UPDATED: Windows 8 SmartScreen Raises Serious Privacy Concerns

Windows 8 has a new feature called SmartScreen, which is designed to protect your computer from malicious software in a similar way to User Account Control (UAC) in Vista and 7, but goes one further in that it contacts Microsoft at each attempted software install.

However, the way that Microsoft has implemented it raises some serious privacy concerns. In particular, “The big problem is that Windows 8 is configured to immediately tell Microsoft about every app you download and install. This is a very serious privacy problem, specifically because Microsoft is the central point of authority and data collection/retention here and therefore becomes vulnerable to being served judicial subpoenas or National Security Letters intended to monitor targeted users. This situation is exacerbated when Windows 8 is deployed in countries experiencing political turmoil or repressive political situations.”

To make matters worse, the SmartScreen server at Microsoft was initially configured to use SSL v2 which has known vulnerabilities, allowing the encrypted communication to potentially be intercepted. However, this has now been fixed, with the server now using SSL v3 instead.

Nadim Kobeissi is the developer of Cryptocat and regularly writes in his personal blog, linked to below.

UPDATE Microsoft has since countered this, saying that they do not build a historical database of program and user IP data “We can confirm that we are not building a historical database of program and user IP data. Like all online services, IP addresses are necessary to connect to our service, but we periodically delete them from our logs. As our privacy statements indicate, we take steps to protect our users’ privacy on the backend. We don’t use this data to identify, contact or target advertising to our users and we don’t share it with third parties.”

Kobeissi still believes that Microsoft could improve in this area however, since the application information is stored on Microsoft servers. He believes that a better solution would be to store that data locally on the user’s PC and update it regularly. This would eliminate the need to contact Microsoft at all, thus removing any possible leverage by powerful entities such as governments and rich copyright holders chasing users for copyright infringement.