Security researcher Nadim Kobeissi discovered that SmartScreen has been turned into a system-wide defense technology in Windows 8. It's turned on by default and phones home to Microsoft every time you install a program on your PC. Microsoft's server then compares the hashed value of the program's installation and the code signature against its database, if the application has a high reputation the installation will proceed as normal, otherwise users will receive a security warning that running the program might be risky.
If the system is disconnected from the Internet, users will receive a message that Windows SmartScreen is unreachable and can't help you decide of the program is okay to run.
Security advocates, thinking people, and everyone who isn’t Microsoft naturally find this troubling. For one thing, MS now has a database of what every IP is installing. Even if the company takes steps to make that information anonymous, there’s no way the government will ignore a centrally maintained database of activity once it believes it can link an IP address to particular users. Second, there’s the temptation to use this information for targeted advertising. If Microsoft sees an IP address installing video games or Xbox Live content, it know that’s probably a gamer. If you’re downloading cooking apps, you might like to see some ads for recipe websites.
This strikes at one of the problems with so-called anonymous data — it’s not actually anonymous. If I know your IP, the apps you install, and the websites you visit, I know an awful lot about you. I may not retain that data, but you can bet that governments and corporations will both want to get their hands on it. The earnings from monetizing the information, and the associated temptation, are potentially huge.