Thoughts on the Windows SmartScreen scare

Important update: My original post failed to address the data in FName and as a result, was slanted towards Microsoft. I have since then, however, re-evaluated the issue and edited the article as such. The original content has been left intact/scratched out for full transparency. This is the first time I've ever hit publish on data I haven't fully checked and I'm extremely disappointed with myself. Sorry I let you down.

So a tinkerer by the name of Nadim Kobeissi wrote a scare piece today, proclaiming Windows SmartScreen was reporting back information about every application you download and install on your machine. Kobeissi, oddly, failed to actually show what this data looked like. So here's what the fuss is about:

<Rq V="1.2">
  <RqT>0</RqT>
  <App>
    <FName>U2FtZUdhbWUuZXhl</FName>
    <FHash>d3ff5939726c9f8fa6e514fb65eb470a1f9ec7a65b2706732
a03749226c2520</FHash>
    <Sig>0</Sig>
    <Sz>45056</Sz>
    <M>1</M>
    <SR>100</SR>
  </App>
  <ID>0F98AD9C-D498-42B3-B421-E6C97A8E61E7</ID>
  <G>B68802CA-B396-4773-8FD9-EEECA4DE65D9</G>
  <L>ZW4tVVM=</L>
  <OS>6.2.9200.0.0</OS>
  <I>OS4xMC45MjAwLjE2Mzg0</I>
  <C>10.00.9200.16384</C>
  <DJ>2</DJ>
</Rq>

The only interesting part here is the data contained in the FHash element. This data represents a SHA-256 hash of the exectuable content (not filename) you ran on your PC. (In this case, I just downloaded and ran a random XNA-based game from Codeplex.)

The interesting nuggets of data here are contained in the FName and FHash elements.

FName contains a base64 encoded representation of the executable file name you downloaded and ran on your PC. In this case, I downloaded and ran a random XNA-based game from Codeplex with a name of SameGame.exe. If you run that through a base-64 encoder, you end up with U2FtZUdhbWUuZXhl.

FHash represents a SHA-256 hash of the executable contents, to eliminate file name-based false positives (think of a game named virus.exe).

So could Microsoft track everything you download and use? No. Yes. But will they? Unlikely.

Microsoft doesn't have hashes of every piece of software out there to match against, nor do Windows SmartScreen users send in enough data (like filenames) to build such a database dynamically. Assuming they retained IP data -- which I seriously doubt they do -- they could possibly determine what types of malware you almost ran. But who cares? It just saved your ass at that point.

Armed with file names, Microsoft could -- in theory -- be building a database matching IP addresses to files downloaded/run, but let's be real -- it's Microsoft. This is the same company that's scared to fart in fear of litigation. (They won't even defend their Metro design language naming for crying out loud.) I expect Microsoft to respond with a statement about how this data is anonymized internally. And if that doesn't relieve the pressure, I expect an update to remove the file name reporting aspect of the service, given malware often mutates and changes file names.

But look, you have the power of choice. You can turn off Windows SmartScreen via Action Center -> Change Windows SmartScreen settings, and subsequently turn off annoying Action Center warnings by clicking Turn off messages about Windows SmartScreen in the same window.

Windows 8 Secrets, Beyond the Book: Guide to Product Editions

In the book Windows 8 Secrets, we provide a handy series of tables explaining the major differences between the Windows 8 product editions, which include Windows 8 (Core), Windows 8 Pro, Windows 8 Enterprise, and Windows RT. Here, however, we present a far more complete feature breakdown than you’ll see anywhere else. Pre-order Windows 8 Secrets today on Amazon.com and save!

As a reminder, Microsoft first provided a feature breakdown for the various Window 8 product editions back in April, in a post titled Announcing the Windows 8 Editions. As with similar Microsoft-produced tables for previous Windows versions, however, this this breakdown is woefully inadequate. So in Windows 8 Secrets, we provide a more detailed set of tables based on functional areas such as hardware capabilities, upgrade capabilities, Metro features, desktop features, and so on.

In the book, we were somewhat constrained in the book by space reasons and by the needs of the target audience. But we know that some readers are interested in the most comprehensive possible breakdown of features that are included in each product edition. And while the following is not technically complete—a full features breakdown would be mind-numbingly complex and arguably pointless—what you see here is an exclusive deeper dive than you’ll see anywhere else.

Our goal, of course, is to keep this table as accurate as possible. If you notice any mistakes or missing features, please let us know: Paul ThurrottRafael Rivera

This post was cross-posted at Paul Thurrott's SuperSite for Windows.

Windows 8 Secrets: Skype App for Windows 8

With tech enthusiast web sites from around the world continuing to leak Windows 8 information, your intrepid “Windows 8 Secrets” co-authors offer a bit of color commentary about what you’re seeing elsewhere and how things will really work. In this new co-post, we look briefly at the Metro style Skype app for Windows 8, which should ship in time for the OS’s general availability in late October. Pre-order Windows 8 Secrets today on Amazon.com and save!

It’s obviously not surprising that Microsoft would be working on a Skype app for Windows 8, given that the software giant purchased Skype last year for $8.5 billion. (Skype is also being integrated into other core Microsoft products, including Office 2013, Outlook.com, and the Xbox 360, among others.)

Neowin recently leaked news of the Skype app for Windows 8. And even in this incomplete, slightly broken first version, called an App Preview, you can see where Microsoft/Skype is headed.

The initial view, or landing page, is a full-screen experience that provides columns for recent calls, favorites, and people.

There’s also a link with your Skype name and profile message in the upper right. If you tap this, a pane expands to show your status (available, by default) and a link to account information. (Tap that and you’re off to the web.)

Tap the large Call button on the landing page, and you’ll find another full-screen experience where you can call or text an arbitrary phone number, access your current payment and balance info, and view your recent calls history.

If you have more contacts that will fit on the landing page, you can view the All People screen to see everyone. As with elsewhere in this app, available contacts will have a green presence indicator and those with customized profile pictures will display that instead of a generic icon.

When you view an individual contact’s screen, you’ll see their profile picture (if any), large green buttons for video and audio calls, availability, a reminder about that contact’s location and local time, and buttons and fields for entering a text message or contacting them via SMS on their mobile phone. (You can also add a contact to your favorites list by displaying the app bar here and choosing Favorite.)

While Skype for Windows 8 will eventually offer a snap interface so you can use this app side-by-side with other apps or the desktop, that view is currently non-functional.

In an actual video call, Skype works as expected. The video is of course full screen, and you can toggle the microphone, the web camera, and pane for exchanging text chat.

Skype does utilize standard, Windows 8-style notifications, and can run in the background. So you can be alerted when a call comes in no matter what you’re doing.

In fact, Skype is one of the few apps that can work with the detailed display status option on the lock screen. (You can also use Skype in one of your seven lock screen app slots.)

That said, Skype doesn’t (yet?) integrate with some other Windows 8 features such as the Share and Search contracts.

The most curious thing about the App Preview version of the Skype app is that it’s so incomplete. Despite references to an app bar, there is no such user interface element on any of its screens except for those that display individual contacts. And a Settings interface is conspicuously absent too. Presumably both of these issues will be fixed before release.

Have you seen any other Windows 8 leaks you’d like to know more about? Drop us a line and let us know!

– Rafael Rivera and Paul Thurrott

More signs pointing at Windows 8 on next-gen Xbox?

Over the weekend, an alleged next-generation Xbox development kit posed for photographs and sold itself on eBay. Most of the shots were dull and boring but one included a peek at an old build of Visual Studio 2012 with Durango tools wired up. Worth noting was:

  1. The presence of Package.appxmanifest in the solution.
  2. The use of the Windows::ApplicationModel::Core::CoreApplication::Exit() method.

Assuming the shot is real, these nuggets lend more credibility to the rumor that the next-gen Xbox will be powered by a SKU of Windows 8 and that apps will be written to the tune of the Windows Runtime API -- maybe even exclusively, scrapping Win32 access altogether. Interesting stuff.

Hat tip to Windows Blog Italia who wrote about references to Xbox in the Windows 8 kernel a year ago.