An unofficial blog that watches Google's attempts to move your operating system online since 2005. Not affiliated with Google.

Send your tips to gostips@gmail.com.

March 20, 2011

Installing an Application Using Internet Explorer 9

I tried to download the latest Chromium build using Internet Explorer 9 and it was one of the most painful downloading experiences. Microsoft tries to protect users from downloading malware and uses a feature called SmartScreen Filter that "checks software downloads against a dynamically updated list of reported malicious software sites". This feature was available in IE8, but the latest version of IE tried to improve it by analyzing application reputation.

"In analyzing software downloads actively in use on the internet today, we found that most have an established download footprint and no history of malware. This was the genesis of SmartScreen application reputation. By removing unnecessary warnings, the remaining warnings become relevant. With SmartScreen Application Reputation, IE9 warns you before you run or save a higher risk program that may be an attempt to infect your computer with socially engineered malware. IE9 also stays out of the way for downloads with an established reputation. Based on real-world data we estimate that this new warning will be seen only 2-3 times a year for most consumers compared to today where there is a warning for every software download."

Here's how difficult is to run mini_installer.exe, Chromium's installer:

Step 1: "Do you want to run or save this program"? Click "run".


Step 2: "This file is not commonly downloaded and could harm your computer." You have two options: "delete" and "actions". It's quite uncommon to label a button using a noun, but the only reasonable option is the generic "actions".

A help page explains that "when you download a program from the Internet, SmartScreen Filter will check the program against a list of programs that are downloaded by a significant number of other Internet Explorer users and a list of programs that are known to be unsafe. If the program you're downloading isn't on either list, SmartScreen Filter will display a warning that the file isn't 'commonly downloaded.' It doesn't necessarily mean the website is fraudulent or that the program is malware, but you probably shouldn't download or install the program unless you trust the website and the publisher."


Step 3: IE9 shows a modal dialog which informs you that "this program might harm your computer". Even though "SmartScreen Filter has little or no information" about the program, Microsoft's engineers thought it's a good idea to show two main options "don't run this program" and "delete program", followed by a cryptic "more options" drop-down. I clicked "more options" because I really wanted to install the program. (Update: this step was skipped the second time I tried to install the same file.)


Step 4: Microsoft finally shows the obvious option: "run anyway", but still recommends not to run the program.


There's a fine line between protecting users and annoying them, but IE9 managed to cross it.

33 comments:

  1. I like your last line! I too feel the same. I haven't tried IE9, but I got the same experience in IE8. They annoy users in the name of security.

    ReplyDelete
  2. People tend to install Chrome rather than Chromium, so it's not that big a deal.

    ReplyDelete
  3. It's not a big deal cause you have to do this just once.
    Then you have Chromium and get rid of IE9 :-)

    ReplyDelete
  4. Microsoft has lost touch, they need to learn from Google and Apple.

    ReplyDelete
  5. What a bunch of whiners. If they didn't try to protect the majority of users who aren't uber-savvy like you folks, you'd criticize them for throwing the newbs to the mal-wolves.

    Alex, is it possible for you to write a critique without sniveling? Good lord man...

    ReplyDelete
  6. haha it's actually quite funny to see that IE9 isn't as good as everyone says it is. Not that I was going to switch from firefox(<3) anyway, but i would have given it a try if I didn't see this news :p

    ReplyDelete
  7. Wow, just wow. This is rather ridiculous. MS should realize that lesser downloaded programs =/= dangerous programs. Let users install whatever they want from their browser. It's not "throwing them to the mal-wolves" as The "Truth" puts it. It is giving the user the choice to do with their PC whatever they see fit. I don't see firefox not letting a user run a program because its not among a list of popular trusted programs. In this aspect IE 9 is looking like a DOWNGRADE to 8.

    ReplyDelete
  8. well duh! Didn't you know Microsoft solves the virus problem by slowing you down to a crawl. They figured more fences they put up, the tired the user gets and just decides to not download what they wanted. I mean it totally makes sense. Just like UAC totally made sense.. You get a nice little allow/deny option right before running the virus. The only issue is you wont know if it is a virus until you hit allow.

    ReplyDelete
  9. you guys are missing a point. why the publisher is "unknown"? if mini_installer was signed by Google Inc. there would not be such a message.

    ReplyDelete
    Replies
    1. I sell software on the internet which is downloaded and is signed by Verisign and the same warnings appear. This could potentially put me out of business.

      Delete
  10. "Microsoft has lost touch, they need to learn from Google and Apple."

    Microsoft doesn't need to learn a fucking thing from Google. Google is a vile company. Android is laughably choppy, laggy, slow, ugly, unintuitive, and fragmented to hell and back compared to WP7. Google can't even be bothered to put a bookmarks button on Chrome.

    I also find it hilarious that a bunch of Google cock-licks give a damn about a Microsoft product at all. The only reason this asswipe even wrote the article is so he could slam IE.

    ReplyDelete
  11. No, I actually think that IE9 is an excellent browser, but it's unfortunate that some of its features aren't user friendly. I've never seen a browser that tries so hard to prevent users from downloading certain files.

    Showing a single warning is a more sensible approach and doesn't get in the way so much. Here are the warnings displayed by Opera and Chromium (one of them is a system warning).

    ReplyDelete
  12. Solution found = Use Google Chrome :)

    ReplyDelete
  13. whoever wrote this is bias, and a complete ie hater. And on top of that they do not understand ie's user base. And that people who use the default browser, need this kind of protection.

    ReplyDelete
  14. The latest build of Chromium is not commonly downloaded so your article is a pile of steaming misinformation.

    IE9 obviously does a good job at protecting unsuspecting users from installing the wrong thing on their computers.

    If you can't get past the series of dialogues above with confidence then you probably meant to install the real Google Chrome and not some unpopular development build, duh.

    If you actually know wtf you're doing then just disable the filter in settings in a fraction of the time it took you to write this post. Problem solved.

    Sounds like you're not giving IE9 a true chance and you're just bashing it for the sake of loving google which is fine *but* it brings the value and authenticity of your blog down.

    ReplyDelete
  15. "The latest build of Chromium is not commonly downloaded so your article is a pile of steaming misinformation."

    People, if this happens when you try to download Chromium, what will happen when I need to download another unpopular software?

    ReplyDelete
  16. So what if an application is not popular and it doesn't have a digital signature? That doesn't mean I don't have the right to install it.

    What if your browser started to show a warning when you visit a site that's not popular?

    "Are you sure you want to visit this page? [No] [More options]"

    "Are you really really sure? Not many people visit this page. [No] [Actions]"

    "Our database doesn't have information about this page, but it's a better idea to visit a safe web page. [Go to microsoft.com] [Visit the potentially insecure page]"

    Installing an application shouldn't be a hide-and-seek game.

    ReplyDelete
  17. I agree that hiding the install option under an obscure button labeled "More Options" is a bad choice, and suggesting to M$ that they just put all the options, including install, in a list, is a good one.

    But having said that, I think it's a small price for those of us who do know what we're doing to have a browser that can be used by the great unwashed masses.

    If we tech types don't get used to it, the (Apple promoted) tendency to remove all choices to dumb down our interactions will take hold, and we will have no choices. Then the browser will simply disallow certain downloads whether we like it or not.

    I'm hoping there will be the computational equivalent of finely tuned sports cars available for us, because most people just want a boring Toyota equivalent, iykwim!! The Apple popularity is a worrisome trend - remember Jobs' comment (re: iPad) that if he designed his products for "people who read", he'd only get 1/3 of his current market. Frightening, at least to me.

    ReplyDelete
  18. Well, I left a rather long comment here, but Chrome failed me and now it's gone.

    I'm not going to say you're wrong on the annoyance behind the issue, but you're aren't exactly right either.

    IE9 did not say "Ooh, Chromium. I don't like that. BLOCKED." It said (in essence)"This is an unsigned file, from an unsigned provider, that I don't have much info on, that most other people have not downloaded, with a generic name, that ends in EXE. You sure you know what you're doing? You REALLY sure? 'Cause 95% of the people who say they're sure really have NO CLUE what they're downloading and they always come back and blame me. So, you're REALLY REALLY sure? OK."

    Chrome actually does the same thing to sites that it believes (usually correctly) have been compromised. The last time it happened to me, I had to go through 3 separate warning screens to get to the actual site. Yes, it's annoying. But, when it comes to internet security you have to play to the lowest common denominator. And the LCD says they have dial up because their DSL comes over a phone line.

    I've been using IE9 along site the latest Canary build of Chrome for awhile now. Here are a couple observations:

    -GPU rendering is awesome. Right up till it's not. If you're already stressing your GPU (as I am) and you suddenly open a load of windows in IE9, expect to be dropped back to Windows Standard and lose your Aero.
    -Jquerey rendering is awesome. Right up till it's REALLY not. It's fast and super tight. Right up till it hits that spot that other browsers say "Well, I know what you MEANT." It says "But that's not what you said, so here's a broken site now."
    -What IE9 has in clean layout, it looses compared to Google's sync capabilities.

    Performance wise, it's easily on par with any other browser I've used so far. It's faster than some in areas, and slower in others. You know, just like everything else.

    More important is what it's NOT; a steaming pile like IE6, 7, & 8. Which is surprising in of itself.

    ReplyDelete
  19. All futures are very nice and interesting....can we use this tool any browsers?

    ReplyDelete
  20. I like that kind of updates,i just know this site and i get a wonderful information here.

    ReplyDelete
  21. Anyone who thinks this behavior is acceptable in a browser should imagine what would happen if they personally released a program.

    How do you get established enough for the browser to recognize you if it succeeds at scaring away 80% of your potential users?

    It's hard enough to succeed in the application programming market today, a kick in the groin like this from Microsoft could outright kill start ups before they've ever had a chance.

    ReplyDelete
  22. Can this tool be used for other browsers? Im not a big fan of IE

    ReplyDelete
  23. Hell, if you rigt-click, you have the option of "report that this program is unsafe." You mean to tell me that NO ONE at Microsoft actually thought of providing a "Report as safe" option? Good God!!! It's such an obvious option and would have been useful to end users, but as usual, Microsoft knows best. First Windows 7 and now IE9, what's next?

    ReplyDelete
  24. same thing happens to: mysql-5.5.10-winx64.msi
    and that's a signed installer.....

    ReplyDelete
  25. @Anonymous (you know who you are) - Chrome has supported bookmarks for a long time. You simply click the star in the address bar to bookmark a page. If you need to see the bookmark manager, select it from the wrench drop-down menu. If you want to always see a bookmark bar at the top, enable it in the options. Not complicated. People like you are the reason dumbed down browsers like IE exist.

    ReplyDelete
  26. The process that IE9 presents to users, for most users, let's face it, is literally 'de facto' blocking software from being downloaded. We have customers report they are 'unable' to download our software, quite understandably not realizing that 'Action' hides a route to a positive install outcome, and also again understandable not noticing the hidden 'Run Anyway' option. This option is now so hidden that for 80% of users it basically might as well not be present at all. And Microsoft knows this. They are just saying 'small vendors be damned'. We also have thousands of users and yet Microsoft tells our users our software is 'hardly ever downloaded'. We have a PageRank of 6, have been in business and online for almost 10 years, our downloads are on many major third-party sites (e.g. CNET) that also do virus verification - apparently all this counts absolutely nothing to our "reputation", as Microsoft decided unilaterally to just effectively block our software. Today I even had a customer tell me they 'had to install FireFox so they could download our software!'

    ReplyDelete
  27. It totally sucks. They go so far to hide the run anyways button. It's so stupid of them. We have a program that has a website that allows you to download self extracting .exe data files and the names of the files change regularly. All the sudden I'm on the phone every day with someone who can't figure out how to get past the warn9ngs to download them. Total failure Microsoft Morons.

    ReplyDelete
  28. I have been suffering for 24 hours t install IE9 and still failed, tryed everything from disabling my firewall to updating my windows to SP2 and all the necessary software's that are required, still no luck!!!! someone help

    ReplyDelete
  29. Its incredible that Microsoft is so inept and ill advised.

    The have pissed down their leg once again, blowing all of the goodwill they build with Win 7 by this absolutely assinine feature.

    When will they realize that stuff like reputation management is going to kill off the very small software developers they should be courting.

    Think Win 8 is going to change things..guess again..the Win 8 Smartscreen filter will be more forceful in its enforcement of this Big Brother reputation management scheme.

    Unbelievable..no wonder Chrome is kicking IEs ass.

    ReplyDelete

Note: Only a member of this blog may post a comment.