Nadim Kobeissi, a Canadian security researcher, has outlined some privacy concerns with Microsoft's Windows 8 SmartScreen technology this week. Kobeissi claims that Microsoft's filter technology, designed to prevent users from downloading or installing malicious software, sends data to Microsoft about each application that is installed within Windows 8. Microsoft's latest operating system is configured, by default, to send information about every app that is downloaded and installed — something that "Kobeissi" claims is a "big problem."
SmartScreen is enabled by default in Windows 8 and a switch to turn off the option results in prompts to re-enable it from Microsoft's Security Center application. Windows 8 users are provided with an option to disable SmartScreen during setup, but Kobeissi claims they are not informed of the privacy implications. "This puts Microsoft in a compromising, omniscient situation where they are capable of retaining information on the application usage of all Windows 8 users, thus posing a serious privacy concern."
We have reached out to Microsoft for comment on the claims and we'll update you accordingly.
Update: Rafael Rivera, known for reverse engineering Microsoft software, has offered his own thoughts on the potential privacy concerns. "So can Microsoft track everything you download and use? No," he says. However, the data transmitted inclues an FName element which is encrypted using Base 64 — something that's easily decodable using online tools.