Windows Smartscreen Incorrect Detection Algorithm
If you are using Internet Explorer or Microsoft Edge you have already seen this “Windows Defender Smartscreen” nonsense warning message many times.
How Does Windows Smartscreen Detect Malicious Files?
This message is based on absolutely no meaningful data. That is confirmed by a quote from Microsoft’s web site:
SmartScreen checks files that you download from the web against a list of reported malicious software sites and programs known to be unsafe. If it finds a match, SmartScreen will warn you that the download has been blocked for your safety. SmartScreen also checks the files that you download against a list of files that are well known and downloaded by many people who use Internet Explorer. If the file that you’re downloading isn’t on that list, SmartScreen will warn you. (Source of this quote: https://support.microsoft.com/en-us/help/17443/microsoft-edge-smartscreen-faq)
As you can understand this makes absolutely NO SENSE as people who use EDGE and Internet Explorer are just 4% so it can not be “downloaded by many people who use Internet Explorer” – see the usage shares of all browsers as of 13.02.2020 as listed on Wikipedia:
So if we release a new version, Microsoft will display that warning until ALL our users download that version as most likely even fewer than 4% of them are using IE or EDGE. So it turns out that such a message is there just to scare users. We will clarify that in detail as there is a very good reason for Microsoft to do that.
Why Windows Smartscreen Displays Red Warning Messages?
Microsoft and the so-called “antivirus” vendors are working in partnership with companies that issue code signing certificates. Those certificates cost thousands of dollars yearly. Like that was not enough, they recently introduced a new type of EV certificates that even cost tens of thousands of dollars yearly.
So the software vendors are pushed to pay those subscriptions in order to get rid of such warnings. In a very obvious translation – “Pay the ransom or we will scare your users”. That is not something that we like nor approve. That is something that can only harm the Internet and the IT world. Though we can decide to pay that “ransom” what will happen with the developers that create free tools or the open-source organizations that can not afford to pay such fees? It is clear – they will be “killed” as their users will be scared with such nonsense warnings. We do not approve such a monopoly and we do not intend to sponsor it. We have already covered a similar topic in our Worst Antivirus Tools article.
How To Test A File For Malicious Content Without Downloading It?
If you have doubts, you can upload or paste a link to a file at VIRUSTOTAL DOT COM to scan it. It will scan a file with 60+ antivirus tools simultaneously. You do not even need to download the file – just copy its download URL. Of course, there are poor tools that may report false positives (incorrect detection as a threat) there too. Nevertheless, if you see that 65 out of 67 antivirus tools report a file as SAFE you can be sure that it is.
How To Disable Windows Smartscreen?
The best thing to do is to stop using IE or EDGE completely. 96% of the world can not be wrong that those browsers are not good. You can also disable Windows Smart Screen as it is useless or just ignore its nonsense as displayed below.
To turn SmartScreen on or off in the new Microsoft Edge:
Select Settings and more > Settings > Privacy & services .
Scroll down to Services, and turn Microsoft Defender SmartScreen on or off.
How To Override Windows Smartscreen Warnings?
If you insist on using them (IE and EDGE), once you save your file, click on “Actions” then “More options” and choose “Run anyway” – see the screenshots below.
We will be glad to hear your opinion. Should software vendors and independent open-source organizations pay a form of “ransom” to get rid of scary messages in Microsoft Windows and “Antivirus” applications?