Comment by meibo

4 years ago

Note that SmartScreen has an UI that lets you bypass it without having to disable it system wide, and has a sane timeout (I believe 30 seconds) after which it just pops up a dialogue box telling you that it can't check the binary, allowing you to continue.

>has a sane timeout (I believe 30 seconds)

What the hell? You have to wait 30 seconds before you can run unsigned code on Windows without calling home to Microsoft about it? How is that considered sane? (I mean, forking on windows is slow but it's not that slow.)

How do people (and corporations! Especially ones sensitive to sharing IP!) put up with this stuff?!

  • Smart screen and other measures on windows are so useless that they just encourage consumers to engage in bad security practices.

    I downloaded steam from the steam page, windows blocked it. I downloaded Chrome, windows blocked it. What's even the fucking point?

  • Only if the server doesn't respond in time, that is - if you'd wanna prevent it from happening, you could just turn it off in the first place via GPO: https://docs.microsoft.com/en-us/windows/security/threat-pro...

    I'd assume that's what most corporations do, since that's what it's there for.

    I wouldn't 100% forsake the benefits of this stuff, since it does protect normal users - defender on modern Windows installs is good software and really does its job well, while staying out of your way most of the time. I'd leave it on for my parents.

  • iirc no, there is a "More Info" button in the smart screen pop up that you can click instantly, and from there a button to run the app is available instantly.

  • well it is more insane because if you have an elevated exe that can span other exe which would trigger smartscreen the elevated exe can actually put a smartscreen filter in it. I mean what is the point in smartscreening an exe that gets spawned from an elevated exe?!

    • To prevent virus spread by confused deputies: even if you somehow get CreateProcess permission by, ex, getting a service registered, the actual malicious executable will still be blocked.

      4 replies →