M
Mike33(2)
Guest
Instilling paranoia should not be (but apparently is) a priority with Windows Defender. While Defender generally works quite well, is easy to use (actually, it demands nothing from the user), and is constantly updated, it does have a major fault - it flags everything it doesn't know with "Windows protected your PC", and "Running this app might put your PC at risk".
I am a software developer (12 years on), and why my digitally signed installers should be flagged this way irks me to no end. I might not be so upset if those involved in developing Defender (hello Michael Johnson) would put a bit more care and attention into the wording Defender uses. Firstly, it is a complete mistruth that Defender protected anyone's PC from my software, which is completely harmless and innocuous (from a Defender security standpoint), as no protection is needed. The second mistruth is that there isn't even a slight possibility that my app might put your PC at risk. So Mr. Johnson, you claim to "partner with the industry to minimize false positives", but you don't say who you partnered with, and you certainly didn't attempt to partner with me.
The two previously mentioned "red flag" warnings directly infer to the user that my software poises a security risk (i.e. is infected), yet they do so without a smidgen of evidence. Quite the contrary, while Defender recognizes my digital certificate exists, it completely ignores its significance, as though my software wasn't even signed. Oh sure, the current emphasis it to encourage every developer to purchase EV certificates (at exorbitant prices), but to what end? If current certificate authentication standards are not sufficient, make the issuers responsible for stricter verification (which of course was to exist from the get go). Submitting my software to Microsoft for validation (which it passed 100%) doesn't even phase Defender. There is apparently no publicly disclosed qualification for when Defender stops its "protection" against bona fide, signed and safe software.
So, what actions do I recommend Microsoft take on the Defender "wording" issue? Here are a few reasonable suggestions:
Use "Windows wants to protect your PC" NOT "Windows protected your PC" (let's keep things honest Microsoft)
Use "Apps from unknown or untrusted sources might put your PC at risk" NOT " Running this app might put your PC at risk"
Use "More info and options" NOT "More info" which in no way indicates that the option to "Run anyway" (again, a poor choice of words) even exists.
Microsoft, your current phrasing is not cast in stone, it can be changed, and for the better.
More...
I am a software developer (12 years on), and why my digitally signed installers should be flagged this way irks me to no end. I might not be so upset if those involved in developing Defender (hello Michael Johnson) would put a bit more care and attention into the wording Defender uses. Firstly, it is a complete mistruth that Defender protected anyone's PC from my software, which is completely harmless and innocuous (from a Defender security standpoint), as no protection is needed. The second mistruth is that there isn't even a slight possibility that my app might put your PC at risk. So Mr. Johnson, you claim to "partner with the industry to minimize false positives", but you don't say who you partnered with, and you certainly didn't attempt to partner with me.
The two previously mentioned "red flag" warnings directly infer to the user that my software poises a security risk (i.e. is infected), yet they do so without a smidgen of evidence. Quite the contrary, while Defender recognizes my digital certificate exists, it completely ignores its significance, as though my software wasn't even signed. Oh sure, the current emphasis it to encourage every developer to purchase EV certificates (at exorbitant prices), but to what end? If current certificate authentication standards are not sufficient, make the issuers responsible for stricter verification (which of course was to exist from the get go). Submitting my software to Microsoft for validation (which it passed 100%) doesn't even phase Defender. There is apparently no publicly disclosed qualification for when Defender stops its "protection" against bona fide, signed and safe software.
So, what actions do I recommend Microsoft take on the Defender "wording" issue? Here are a few reasonable suggestions:
Use "Windows wants to protect your PC" NOT "Windows protected your PC" (let's keep things honest Microsoft)
Use "Apps from unknown or untrusted sources might put your PC at risk" NOT " Running this app might put your PC at risk"
Use "More info and options" NOT "More info" which in no way indicates that the option to "Run anyway" (again, a poor choice of words) even exists.
Microsoft, your current phrasing is not cast in stone, it can be changed, and for the better.
More...