システムの整合性ポリシーに違反しています!?
(Violating system integrity policy!?)
I am a multi-tool engineer who builds not only switchboards and PLCs, but also robots, mechanisms, and even computer-based systems.
This time, I was in charge of prototype equipment for special image processing, so I created a system that ran an ordinary computer with original software I had programmed. It worked fine at the my office, so I moved it to the On-site(without web) and made various adjustments and tests…
「プログラムxxxx.exeを開始できません。
システムの整合性ポリシーに違反しています。不明なファイルの評価サービスに接続できません。
(
Program xxxx.exe cannot be started. System integrity policy is violated. Unable to connect to unknown file rating service.)」
I was in trouble because the above dialog appeared and the program stopped working at all.
It’s strange… it worked in the office, but what changed? Maybe I don’t have enough runtime or something? ?
I thought about it a lot, but the conclusion was…
“Smart App Control” was the problem.
It seems to be a feature installed in Windows 11, and thanks to this site I learned about its existence and how to turn it off.
*The above link cannot be opened from the company network, so I have excerpted the steps as a memo.
Start Menu → Settings → Privacy and Security → Windows Security Open Windows Security App and browser controls Smart app control If this is on, turn it off
https://scrapbox.io/medianmoe/%E3%82%B9%E3%83%9E%E3%83%BC%E3%83%88%E3%82%A2%E3%83%97%E3%83%AA%E3%82%B3%E3%83%B3%E3%83%88%E3%83%AD%E3%83%BC%E3%83%AB%E3%82%92%E3%82%AA%E3%83%95%E3%81%AB%E3%81%99%E3%82%8B
This will now run without any warnings.
As for its function, it seems to be a service that blocks computer viruses or other malicious software from being executed even if you accidentally try to run them.
There is probably a list of “programs that are safe to run”, a so-called whitelist, saved on the computer, and those who fall outside of that list are evaluated by an online system called “Unknown File Evaluation Service” to be OK or NG. I think I’ll judge.
Every time a program is rebuilt (minor modifications are made), it becomes a completely different program. Every time I modified it at home, the modified version was checked online by the “Unknown File Evaluation Service” and registered as “Programs that are safe to run,” so it worked. However, if you modify it while offline, it seems that the new program will not be able to be queried and will be blocked.
と
That would be a pain if I had to go online every time I made a correction…
For now, I decided to turn it off based on the instructions on the site mentioned above. If you try to turn it off, a warning will appear. I can’t go back now.
Well, I had no choice but to disable it and it started working again.
How does smart app control work?
I thought for a moment as to why it was acting like this.
I have two questions,
・Why is something like an original app judged instantly? If you are connected to an online evaluation service (It should not be registered in the database)
・Why can’t I enable it again once I disable it?
I think there is one hypothesis that can solve these two questions.
Isn’t this “unknown file evaluation service” actually directly investigating whether a program is dangerous? After all, it costs a lot of money to analyze whether software is malicious or not… No matter how much money you spend, isn’t it difficult to instantly identify it?
If that’s the case, I feel like they’re keeping statistics on what percentage of people who installed the exact same program in the past suffered damage.
In other words, when there is an unknown food, it is not a service that analyzes the ingredients and determines that it is “dangerous”. It is like a clinical trial where 100 people ate it and 20 people died, so it is said that this “might be dangerous food”.’ I think they’ll judge it, and when the 101st person comes, they’ll say, “This food is dangerous”, and block it.
That’s why I think programs that are new and have never died before, such as self-made programs, are ignored. Even if it’s poisonous.
If you think about it that way, you’ll understand that you can’t do anything when you’re offline, or that once you turn it off, you can’t turn it back on. In the food example, if 100 people ate and 20 died, what would happen if there was a possibility that only those 20 people were eating different food? It is not clear whether the “unknown food” was the cause of death, or it may not actually be harmful and the cause of death may be something else unknown.
In this way, the risk assessment system differs greatly between cases in which “everything you ate is known” and cases in which “there may have been other things you ate”. Is it okay to say that the data will be contaminated?
That’s why it’s moving like this…I guess it’s natural if you think about it.
So I think it’s a pretty good service if your computer is meant to be online all the time. Even if a new type of malicious software (virus) comes out, those unlucky enough to be hit directly will die, but others will survive. It’s like a kind of immune system.
However, if you use it offline on a factory network, you will not be able to run your own programs, so I think you may want to turn it off. No, I guess I have no choice but to turn it off.
