Microsoft does some really nice work sometimes. The half-assed Smart Screen filter is not one of those nice pieces of work. It is shit. I’ve posted about this before, but there have been no changes to this filter over the last few years and it still has some major problems.

Problem 1

The messages that are shown to the user don’t show them that they can run your software. The messages instead tell them that they are being protected from malware, EVEN IF YOUR SOFTWARE IS NOT MALWARE. Users must ask for more information to get to the proper point where they can then click a button and run the software. I think that a class-action lawsuit on behalf of all small developers would be in order. MS telling users that the software is malware when it is not seems like libel or slander.

Problem 2

Renewing a code signing certificate isn’t really renewing it at all. It’s just a way to buy a new different certificate. After renewal, the Smart Screen filter again tells users that my software is malware. This is even more offensive to me because I specifically paid for the privilege of being more efficiently tracked by the Smart Screen filter, and my tracking information is no longer meaningful. They didn’t track me, my software, or my reputation; they tracked only that one now-obsolete code signing certificate.

It took months to get enough downloads to be trusted before. now my poor users are stuck with Smart Screen filter hell again.