Let us say you are an independent developer and it is time to publish your app to the world. To make it easier, you build an installer and start distributing it. A courageous early adopter downloads and runs it, only to be greeted by this strongly worded warning:[…]
Indeed, in today’s Windows environment, Microsoft actively blocks binaries from running; thanks to “SmartScreen”.
This article details some of the problems with SmartSCreen, which in theory could be an important and useful technology.
This isn’t just SmartScreen. This also happened with Symantec AntiVirus (and Panda, and probably others). Every year we updated some software with new insights and (tax) laws and then distrubuted that to our clients customers. Even when we used digital signatures we would get blocked by the scanners the first few days as “possible malware”. Eventually we just started to submit our software to whitelists like https://submit.symantec.com/whitelist/, wait a few days and then release the software. This slowed us down a little bit but was the most practical approach. It absolutely beat having to explain to our customers why we were “sending them virusses”
The only reason we got flagged as “possible malware” was because we had < 5 people with this version of the software installed running Symantec. Once Symantec has confirmation of 5 machines it automatically whitelisted that version of the software.
This is not me, but it might as well have been: https://community.broadcom.com/symantecenterprise/communities/community-home/digestviewer/viewthread?MessageKey=3a21862d-e740-4092-850e-6f20680474ad&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=digestviewer#bm3a21862d-e740-4092-850e-6f20680474ad
We were never bothered by SmartScreen actually. Maybe because we run it on enough machines during development that we already reach the “safety” threshold 😉