Cando Data

Better than it needs to be




Download Datacake


Notes on downloading software.


New SmartScreen application reputation in Internet explorer 9.


When Microsoft released IE 9 their most important consideration was end user trust and confidence when working with downloads. In IE9 Microsoft has introduced the SmartScreen application reputation service to improve download protection for Internet users. This feature works together with the new smartscreen anti-malware service.


What is SmartScreen application reputation?


In the course of daily browsing, many consumers see warnings that say "This type of file may harm your computer" when downloading files. This warning may be accurate in some sense, but it is not helpful or relevant for the vast majority of Internet downloads. Most consumers are accustomed to just ignoring this warning since it is shown when downloading almost any file from the web. With IE9 Microsoft has looked at ways to improve malware protection. The primary goals of this approach is to help consumers make better trust decisions when downloading programs from the web by first showing more useful warnings and then reducing the number of generic, unhelpful warnings consumers see when downloading programs.

In analyzing software downloads actively in use on the internet today, they identified heavily downloaded programmes that have an established download footprint and no history of malware. This was the genesis of SmartScreen application reputation. By removing unnecessary warnings, the remaining warnings become relevant.


How does it work?


When you download a program using IE9 a file identifier and the publisher of the application (if digitally signed) are sent to Microsoft’s new application reputation service. If the program has an established reputation there is no warning and the file is permitted to download seamlessly. If the file is downloaded from a reported malicious site, IE9 will block the download. However, if the file does not have an established reputation because it is a specialist uncommonly downloaded programme IE will let you know in the notification bar, enabling you to make your own informed trust decision. Datacake is a specialist program for a limited market and is therefore not commonly downloaded and for this reason doesn’t have an established reputation and will rightly set off the SmartScreen application reputation warnings.



Application reputation warnings, notification bar (above) the Actions dialog (below).



Are all uncommon programs malicious?


No not all uncommon programs are malicious, but the risk in the unknown category is significantly higher for the typical user. Application reputation is intended to provide context and guidance for those who need it, especially if the warning is unexpected.

This is an opt-in service and can be easily disabled in the Tools menu, but this is not recommended.



Tina Brogan.