Saturday, April 9, 2011

Windows 8 SmartScreen file checker - Smart feature or more 'dumb dialog box' security?

If early leaked screenshots are to be believed (and the feature survives without being canned for some reason or another) Microsoft is to bake into Windows 8 a file verification tool based on the SmartScreen Filter currently employed in Internet Explorer and Windows Live Messenger 2011. Is this a smart move or yet another of Microsoft’s attempts at protecting the end user by throwing dialog boxes at them?



Best Microsoft MCTS Certification – Microsoft MCITP Training at Certkingdom.com


Now, as a rule I’m pretty pro anything that makes the end user safer, but in this case I’m just not sure. Here’s why. It’s pretty clear that Microsoft knows that it cannot bake a fully-functional antivirus program into Windows without attracting the evil gaze of regulatory bodies all around the world. So instead of either fighting the fight (ultimately I have a hard time seeing governments ruling against something that will make everyone safer …) Microsoft is instead turning to a growing number of diverse tools and features to protect Windows users. It only works for as long as the checkbox is checked, and unless it offers tools to customize the experience, people will switch it off (didn’t Microsoft learn anything from UAC prompts?).

But there’s another, more important, reason why I don’t like the SmartScreen idea, and Long Zheng himself points it out:

Although it’s been proven highly effective to prevent socially engineered malware, it’s also subject to false positives which frustrates developers to “clear their name”.

False-positives are a huge pain in the rear but with live with them and accept them (and some people are majorly caught out by them). But the tool tells you it’s detected malware, tells you what it is (or what it thinks it is) and offers corrective action. In other words, it gives you an informed choice. SmartScreen, certainly in its current incarnation, tells you it thinks that it thinks that something is unsafe and gives you nothing more to go on to decide. And even the self-proclaimed 99% block rate still leaves a lot of latitude for false-positives and letting bad stuff through the net …

… which leads me to the next problem …

Are users meant to trust SmartScreen to protect them 99% of the time, or a separate antivirus tool that has a higher success rate and is more transparent about its findings?

I’m not saying that SmartScreen built into Windows is a bad idea, but after experiencing it in both IE and Live Messenger 2011, it’s also hard to say that it’s a good idea. If forced to describe the technology, ‘annoying’ is probably the word I would choose.

What do you think? OK for the masses or another UAC?

No comments:

Post a Comment