none
SmartScreen for Dynamic Installer RRS feed

  • Question

  • I'm hoping someone from Microsoft can help me with a couple of questions around SmartScreen technology which is now part of the Windows platform. 

    I understand how to build reputation and I have an EV SSL Certificate and all of my installers and applications are signed and time stamped with Authenticode certificates, but it doesn't seem to work for dynamic installers (Installers created and signed dynamically when a user clicks download).

    I do this because I have an Azure backend delivering services and rather than having a user enter an order number and other service delivery information I make it easier by including an order details file that the service delivery application can read at startup.  Unfortunately I am pretty sure this is resetting my reputation to zero because the installer (self extracting exe) has a different hash every time it is downloaded, and so far I have failed to get consistent results from SmartScreen not flagging my installer.

    I have a couple of questions:

    1. Does anyone know how to actually check the reputation that is being assigned by the SmartScreen platform?  Can I visit a website, call, or email someone?  I would like to debug reputation being assigned to my applications.

    2. What team deals with SmartScreen at Microsoft so I can get this on the radar?  It doesn't seem like this type of installer should be impossible to use in order to save keystrokes and clicks for the end user.

    I am resigned to the fact that I will probably have to add authentication ato my application that can then retrieve the order(s) from my service as a workaround, but I would really like to get additional information before I abandon this approach. 

    Any advice, information, or opinion is appreciated.

    Thanks,
    Jay

    vendredi 31 juillet 2015 05:12

Réponses

Toutes les réponses