internet Explorer 8 as an extension of IE7's phishing filter. In IE9, SmartScreen gained Application Reputation, a set of algorithms used to analyze the trustworthiness of downloads via digital signatures, heuristics and information collected by Microsoft. This appears to be the foundation of Windows 8's implementation.

In order for SmartScreen to work, the technology relies on Microsoft's proprietary, centralized database of software trustworthiness. That's where security and privacy advocates become a little uneasy -- Microsoft collects information about user-driven download activities which in turn, are used to power this database. 

Kobeissi believes the data sent by Windows 8 includes the application's hash value, it's obfuscated file name and the computer's IP address. Although the data is encrypted, Kobeissi voices his concern that SSLv2 is relatively insecure, potentially leaving installation data and identities of users open to hackers.

If the thought of Microsoft collecting information about your downloads keeps you awake at night, consider this: Google also runs their own SmartScreen-like technology called Safe Browsing. The Safe Browsing API isn't limited to just Chrome though, its open to many developers. Most notably, it is employed by at least two other major browsers: Firefox and Safari. Of course, Microsoft is taking this a step further now, integrating SmartScreen into Windows and not just your Internet Browser.

Ultimately though, SmartScreen has proven itself to be fairly effective in protecting users from malicious sites and files. A cost-benefit analysis of the technology is unlikely to weigh on the minds of most users, but for the average consumer, SmartScreen may actually prove to be a worthwhile addition to Windows 8. Skeptics and cynics though, will likely want to leave SmartScreen disabled.




User Comments: 24

Got something to say? Post a comment
1 person liked this | ReederOnTheRun ReederOnTheRun said:

Ok, from the title I was a little freaked out, but it's not that bad.

Guest said:

To disable Saferbrowsing in Firefox (improves performance):

type in "about :config" in the url bar and hit enter

search for "safe" and disable "browser.safebrowsing.malware.enabled" & "browser.safebrowsing.enabled"

;)

Darth Shiv Darth Shiv said:

One of the major issues with this though is they have the ability to disable stuff that is not malware.

E.g. one of the reasons I stopped using a particular virus scanner was that it blocked me using AngryIPScanner which I used to determine points of failure for firewalled packets from servers I was running. They blocked it as it was a "hacking tool" which is pretty ridiculous as it has legitimate uses which I was performing. It's like banning knives because they can be used to kill people.

EEatGDL said:

I personally enabled it myself (just installed it from MSDN with a full key of Pro), I usually enable feedback in AV software or security-related OS' options/software for improving security, heuristics and whatever they need to make better SW. I mean, I have nothing to hide, I'm not concerned in that aspect of privacy.

Guest said:

Why does it surprise anyone that microsoft is snooping into your computers without asking. Is everyone so new to computers and microsoft that they don't know about the big internet scandal around 1999, when some programmers discovered two back doors in one of the files that are necessary for windows to work. The file is in every copy of windows from 98SE forward. A back door is an entry point programmers include in a new program, enabling them to enter and fix a program that has malfunctioned. They are supposed to be removed before retail sale of the program. One of the back doors found led back to microsoft. The second back door was traced to the national security agency. The name of the file is "advapi32.dll", and windows will not run without it.

Microsoft is using an old magic trick on the public. Getting the public to focus attention on what they're doing with this hand, so nobody will notice what they're doing with the other hand

3DCGMODELER 3DCGMODELER said:

Why does it surprise anyone that microsoft is snooping into your computers without asking. Is everyone so new to computers and microsoft that they don't know about the big internet scandal around 1999, when some programmers discovered two back doors in one of the files that are necessary for windows to work. The file is in every copy of windows from 98SE forward. A back door is an entry point programmers include in a new program, enabling them to enter and fix a program that has malfunctioned. They are supposed to be removed before retail sale of the program. One of the back doors found led back to microsoft. The second back door was traced to the national security agency. The name of the file is "advapi32.dll", and windows will not run without it.

Microsoft is using an old magic trick on the public. Getting the public to focus attention on what they're doing with this hand, so nobody will notice what they're doing with the other hand

I remember all that. haha.. cool..

Mr Zea Mr Zea said:

Why is anyone bothered? privacy hasn't existed for a long, long time. and to be honest, unless your doing something illegal, does it really matter? I mean, everyone is painting this picture of them going through your files and reading your e-mails, but lets be honest, this is a security measure? is it not? I couldn't care less if they had full unconditional access to everything, because even if they didn't they could quite easily find a way in. and if you had very confidential information, it shouldn't be anywhere an internet connection!

abysal abysal said:

No thanks, I don't need my computer behaving like my phone. I'll stick with 7 for now.

RH00D RH00D said:

Why is anyone bothered? privacy hasn't existed for a long, long time. and to be honest, unless your doing something illegal, does it really matter? I mean, everyone is painting this picture of them going through your files and reading your e-mails, but lets be honest, this is a security measure? is it not? I couldn't care less if they had full unconditional access to everything, because even if they didn't they could quite easily find a way in. and if you had very confidential information, it shouldn't be anywhere an internet connection!

Would you live in a glass house so everyone can see exactly what you're doing in your home 24/7? Would you be cool with people seeing you naked or having sex? Most likely not. It's not that people have anything to hide, it's that a lot of people just don't like being watched or monitored all the time.

1 person liked this | Guest said:

OK, let's be honest. Microsoft has a long history of underhanded business tactics, to gain the upper hand over it's competitors. Are those honest people doing dishonest things, or dishonest people doing what they do best. I don't have to be doing anything dishonest to demand my rights to privacy. If you trust dishonest people having access to your computer, that's your choice. If I make the choice to not let the world have access to my personal files, why does that mean that I'm doing something illegal. If microsoft felt they were doing a favor to the public by accessing their private files, why would they hide that access deep in one of their system files, and not provide a switch to turn it off if the individual decided they didn't want to share their files. Why would that file be designed to run during system shudtdown. If your computer has ever taken longer than normal to shut down, chances are, somebody was in your computer, looking for, only God knows what. Doesn't that creep you out. I feel violated knowing that, not because I'm hiding anything, but because I didn't give my permission for anyone to do that. The same violation I would feel if I wass getting undressed, and noticed somebody peeping at me through a hole in the wall. I'm not doing anything illegal by getting undressed, but my rights to privacy are being violated because nobody asked me if it was ok to peep thru a hole in the wall at me. That is the exact violation of privacy that microsoft is committing every time they snoop where they're not invited. And you think that's an acceptable public behaviour. The authorities put people in prison for hacking into large corporations data files. But, if a large corporation hacks into the publics private home computers, thats not a crime because executives of large companies are all honest. Okay, you keep thinking that........

1 person liked this | Uvindu said:

@abysal

The article really clearly states that it is easy to disable: "Before the hearts of our readers are aflutter with panic though, allow me to stress this point: this behavior is simple to disable."

It seems to me that everybody on these tech sites are looking for the slightest excuse possible to tell everyone that they'll be sticking to windows 7. Even if it is something which doesn't hinder ur day-to-day use, like changing the logo, they'll still tell u, "I don't like the new logo, so I'm sticking to Windows 7". I think it's absurd. The worst is people complaining without even trying it out...

I, personally, am happy with Windows 8

Mr Zea Mr Zea said:

Why is anyone bothered? privacy hasn't existed for a long, long time. and to be honest, unless your doing something illegal, does it really matter? I mean, everyone is painting this picture of them going through your files and reading your e-mails, but lets be honest, this is a security measure? is it not? I couldn't care less if they had full unconditional access to everything, because even if they didn't they could quite easily find a way in. and if you had very confidential information, it shouldn't be anywhere an internet connection!

Would you live in a glass house so everyone can see exactly what you're doing in your home 24/7? Would you be cool with people seeing you naked or having sex? Most likely not. It's not that people have anything to hide, it's that a lot of people just don't like being watched or monitored all the time.

You actually make my point better than I did :) the internet is not your home, its public domain, so yes, I wouldn't walk around naked in the park or have sex down the street where, if you look around, we are monitored 24/7. And that is for our protection. Your home is private, without internet connection.

RH00D RH00D said:

You actually make my point better than I did the internet is not your home, its public domain, so yes, I wouldn't walk around naked in the park or have sex down the street where, if you look around, we are monitored 24/7. And that is for our protection. Your home is private, without internet connection.

The files on my hard drive are not on the Internet and are in fact located in my home. They are not in public. It's like the previous poster said, it's like someone peeping through your bedroom window while you are getting undressed. You're not in public, although you may be able to be seen from a public location. Just because my files can be "seen" from the Internet/public doesn't mean my files are in public view or on the Internet.

Mr Zea Mr Zea said:

The files on my hard drive are not on the Internet and are in fact located in my home. They are not in public. It's like the previous poster said, it's like someone peeping through your bedroom window while you are getting undressed. You're not in public, although you may be able to be seen from a public location. Just because my files can be "seen" from the Internet/public doesn't mean my files are in public view or on the Internet.[/quote

Fair point, I'm personally still not too bothered... Yet :)

Guest said:

"They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety" - Benjamin Franklin

teribithia said:

I just think this: I just download the update from a usb driver, and then install them with out internet , how to contact microsoft?

cliffordcooley cliffordcooley, TechSpot Paladin, said:

I just think this: I just download the update from a usb driver, and then install them with out internet , how to contact microsoft?

Good luck with that, have you ever heard of "Notify when an Internet connection has been established"?

1 person liked this | tipstir tipstir, TS Ambassador, said:

You can disable those features if you want. The way MS has Windows 8 setup now they know what you install and etc. That feature wasn't in 7 so why just stop there. They can take the info and then know what to push at you. Too much tracking in OS a outgoing firewall control app will kill that issue.

Guest said:

You ned to rename the topic title. If Microsoft is involved in the story, the title always is meant to be negative. Why dont you add "But can be disabled"?

And, this is not default. This happens only if user opts for it while installing Windows 8. By default this is turned off.

Pan Wah said:

I thought that Windows had "phoned home" during installation for years (assuming the activation process connects you to MS?)

Guest said:

Interstingly the Mac's have a system thank ranks downloads and gives apps a saftey ranking and yet function needs to be disabled or bipassed to install programs such as open office. To think that its not going to be used to get people to think twice about using certain freeware software like Apple have used simlar labeling is intersting. As we all know how Microsoft allways looks after the consumer rather then its own profits.

I also agree with coments both sides have made that the internet is not that private place, however the home computer should be private for non-internet activity. In away though why should it worry me if they build up a profile about the kinda hardware set ups people use why not software as well?

In the long term its likely to be a move to stop pirates. Protect Micro$ofts profits and can you blame them for wanting to do this. In the end people are likely to make the move across to linux or Mac for office usage and to Game consoles like the PS3 for gaming if this continues.

Was installing soem windows upades and noticed some intersting terms and conditions even in windows 7 while updating. In the end its going to be interesting to see how things end up heading and long term wise home machine run apps will even be how things run in the future. In the future it could very well be a matter of cloud based hosts running all sorts of terminal inputs. It would have the advantage of being able to acess content of personal accounts and software from allmost any system in the world via web interface. Could run all sorts of encrytion over the set up. Attractive in ways but has its own risks.

Personaly I think the solution will be dual boot system before long, with getting a cheap microsoft 8 upgrade while they are still dirt cheap. Microsoft are wanting people to lead down the direction of windows 8 yet its not fully thought out. Get rid of start menu is not the end of the world though to have to switch screens to open and change programs would be annoying if required all the time. If you remove start you need some sort of quick menu like for example the Mac os with docking bay.

Microsoft have taken a punt on trying to intergrate things better, yet they have failed to see the biger picture. It will in the future come down to how I can use my tablet as part of my pc, as a touch input when at home, and wanting to do photography editing for example. Maybe a Ipad for tools and another for naviagation. While the computer and does the bulk of the processing load. How can I control a Media center from my tablet. Run complex web pages via my desktop to my tablet so I don't waiste resources on running flash. They took the punt that people are likely to be working on one system, rather then how can we better intergrate the tecknology to have them work along side each other.

1 person liked this | SNGX1275 SNGX1275, TS Forces Special, said:

^ I originally had a much harsher response, but I edited myself before hitting the reply button.

This is an old thread, you bumped it from over 4 months ago. The first part of what you posted seems to be a quote, but you didn't use the quote button and I'm not going to go back a page of 20 posts just to find out if you did. Then you seem to form some type of a reply to that post? or maybe you were just continuing to ramble. Your poor grammar and incorrect word usage made it difficult to follow what you were doing. I'm still not sure what I read, but I don't think I agree with much of anything in it.

dcnc123 dcnc123 said:

Ok, from the title I was a little freaked out, but it's not that bad.

haha same with me here..

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.