@shivoa: I know that this thread is almost two years old, but I came across this thread while searching Google, and I want to partially counter your perspective with mine. I'm not a developer, I'm just a PC user, but here me out. I get your argument that the Windows ecosystem has flourished because of its openness, but there's one thing that I don't think you've admitted so far in this thread: sandboxed applications are fundamentally more secure than non-sandboxed applications, and because Android and iOS were designed to sandbox apps, those operating systems are more secure than Windows.
I own a Windows 10 PC (a 2017 Surface Pro), an Xbox One S, and a Windows phone. I still own that Windows phone but I don't use it anymore because I bought an iPhone.
When it comes to apps and games on Windows, whenever an app or game that I want is available from the Microsoft Store (formerly called the Windows Store on Windows PCs), I get it from the Microsoft Store. Why? Several reasons.
- Generally speaking, Store apps are more secure than Win32 apps, because they are sandboxed, and there is a permissions system in place that helps to prevent Store apps from getting access to things that they shouldn't have access to. Further, users can read the list of permissions required on the app's Store page. Some apps in the Store are Project Centennial apps that still use Win32 and so their permissions list in the Store includes the phrase "all system resources" which means that the app requires full system access just like non-Store Win32 apps, Microsoft has taken some steps to sandbox these, so even this is still better than installing applications from outside the Store. When you install applications from outside of the Store on Windows 10, a User Account Control prompt asks you something like 'do you want to allow this application to make changes to your system'? I don't know what an application installer is able to do, but to me, that UAC prompt is basically asking me if I want to allow the application whose installer I've opened to be able to run wild and do whatever it wants on my system. That scares me, and that is why I like sandboxing and permissions. It's even worse when you try to run an installer that hasn't been digitally signed, in which case UAC asks you something like 'do you want this application from an unknown developer to make changes your system'. I HAVE to install applications I obtained from outside of the Store because they weren't available from the Store, and so I HAVE to install applications and grant them the ability to 'make changes to my device', and trust that they won't do anything harmful. But I HAVE NOT installed anything that wasn't digitally signed, and I doubt I ever will, unless I either set up a virtual machine for that stuff, or learn of a way to install those applications into containers.
- When applications and games have direct access to users' hardware, that is a security vulnerability. I could be wrong about that, because I'm just a user and not a professional, but that is the impression that I've gotten. I think that it is safer to have applications be sandboxed and not able to interact directly with users' hardware. I understand that this prevents whatever benefits applications might get from interfacing directly with hardware, such as being directly accelerated by a GPU (as far as I know). Maybe this downside of sandboxing can be ameliorated through APIs that Microsoft would develop in collaboration with ATI, Nvidia, and other hardware companies.
- In your comments in this thread, you've argued that the PC has flourished over the past several decades because of Windows' openness (technically not open-source, but you know what I mean). I'd argue that we've been running software in an INCREDIBLY insecure manner this whole time. It's been like the wild west. That might have been okay before the Internet, but it's very risky now that our devices are interconnected.
Now, some points that aren't related to security:
- I like the Universal Windows Platform because if an app is UWP and supports PC and Xbox One, I can download that same app onto BOTH of those devices, and if the app requires purchase, I only have to buy it ONCE, and with that SINGLE purchase I can run it on BOTH devices!
- At some point in your comments, you might have said that UWP apps can only be obtained from the Microsoft Store. If you didn't say that, then Tim Sweeney said it in one of his posts that you linked to. Regardless, I read that Microsoft now allows UWP apps to be distributed outside of the Store. See https://www.howtogeek.com/219651/windows-10-allows-you-to-sideload-universal-apps-just-like-android-does/ . I'd be curious to know if any of the games that are available as UWP from the Microsoft Store are ALSO UWP when obtained from Steam. For example, it was announced recently that some Microsoft first-party games that I suppose were only available from the Microsoft Store until now are coming to Steam and will also be released on optical disc; I wonder if these games will be UWP even when obtained from Steam or installed from optical discs. But I do know this: Microsoft has said in the past that users who want to buy a game once and run it on BOTH their PC AND on their Xbox One will need to buy it from the Microsoft Store. (Think about it. You can't run a PC optical disc in an Xbox, and you can't run an Xbox disc in a PC. And the Xbox's operating system is closed like iOS, so you can't download a Steam client onto it and run games purchased from Steam. Therefore, if you want to buy a game once and run it on both PC and Xbox One, you HAVE to buy it from the Microsoft Store.)
Log in to comment