- Nov 21, 2022
- 248
sac is certainly a good idea
there are some issues with it:
there are some issues with it:
- sac database and algorithms are obviously not quite ready for prime-time given that sac blocks even microsoft files
- microsoft is not very forthcoming in explaining expected behaviors or configuration of system to have sac permanently enabled - for example, enable windows subsystem for linux and sac blocks it or sac turns itself off
- the requirement of a clean install makes perfect sense, but most users will not accept this - microsoft appears unwilling to budge on this
- there is no way to create "allow" exceptions, and again, most users will not accept this requirement - again microsoft is not going to budge on this
- the microsoft database (e.g. the databases queried by microsoft defender\smartscreen) already includes reputation scores of all the most popular software already - and yet sac blocks many of such software - because the real strategy microsoft is trying to implement with sac is all files, including dlls and updaters (including created .tmp files in the install sequence) are signed with authenticode
- windows defender\smartscreen can block signed files from authenticode signed files from publishers that are already in the microsoft databases - if those files do not meet criteria such as prevelance and age; it is a guess but sac is probably doing the same ( no details from microsoft)
- given microsoft's handling of many initiatives - of starting something to only complete it partially and then either stop or just put into maintenance - does not inspire confidence because sac is one of those microsoft intitiatives that appears susceptible to the "microsoft method"