Microsoft UWP Discussion

[Silent_Buddha]

And then MS suddenly decides that the home version isn't allowed to install software outside the store anymore because its "dangerous". What are you going to do? Windows updates are now forced so you can't decided not to update. Well, you can but not in a way the average user is going to understand. Pretty sure this won't require separate codebases at all.

Another thing people seem to forget is the amount of money that, talking about games, users invest into the windows platform compared to ios or android. In a decade or so of owning android phones I haven't even spent 50 bucks on apps. I'm sure there are people who've spend a more significant amount of money but most likely a 20 ~ 30 game windows game library is going to be much more valuable than the same amount of games on ios or android.

There is another risk in that. You might say win32 and UWP will co-exist but what if like I said at the start of my post MS decides you're not allowed to run win32 apps anymore. You might be able to block windows updates but then MS will simply not allow you access to the store and your software anymore until you update. They could come up with any number of excuses why this is necessary. So you will have to choice. Loose all the software you bought in other stores or loose the software in the MS store you bought?

The whole problem is that with UWP MS gains an awful lot of control over what you can do with your device and the software you bought. Steam, origin and other stores come with their own risks as well but they cannot prevent you from using other stores nor from running a game on whatever OS you like as long as the game supports it. MS can and its really not too far fetched they might move towards that at some point.

MS has put hundreds of millions of dollars into attempting to make sure W32 applications from over a decade ago will still run on Modern Windows. They still support 16 bit applications in 32 bit Windows.

Win32 isn't going anywhere in the forseeable future (next 10-20 years). UWP will exist in parallel with it. Developers that don't care about smartphones or consoles may or may not release anything using UWP (my guess is they won't). Developer's that target smartphones and/or consoles may or may not release a W32 version of their program. My guess is smartphone targetted apps likely won't while console targetted apps might.

The point being, it's entirely 100% up to the developer where their applications end up being sold.

Just like it's highly unlikely the Government is listening in on your phone converstaions despite having the ability to do so, it's highly unlikely Microsoft are going to shoot themselves in the foot by making sure nothing but UWP apps can run on Windows. Just becasue they can do it, doesn't mean they are going to or will ever do it.

I always find it amazing how paranoid people can get.

Regards,
SB

 

[Arnold Beckenbauer]

Not a problem, you don't buy it in the UWP store.

Just buy the W32 version like you currently do. However, you lose access to potentially running it on smartphones and consoles as well as opening it up to potential malware. If those don't matter, then just stick with the tradtional Win32 versions.

Those aren't going anywhere. Likely ever. Corporations that buy Windows and pay massive sums of money for Microsoft Support require the ability to run programs over a decade old. Microsoft is not going to break that functionality for the foreseeable future.

No matter how many internet Chicken Littles keep crying about how the "Sky is falling!" UWP will always operate in parallel with traditional Win32.

The only way that changes is if Microsoft abandons Windows as a common platform and go back to the WinNT/Win9x days of a seperate codebase for Corporate versus Consumer Windows. And that isn't going to happen.

Regards,
SB

I ment: I don't care about Crossfire, SLI, Freesync...

I have no problems to buy games over Windows Store. I play Asphalt 8, Modern Combat 5. I bought the full version of FIFA 14 (In-app). But: It's March 2016, Windows 10 and its store is available since summer, there are so many games and none observed, thar SLI/Crossfire or FreeSync/G-sync do not work with apps from the Windows Store?

 

[CSI PC]

I don't want to misrepresent you but your position seems to be if one person can break a security measure, it's pointless. By that measure nobody should lock their street doors because all locks can be picked by a very skilled few.

Most security features exist not as impenetrable layers but because they reduce the vectors of attack. No anti-virus or anti-malware layer is foolproof should we disable these? Of course not, because they catch far more than they miss. Should people stop wearing body armour because you can still get shot in the face?

If you're looking for absolute security, don't take your product out of the box it came in. Assuming you want to use it the way it was intended, you accept that like everything in life, there are risks and there are things you can do to reduce the risks if bad things happening.

I really don't know what more I can say but sand boxing will get more resilient and on the whole it's got better potential for stopping initial infections if new threats than anti-malware algorithms trying to profile and second guess what running code is trying to do. New malware can be disguised to work differently and slip by detection but if it's running inside a solid sandbox, it can't do anything malicious to other programs or data.

Your taking my context to the extreme, for you I could say your positions seems to be that UWP will be a fortress that is hack proof
The reality is in between both, but my context is that we need to see more regarding the architecture and Microsoft does not have a good record for creating secure OS architecture environments.
My view is that UWP will probably only be secure if all applications are controlled by it....

Cheers

 

[Albuquerque]

But my context is that we need to see more regarding the architecture and Microsoft does not have a good record for creating secure OS architecture environments.

Would it surprise you to know Windows 7 and later are among the more secure operating systems available today, more secure than IOS, Linux and MacOS?

http://thehackernews.com/2015/02/vulnerable-operating-system.html

Some people were bitchy about why Apple and Linux landed at the top "oh but they only count disclosed vulnerabilities" -- Apple has some balls crying about this, because for at least two years Apple left open several critical vulnerabilities, which were disclosed publically, which would allow complete remote control over the OS (seen via various international Hack-a-Thons where the contest is to break a factory new Mac or Windows PC to win it.)

Here is some rebuttal regarding the crying over Apple and Linux being named in the top three least secure OSes:
http://www.zdnet.com/article/mac-os-x-is-the-most-vulnerable-os-claims-security-firm/

Want to know at least part of the reason why Microsoft is trying to ditch IE? Look at the first most vulnerable browser

The OS isn't the problem, it's applications that kill it. Want to drastically reduce the attack surface of your machine? Get a solid handle on the apps it runs..

 

[Deleted member 11852]

My view is that UWP will probably only be secure if all applications are controlled by it....

UWP will be secure for UWP applications. Bad applications in UWP can't get out. And bad applications can't get in. UWP can not secure/control win32 applications. There are separate Windows security technologies that will continue to monitor win32 applications. But if you're sourcing software from reputable places, win32 is no more a risk than it is now.

You as a consumer can chose to run only UWP applications if you wish.

 

[CSI PC]

Would it surprise you to know Windows 7 and later are among the more secure operating systems available today, more secure than IOS, Linux and MacOS?
.

Yes I know, but it is still able to be broken at the hacking/security competitions-conventions.
And anyway I was specifically talking about malware inside applications (which UWP is all about lets be honest), which is even tougher to design against when considering the complete OS environment-architecture.
Anyway the discussion is now digressing from the original context so letting this drop.
Cheers

 

[Silent_Buddha]

Yes I know, but it is still able to be broken at the hacking/security competitions-conventions.
And anyway I was specifically talking about malware inside applications (which UWP is all about lets be honest), which is even tougher to design against when considering the complete OS environment-architecture.
Anyway the discussion is now digressing from the original context so letting this drop.
Cheers

But what's the point of Malware in an application if it can't access anything outside of its sandbox?

Especially, if in most cases, it's the developer of the application that has to put the malware there in the first place (Microsoft would only accept updates to an application from the developer of the application)? It's not like Win32 apps where you could have malicious software injection by a 3rd party prior to it being uploaded to a software repository without the developer knowing it happened. Or in rare cases the software repository itself injecting malicious code into the application. Of course, if the developer is using a compromised development environment either by choice (using questionable programs of dubious origin [pirated for example]) or by legit infection from a previously unknown vector, it'll still be limited to the sandbox it is in.

Yes, anything can be broken into given enough time and effort. Nothing is secure in this world. You could lock a PC in a safe inside of another safe with no access to the internet with 24/7 guards posted around it, and given enough time and effort someone could break into those safes and install malicious software. Assuming anyone wanted to go through the time, effort, and cost of doing it.

And that's the point. You know everything is vulnerable. What you do is make cost of breaking/compromising it so high that it becomes less and less feasible for someone to either succeed or even want to attempt it in the first place.

As, Albuquerque pointed out above Windows is one of the most secure OSes you can have. But it still gets the lions share of malware because it's worth it due to the massive install base. In other words it's harder to break the security, thus costs a hacker more time and resources. But the potential payoff is so much greater than hacking an easier to hack OSX or Linux distro that it's worth the increased effort.

What UWP does is significantly raise the effort and thus cost associated with trying to break the security. There will still be people that try, just for the challenge. Just like it's possible to hack the PS4/XBO and people try. But the effort and cost involved is so high that there aren't many people trying to do it. And those that are interested don't have the resources necessary to effectively hack the machines. And the potential payoff for hacking them isn't high enough to prompt criminal hacking rings into investing the resources to do it.

Yeah, I have a few friends left (very few) that feel like you do. Why bother with security if it can be broken? And thus they don't run any anti-malware at all. And I'm never surprised when they get infected by something. But I always find it amusing when they complain about it. Especially when they could have prevented the majority (or even all of them) of those infections by running some form of anti-malware.

UWP represents a very significant increase in security over that.

Regards,
SB

 

[Albuquerque]

Something I've touched on in this forum in older threads: Microsoft is getting very serious about rigorous sandboxing, to the point where Windows 8 and later now includes a type-1 hypervisor built into the kernel. The sandboxing capabilities of Chrome, Java and (for now) Edge will always be limited as a type-2 hypervisor, which means (when sufficiently compromised, ie an "escape from sandbox" attack) the user space and even the core OS is now immediately vulnerable.

Microsoft has alluded to in blogs and elsewhere a focus on moving their browser into a type-1 hypervisor environment, where the core operating system is actually in a parallel instance alongside the browser, rather than as the underpinning anchor point. A breach of the browser sandbox effectively leaves you in an empty machine... This doesn't mitigate browser vulnerabilities directly, however it RADICALLY reduces vulnerability to the OS.

If Microsoft is already aiming for this in the browser space, and now we have modern audio and video API implementations which can fully virtualize these GPU / APU resources in a similar way, you're now in a position to push things like UWP into their own full-on type-1 hypervisor virtual machine. Imagine such a world where you use a docker-esque lightweight containerized application virtualization, essentially in the form of a simplified OVA, while retaining the hardware segmentation and efficiency of a full type-1 hypervisor implementation. If you watched the US action flick "Bad Boys", you might heed the suggestion that shit just got real.

So, despite the claim of not wanting to talk about OS security because we're all having to listen to the bitching about UWP -- Microsoft's abilities to get REALLY GOOD with sandboxing via UWP is phenominal when you fully understand the modern Microsoft OS stack and have been paying attention to the blogs of those who are building the future software.

 

[Silent_Buddha]

If Microsoft is already aiming for this in the browser space, and now we have modern audio and video API implementations which can fully virtualize these GPU / APU resources in a similar way, you're now in a position to push things like UWP into their own full-on type-1 hypervisor virtual machine. Imagine such a world where you use a docker-esque lightweight containerized application virtualization, essentially in the form of a simplified OVA, while retaining the hardware segmentation and efficiency of a full type-1 hypervisor implementation. If you watched the US action flick "Bad Boys", you might heed the suggestion that shit just got real.

Considering the work done on XBO, I'd view this not as a question of "if" but a question of "when".

However, I do wonder if they'll go so far as to have each UWP app virtualized or if there will just be a virtualized app environment within which each sandboxed app will run. It make each app slightly vulnerable to other apps within that virtualized instance, but would protect the OS still. And I'd imagine it would be less resource hungry.

Regards,
SB

 

[Albuquerque]

Considering the work done on XBO, I'd view this not as a question of "if" but a question of "when".

Yup, absolutely agreed. Your further thoughts around if UWP would end up as discrete Type-1 partitions or as a single shared partition is also reasonable; I figure it will ultimately depend on how close to "containerized app" model they can get.

I just wanted to take this moment to toot my own horn for calling this almost one year ago
https://forum.beyond3d.com/threads/windows-10.56128/page-12#post-1833602

And much later in that same thread, as a follow up thought... (click the quote header for the link!)

I don't think anyone has ever realized that Microsoft's broken dream from a decade ago really ever came true. Secure boot? Encrypted, partitioned OS? Lower-security, lower hardware access (via abstracted drivers) guest partitions? It has all happened; it's all in Windows 8 and it's only getting stronger in later OS versions -- I'm looking at you, Windows Universal apps.

 

[Deleted member 11852]

However, I do wonder if they'll go so far as to have each UWP app virtualized or if there will just be a virtualized app environment within which each sandboxed app will run.

You can sandbox at any level but I'd expect UWP to be sandboxing at the binary level and all child processes that fall within. I would be exceedingly surprising if UWP would throw all UWP apps within a single virtualised environment, there's no need because UWP is native to Windows 10 and not something you need to virtualise in (like a VMWare OS) and it makes resource tracking and isolation easier and improves resilience. If the global UWP environment goes down, everything running inside crashes.

 

[CSI PC]

Personally VM type solutions I feel would be more secure, and Microsoft is more active with this technology (even in WIn10).
Anyway a good read is the following presentation on Windows 10 security, also both Microsoft and IBM have both been doing interesting work with investigating Cloud server security (different security topic but still with overlaps).
I would say we all would agree security has some weaknesses that usually come back to user convenience.
Hey a good test for UWP would be Adobe

Here is the presentation I mention: http://www.uefi.org/sites/default/files/resources/UEFI_Plugfest_May_2015 Windows 10 Requirements for TPM, HVCI and SecureBoot.pdf
And Technet: https://technet.microsoft.com/en-us/library/mt637125(v=vs.85).aspx

So I do feel UWP design-objective is to work when it has all applications, which raises questions but early days for Win10.

Sorry to OP for the digression, last few posts by several of us should be in a separate thread.
Cheers

I meant to also include the Malware list mitigation (about half way down) but ran out of time to edit: https://technet.microsoft.com/en-us/library/mt601297(v=vs.85).aspx
There is more overlap these days for security between mobile/desktop with Windows 10 (which ties in with earlier Technet url).
Cheers

Last point showing practical limitations and why I feel UWP is more about controlling all applications for Microsoft.
Even up to March 2016 (beginning of week) remote code execution leading to critical security failure was still possible (and maybe more security updates will be required in future) on Microsoft Edge (also other IE browsers but outside my context) and required patching, so the UWA/UWP environment-sandboxing was still circumvented as edge uses these.
Lets see how it behaves with embedded-integrated malware code that can be far more sophisticated.
Cheers

 

[Deleted member 11852]

So I do feel UWP design-objective is to work when it has all applications, which raises questions but early days for Win10.

I definitely think Microsoft want UWP to be the norm but it's fundamentally incompatible with win32 (or rather the other way around) and I can't foresee a day when Microsoft willing give up win32 compatibility. A day may come in many years time if Microsoft can convince most Windows developers to target UWP in the coming years but some applications (system tools, diagnostic tools and anything requiring low level I/O or filesystem access) so they get to the point where it's just fringe software that will no longer work.

Microsoft's big problem with phasing out win32 in the future is that they've comitted to Windows 10 being the last version of Windows. The plan is to develop and support indefinitely with patches installing themselves automatically so users will have no way to prevent Windows 10 to just breaking for win32 apps.

In my view the better option is to continue to support win32 and let users decide if they want to use win32 software, UWP software, or a combination of both - with the pros, cons and risks clearly set out. Choice and responsibility is then within the user's domain.

 

[MfA]

I've suggested in the past to just run games completely virtualized, I think it would be a great way to make PC gaming more idiot proof (at least on selected/certified hardware platforms) so I don't mind sandboxes. I want to be able to play in them though. All we are getting from UWP is a sandbox in which someone else build a sandcastle, afterwards covered in a layer of cement.

The security the sandbox grants the user is a good thing, the control it grants Microsoft over how we can use the software is not and is unnecessary for the former.

 

[Deleted member 11852]

I've suggested in the past to just run games completely virtualized, I think it would be a great way to make PC gaming more idiot proof (at least on selected/certified hardware platforms) so I don't mind sandboxes.

This is essentially what Xbox One does. Each game comes with its own software runtime environment needed to run the game, in practise this means each and every game has its own SDK build and driver set and this works for Xbox One because there is only one hardware build.

How do you see this working on Windows with a vast variety of hardware? Would each game come with a slimline OS and thousands of drivers for all possible PC hardware configurations? Would, like Xbox One, publishers then be responsible for maintaining SDK and driver support indefinitely for each game for all future hardware revisions?

A virtualised environment is an empty box.

 

[Arwin]

But let's not forget what UWP achieves - a platform that allows you to develop an App that runs and scales itself properly from phone to tablet to PC. That's a first, no other platform does that (if you exclude web-browser based stuff), and I am currently writing a test project in which I am applying what I have learnt in the last year. This is UWP's primary goal, and not only to write one app for all platform, but to be able to dock your phone and have a desktop like experience on it with Continuum. I'm a big fan of that concept, personally.

 

[Davros]

an App that runs and scales itself properly from phone to tablet to PC

I thought it created 3 different exe's

 

[MfA]

How do you see this working on Windows with a vast variety of hardware?

Hardware manufacturers pay Valve to certify a hardware configuration, send a couple of boxes to Valve. Valve creates a premium part of it's store for games Q&A'd on certified hardware.

I'd not involve windows at all (except as another client OS). Microsoft won't be party to improving PC gaming, the xbox saw to that a long time ago.

 

[Silent_Buddha]

I'd not involve windows at all (except as another client OS). Microsoft won't be party to improving PC gaming, the xbox saw to that a long time ago.

Yeah, except that Microsoft is one of the primary drivers to improving PC gaming. Along with developers and IHV's. All 3 cooperate to advance the state of gaming on the PC.

Steam? It has a store which predominantly releases Win32 apps with an extremely small smattering of Linux and Mac versions. It has a Linux distro which is basically at best an extremely mild success and at worst a dismal failure.

I love Steam, and don't use other online Stores that don't allow me to redeem my games on Steam. But to think Valve are one of the primary drivers for pushing gaming forwards on PC? Um, yeah.

At least the VR headset they partnered with will likely do better than their dismal Steam controller, and a whole ton better than Steam machines. And I say that, even while I expect VR to fail at some point just like VR has done in the past and as stereoscopic 3D continues to fail time after time after time.

Regards,
SB

 

[MfA]

Recently they have to be strong armed into it. A scheme like I propose would be a direct assault on the xbox. They'd never be party to it, not in this day and age.

Instead we get all the downsides of the highly constrained software environment of console gaming combined with the downsides of the hugely inconsistent PC hardware platform. Much of the freedom we usually get in return for the latter gone, that's not progress.