“Stranger Danger” - Introducing SmartScreen® Application Reputation

funkydude · #1 October 13th, 2010, 08:15 PM

Quote:

When we released the IE9 beta about a month ago we talked about the importance of trust and confidence when working with downloads. Today, we are enabling the SmartScreen application reputation service to improve download protection for IE9 beta users. This feature works together with the SmartScreen anti-malware service that protects IE8 and IE9 beta users every day.

...

When you download a program in IE9 a file identifier and the publisher of the application (if digitally signed) are sent to a new application reputation service in the cloud. If the program has an established reputation there is no warning. If the file is downloaded from a reported malicious site, IE9 blocks the download, just like IE8 does. However, if the file does not have an established reputation, IE lets you know in the notification bar and download manager, enabling you to make an informed trust decision.

Source: http://blogs.msdn.com/b/ie/archive/2...eputation.aspx

#2 October 15th, 2010, 08:08 AM

IE9 Beta is leaps ahead of competition, specially when it comes to security.

dw426 · #3 October 15th, 2010, 08:13 AM

Quote:

Originally Posted by guest

IE9 Beta is leaps ahead of competition, specially when it comes to security.

Not until better script control comes along.

funkydude · #4 October 15th, 2010, 11:10 AM

Quote:

Originally Posted by dw426

Not until better script control comes along.

I don't understand, they have a monolithic amount of script control options in the security settings, just click custom level and choose from things like XSS filters and IFRAME prompts.

ExtremeGamerBR · #5 October 15th, 2010, 12:08 PM

The IE9 is really fabulous!

SmartScreen is quite good, especially now with the verification of reputation.

But even in BETA, it is safe enough to shop online?

#6 October 15th, 2010, 01:15 PM

Quote:

Originally Posted by dw426

Not until better script control comes along.

Script control is available, not as elegant as NoScript but still. What's AFAIK still missing is something like RequestPolicy.

#7 October 16th, 2010, 03:07 PM

Quote:

Originally Posted by katio

Script control is available, not as elegant as NoScript but still. What's AFAIK still missing is something like RequestPolicy.

Since version 8, IE also has this kind of protection natively, provided by its InPrivate Filtering feature (not to be confused with the inPrivate Browsing feature).

#8 October 17th, 2010, 09:52 AM

Quote:

Originally Posted by guest

Since version 8, IE also has this kind of protection natively, provided by its InPrivate Filtering feature (not to be confused with the inPrivate Browsing feature).

Thanks! I thought it was about incognito mode only...

MrBrian · #9 March 11th, 2011, 07:31 PM

From Internet Explorer 9 Security Part 2: Protection from Socially Engineered Attacks:

Quote:

* 90% of IE9 Beta and RC users were never shown a warning because they downloaded only reputable programs.
* Between 20% and 40% of downloaded files that do not have established reputation are eventually classified as malicious. These are malware downloads that have managed to bypass all existing solutions and would likely be run by users if not warned.
* 95% of previously undetected malware is deleted by users when presented with the App Rep warning.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search