Skip to main content

Epic's Tim Sweeney offers some ideas on how to turn Microsoft's UWP into an open ecosystem

Last week, Epic Games co-founder Tim Sweeney slammed Microsoft's Universal Windows Platform efforts for Windows 10 as a possible attempt to turn Windows on PCs into a closed ecosystem for apps. Now the developer who created the Unreal Engine and helped to make classic games like Unreal Tournament and Gears of War has posted a new editorial, and this time, it offers Sweeney's suggestions to alter UWP so it can be an open ecosystem for app creators.

Sweeney's first editorial last week didn't pull any punches, He stated:

"The specific problem here is that Microsoft's shiny new "Universal Windows Platform" is locked down, and by default it's impossible to download UWP apps from the websites of publishers and developers, to install them, update them, and conduct commerce in them outside of the Windows Store."

Since then Microsoft has responded to Sweeney's statement's wth Xbox head Phil Spencer stating stating, "UWP is a fully open ecosystem, available to every developer, and can be supported by any store." He also said that Microsoft will reveal more on the Xbox team's plans for UWP at Build 2016 in late March. In Sweeney's new editorial, as posted on VentureBeat he points out Microsoft's procedure for developers who want to release UWP apps:

"If you apply to become a Microsoft Registered Developer, and Microsoft accepts you, then you take a UWP app you have compiled and submit it to Microsoft. If Microsoft chooses to accept the app, then it will digitally sign the app using its DRM and return it to the developer, at which point the developer can distribute it to users, and users can manually install and run it on any machine with default Windows 10 Settings."Is this open? You be the judge."

Sweeney's point is that regular win32 apps can be created and offered anywhere, without the need for Microsoft's approval:

"In win32, any developer can obtain a digital certificate from a Certificate Authority, using the same open ecosystem that the web itself uses for digital signatures in the https protocol. This approach scales securely to millions of websites around the world and to countless win32 applications today."

Sweeney says that he would like Microsoft to allow UWP apps to be created and offered the same way as win32 apps, with no need for the company to approve each app or for developers to register with Microsoft. He would also like for UWP apps to be available in any download store, such as Steam or GOG, Finally, he wants Microsoft to be clear about the future of Windows as an open platform. He states:

"Lacking that, I believe it would be foolish for the world's major developers and publishers to adopt this new technology based on mere assumptions about plans that Microsoft has not itself stated with technical clarity."

287 Comments
  • I've always wondered why windows store apps can't be treated like win32 .exe files. Sweeney has a point here.
  • It's a security thing. Microsoft signs the app and therefore viruses "can't" make their way into the store. When you can download a Win32 app from any website and install it, there's a chance someone stole another person's or companies app and infected it with malware of some kind. Apps from the store are safe from this. Also, windows has Developer mode and Sideloading baked into Windows, it's a setting. So, if you choose to take the risk, you can.
  • Great statement, it's a shame people don't understand the security aspect of windows, think it's about putting junk into the eco system thats not built to handle old principles, wake up
  • That's like people who always claimed Mac was more secure than Windows back in the day. They didn't understand, it's not the security. The viruses are compiled for Windows, they WON'T run on a Mac, point blank. Mac doesn't use EXEs. There were viruses for Mac, but they were compiled for Mac.
  • Actually, it was due to Windows being more popular than Mac thus having a larger install base.  The Windows Store is just that.  No different than Apples.  Only on the Windows Platform, Win32 apps can also exist.  Openly. 
  • What would be cool is that they can take their app, get it signed from microsoft, then distribute it in the store and/or also be allowed to have a UWP storage package that can run somehow. So its still signed, still secure, still installs like its from the store, but you can get it from say gog. That would be cool. But I dont think Microsoft will do that nor do I think they should do that. Its just a possible way to make it "open" and still secure.
  • From Microsoft's statement, it sounds like that's exactly what they intend to do.
  • Sweeney is just a moron.. He wants his cake and eat it too. W32 has its problems and he knows it and its mostly from its open nature and packaging. A more secure framework was needed and a packaging method that also included w32 that could completely uninstall ALL of its components and evolve w32 to a non elevated user state. The problem is he is a honest anarchist and probably in the minority. (control issues) There is absolutely no reason he could not stay with w32 native and right now its a bit faster for gaming. The thing is he knows its a far better experience for users safety/aquistition/security yet his approach is to completely undermine that for personal reasons.
  • People on this site talk about how Apple users are sheep and how they hate the walled garden of iOS. But when Microsoft does the same thing, it's the best thing that happened in the industry.
  • Yes, but at the same time everyone blasts MS for such vulnerabilities and then attacks them when they lock down. Dammed if you do... dammed if you don't.
  • Incorrect.   Apple ONLY has a walled garden.  Windows has BOTH walled garden (UWP) and effectively free ball for developers (win32).    Sweeney just sees the writing on the wall...  Win10 is succeeding and that means UWP will as well...  And for the safety of the consumers a walled garden must exist.  He needs to get over it.. it's a world full of bad guys out there now...   Signing an app with a third party cert does nothing validate the code is not malicious....  
  • @pericle, these are not parallel. Windows supports Win32 for sideloading. Anyone can install a compiler and IDE and start coding and shipping Windows applications. Apple provides no way to install apps that don't go through the App Store. On the contrary, they police against that. This is ONLY about getting the optional benefit of the MS seal of approval and installation tools of a UWP without actually going through Microsoft. It is entirely reasonable for Microsoft to insist that anyone who wants their seal of approval must actualy go through their review process.
  • "Apps from the store are safe from this." Android and iOS's app store have both shown that this is bogus.
  • I agree. There is an element of "cost" associated with better security. I would rather have the security assurance of "approved" apps than the wild west of install any unapproved app from any website that we have now with Windows. It would be nice to be able to continue installing anything we want with Windows in the future, but let's have an approved store (or store framework) that lets users know the app is safe and not malware. If users still want to roll the dice installing unapproved apps, then whatever they end up with is on them.
  • No his point is moot because it is safer to download apps from the store then to get them from a webpage its easier to spoof a website and redirect it than it is to spoof the store and redirect it. If you make the store more open then you run into the problems you have with the play store or any other forked android store. At least with the Windows store you have a certification process that eliminates duplicates and malicious software from being published. Posted from Windows Central for Windows 10
  • I am sorry but that in no way shape or form makes the point moot.  What you are arguing is that there is a tradeoff.  And this is true.  If you want to download only applications with a relatively low chance of being infected with malware, then you would go to a high-quality store, such as MS'.  However, if you want to take a gamble and download something from somewhere else, you should be able to do that, as well. And there are many, many reasons for wanting to do this; for instance, you can keep backups of your applications so that if a new version comes along and breaks something, or the developer pulls the app, you don't lose access to needed features.
  • This is already supported and extremely easy to enable considering its a simple radio button choice in settings. The large majority of users will not know what websites to even go to for 3rd party stores, and these type of users are the ones that need protection of secure default settings. Users who know about Steam are very likely to know about the setting and can make the switch and are more likely to understand the security risk. What I see this guy wanting is to have UWP unsecure by default so he can save 20-30% revenue. Microsoft is making the right decision of making security a priority and another right decision of making it optional. For myself, if it's not on Microsoft Store then I wouldn't download it anyway and for sure I wouldn't pay for it because I appreciate the vetting process that the store represents, it means I don't have to go searching around the web trying to find out if some software is legit or not and from ratings and reviews and consistent descriptions / screenshots I can even see at a glance if something is worth downloading in the first place. The store has huge benefits and is definitely worth a 30% cut of revenue, if you need to be greedy and have 100% then just stick to Win32 and slowly die out while other developers innovate and attract your customers in the store. Posted from Windows Central for Windows 10
  • 20-30% revenue is HUGE!  If Microsoft wants to enforce this then they should lower the fee.  Do you use Steam? Add 30% to the purchase price of every item and see what you think of steam now...
  • Funny how 30% is no problem for Apple Store... 30% revenue drop but higher sales due to exposure on a store EVERY windows 10 user has access to is well worth it, in the end they will make more money and there is nothing stopping them from also offering the same app on a 3rd party store to get 100% of revenue for those sales. How hard is it to put instructions on a website that say "open settings app, tick developer mode"? Why ask for 1 billion devices to be unprotected by default just so some ***hole can make a few extra bucks? It's not good for consumers, it's only good for investors and don't you think they make enough money out of us already? Posted from Windows Central for Windows 10
  • You do realize that Steam takes an average of about 30% on all sales right?
  • LOL! I dont think he does. Nor do they realize that the guy mentions being able to run UWP from steam which is DRM as well. This argument is so crazy.
  • What's even funnier, is most people don't realize that the 70/30 revenue split that EVERY app store on the planet uses, including Apple, Google, and Steam, was started by Microsoft when they created XBLA way back in 2014 - XBLA being one of the very first app stores, and being the very first proper app stores for video games. Before Steam was even an itch in Gaben's pants. Developers from the very jump, flooded the XBLA team with entrees they were hoping would be selected for Microsoft's curated XBLA store, because the 70/30 split was a far better, and fairer deal than the age old system of paying royalty fees on physical media to console makers.  With the split, developers and publishers walked away making a whole lot more money per game sale, than they do under the royalty fee system. So no, no one is going to balk at the idea that Microsoft wants to get a 30% cut off the top.  It's an industry standard cut that every store uses, that has been around for well over a decade now. The person who assumes Steam does not take a 30% cut off the top as well, you just lost a lot of geek street cred for saying that out loud.
  • Steam has been around for years lol Posted via the Windows Central App for Android
  • 2014???? You mean 2004 :P
  • What? Steam was around way before XBLA, and even before the 360 was even released In my case I bought my first game on Steam in 2006 (HL2 ep 1), followed by Dawn of War Dark Crusade and a bunch of others shortly after.
  • Imagine UWP wrapped in Steam DRM. What a clusterfuck.
  • Microsoft is only enforcing this in it's store.  If 20-30% is huge then go the W32 route there are other methods.
  • Steam charges 30% as well.
  • They do but they make deals and have a non-disclosure agreement. But a dev mentioned they are in line with other distribution platforms. One dev was mad about sales at some point because he said he had no choice. Wrote a big rant. I think he was forced to take it down lol. It was on reddit I believe. This was a while back.
  • You still can. MS hasn't prevented those types of applications, they're just not UWP apps.
  • Then don't publish through the Windows Store, simple as that. Sweeney is making an arguement where there is none. Win32 apps still exist. Independent developer websites still exist. Executables still exist. Sweeney wants to take advantage of Windows 10 features while sidestepping the security measures in place to maintain those features. If Microsoft is paying developers to publish for the Windows Store, either take the money or take the chance publishing outside of it, don't try and do both.
  • I agree. He wants to be able to get games on XboxOne and PC for free... Thats the one advantage UWP has over Steam/Origin/Uplay/etc.
  • This and those above
  • Look at Android and there's your answer. You can get apps from just about anywhere, and also get all kinds of security issues along with it.
  • Bullshit! Why cant he bash ios? Thing is, if it becomes that opened, the rate and frequency of malware apps will increase. MS need to ensure security first over some irrelevant opinions. It's open as it is. If you create, let's verify before you distribute. That way MS is still in control.
    Dear MS please ignore them. Still to security first.
    Why is MS always bullied?
  • Not really a lot of margin to even create a malicious Win10 Universal (Sandboxed) app. Maybe save a file somewhere. But there are places in the design guidelines that are out of bounds. All MS needs is a certificate tool that checks (maybe under a VM) whether the app breaks those guidelines. Done.   Source: Experience; Really want a DS emulator on the Windows Store
  • He has good points, but half of which aren't true. I have been building software for the Windows Store for 2 and a half years and they aren't like Apple and actually "accept or decline" you to actually build an application, anyone can do it as long as your 18. Also, they check the app for malware, porn, false advertisement, etc... They don't restrict it. Yes, they encrypt it with DRM signing, but that's to keep it safe and not violate copyright/trademarking, etc... Zachary Bowling - ZAD Apps
  • Thank you, Zachary. That's a much better explanation of how it works. You just saved me from having to type it out.
  • I, for one, am for more rigorous screening. IIRC there have been a few articles about store apps doing what you'd not expect them to do Posted from WC 920, 1520, 920, 635, 640 950XL
  • Half of his good points aren't true? ;) Posted from WC 920, 1520, 920, 635, 640 950XL
  • His points can make the UWP system less secure.
  • I don't want it treated like win32 apps. I don't want developers sneeking in adware or maleware into the apps. I want them to be easily uninstallable. I don't want it to do things in the background that you aren't aware off. If microsoft charges exorbitant fees, then I see a problem. Otherwise, I don't see a problem with microsoft certifying apps. Especially since it will be Microsoft that will take the heat if the UWP apps become a virus and maleware magnet like win32 became.
  • My concern is since UWPs are designed to run Hololens too. Opening them for injected code would be a catastrophe. I'm not saying they are 100% secure, never the less they are alot more secure then random .exes from scrupulous sources.
  • Like the guy above already said. Windows will be a lot safer when they have to go through Microsoft. It's a pain in the ass for developers but there's no other way to make sure users don't download crap. If they really want to use it like win32. Then they can still use win32. It's a none issue really. For me as an end-user I'd much rather download through the windows store knowing it's safe than download it from a website.
  • Then continue to use Win32. I don't get the problem.... I am over this guy.
  • Thinking the same. What a tool this guy is.
  • UWP has a lot of advantages...like Xbox integration...or develop once for all screen sizes...cant make that happen using win32...
  • Right, but in order to take advantage of that you have to agree to put the apps in the store. That's what makes them "universal." If you are going to create a UWP for the Xbox, you are already going to put it in the store by default and so there is no need to side-load it unless you want to offer it as a side-loaded option on your own which Microsoft already allows.
  • Don't worry, most game devs will, and will ignore UWP.  
  • will and will huh? so quick to troll you can't even get the wording right.
  • Hardly a troll. I can pretty much guarantee 99%+ of game developers will stick to Steam.
  • You're wrong. The Win10 store already has a larger install base than steam and is preinstalled with every pc, phone and Xbox. Any developer that doesn't publish there is just hurting themselves. For better or worse, the MS store is the new amazon of software.
  • Hurting themselves how? It makes no sense to code exclusively for Windows 10 when you can code for Windows 7, 8 and 10 together.
  • You mean this installbase that only exists because it comes bundled by default?   Steam is still far more popular, and will most likely stay the most popular option. You don't have to get on your knees because Microsoft wants to that way.
  • How does the steam install base help for anyone that wants stuff other than games, or very specific pieces of software? Also, Steam takes 30% just like MS does, and they don't give it back if there's a piece of software returned. SO you not only get on your knees with steam, but you have to swallow at times too.
  • This comment chain is obviously talking in the context of gaming.
  • Ok, I'll put it only in context of gaming. The fact remains that the Windows store has more users. So right there, the comment that Steam is more popular is incorrect and it only has the potential to increase the gap. Now when you said it only makse sense to code for just 10 and not others, that's already being done for games, regardless of Windows store with DirectX12. So with a higher install base, it makes sense to release your titles onto the Windows store.
  • In aspect to games, I sincerely doubt that the Windows Store has more users. First of all, this store has been refreshed since Windows 10 and is exclusive to that platform, so that is what, 15% of all Windows devices? Whereas Steam runs on a full 100% of those devices(excluding platforms where UWP is the sole way). So even if the windows Store has a 100% usage rate under this 15% then that is still a very, very small percentage compared to the larger market Steam can be installed on.   I would love to see those numbers(I couldn't find them) but I sincerely doubt that a platform that is Windows 10 exclusive(and isn't even a year old!) has a larger userbase compared to a platform that has been around for years and can be installed on pretty much all PCs.
  • Ok, so let me start of by saying, if you don't have numbers, don't make up your own, you destroy all credibility in your argument that way. As for numbers, Windows 10 has a installed base almost 13% (NetMarketShare), Steam has approximately 125 million users (Kotaku), and the Windows store has an installed base of approximately 122 million, I removed about 18 million as they are not accessable by the Xbox one YET (Windows Central). Now what the software CAN be installed on is completely moot as, when it comes to games, you will need Windows 10 for any AAA games that require DirectX. So with numbers that are a few months old, we can ascertain that, if it hasn't already, Windows 10 will surpass Steam users, and as soon as the Windows store is accessable on X1, that will surpass Steam users by far.     https://netmarketshare.com/ http://kotaku.com/there-are-over-125-million-steam-accounts-1687820875 http://www.windowscentral.com/windows-10-now-more-200-million-devices
  • You're assuming that every Windows 10 owner is interested in using the Store, which is far from the case, and even less so among gamers who are used to Steam, who would only lose features by buying games on the Store in it's current form. Also, the notion that AAA games will ONLY run in DirectX12 is beyond ridiculous. That not only makes an OS barrier but a GPU generation barrier which doesn't need to be there. Fact is that the gamers know where they would prefer to be. Rise Of The Tomb Raider currently has 10,301 reviews on Steam. On the Windows Store? 37. Thirty. Seven. Face it - gamers don't want UWP.
  • Either that, or maybe steam is multiple years old and AAA games just recently came to Windows. Could be either.
  • Yet apparently simply having the Windows Store on millions of PCs is supposed to instantly turn it into a hit, according to previous posts. Obviously not the case. Microsoft needs many incentives to get people buying games on the Store instead of Steam and those incentives are just not there.
  • i can only name reasons as to why not to buy from the Store.
  • "As for numbers, Windows 10 has a installed base almost 13% (NetMarketShare), Steam has approximately 125 million users (Kotaku), and the Windows store has an installed base of approximately 122 million"   You can't assume all those hundred million people use the store they got shoved down their throats.   "when it comes to games, you will need Windows 10 for any AAA games that require DirectX." Nope.   DirectX12 games, yes. But every single one of them uses an older DirectX version as well. In fact, Dx9 still is a very common version that is used.    
  • Since the comparison was made with Steam ,i assumed we were talking games.    Anyways, for "very specific pieces of software" you are looking at W32 instead of UWP as, like said, UWP is much more limited in what you can/can't do.
  • I like,it is good idea to make windows 10 open system. and then i believe there will be lot more simple,but handy app's for all of us!
  • And also a bunch more security flaws.
  • Since when did the world of computing become so unsafe?! I haven't had a virus since XP days. The whole security angle is just a ruse for Microsoft to try and force developers hands...and give over 30% of the revenue for something Microsoft really has no right to demand.
    I say good on the developers for standing up. Monopolistic business practices cost us all in the long run....and Microsoft has more than enough of our money already.
  • Yeah, my in-laws average several viruses per month, because they can't seem to comprehend that they shouldn't not "click" on certain things. I've actually stopped cleaning up after them, because it's too much of a pain. I tell them things like, "Running that bad? Maybe time for a new computer." Then they are finally interested in learning how to do safe surfing. LOL. 
  • Lol besides the continuous pressure to charge sales tax in areas where it doesn't apply to consumers
  • Simple answer? We live in a world where people are willing to give up freedom for false security all so they don't have to deal with responsibility.
  • Computers became more secure after the XP days because Microsoft started signing drivers and taking aways many of the paths malware developers were using. Your acting like viruses just went away on their own. The main way to get viruses is to try to get people to install them and I've seen plenty of sites trying to trick people into installing them. The main one I've seen is the one that says your flash need to be updates. One of the employees at work almost installed on of these just today. Requiring for all apps to be verified isn't a bad thing as long as Microsoft doesn't charge too high a fee for doing this.
  • You do realize that anecdotal evidence is a huge logical flaw right? It doesn't matter when the last time you got a virus was, they do still get installed and that is a fact. I mean, how do you think the DDoS attacks happen? You do realize people don't all sign on at once from their PC and ping servers right? You say MS has no right to demand 30%, if you want to enter their store, they have every single right to demand it, just like Apple, Google, and Steam do. That's the price you pay for storing your software on someone elses server, and the advertising.
  • So in other words, do the same thing with UWP apps that has made Win32 programs a security hazard over the years so that they don't have to pay MS anything while reaping the benefits of the oodles of money MS has poured into unifying Windows. Nice perks like a fast growing user base and an ever growing number of devices. It's not that I don't think he has a point, it's just painfully obvious that it's all about the money.
  • This. I wanted to expand more, but I really should be paying more attention to my conference call... haha
  • They should go Android, when there phone doesn't work after six months, full of adds and malware then they would know, everyone thinks it's about the next 100k of apps that Microsoft are focused on, they are so wrong, it's about the productivity of the eco system and the phone, not about big name apps you will never download just so you can make a comment or two in a post.
  • They should go Android, when there phone doesn't work after six months, full of adds and malware
    Funny, Mactards say the same thing when talking about Windows. Its just as stupid when they say it as you guys sound when you say it about Android. 
  • Damn you just hate everybody? :)
  • Keep spouting that nonsense, in before you can finish another post like that, a million Android phones will be sold. It's amazing how fanboys can turn any freaking topic into an Android bash-fest. The jealousy of Android's success runs deep in these parts.
  • "security hazard" Yeah, except not really. We have such a thing called AntiMalware for quite a while now which does a very good job protecting the people from malware.   People seem to forget that this "security hazard" is people doing it themselves. And to think that they wont be able to do said thing just because it's in a moderated store(Where people delusionally think apps are rigulously tested. Of course they are not, as testers then wouldn't be able to keep up) that they are safe from themselves. Android's and iOS' app store have shown it many times that malware etc. too can find it's way to the app store. To think that somehow Microsoft's App Store would be any different is delusional.   The security hazard is the person itself, and you can't protect them from their own inability.
  • Straight up copy-pasta-ing my own comment so people see it and get it through their heads. As I said last time…you people sure missed the point or don’t know what you’re talking about. (to you few people who do, thanks! This doesn’t apply to you)   Let me list off some restrictions that are in the UWP (as of right now): -Your game/app MUST run borderless windowed mode. This means there is no feasible way to run it in full screen. -Your FPS MUST be 60 FPS maximum. This means that your 144hz monitor with gsync and setup that runs games at 90+ FPS….NOPE! - Vsync HAS to be turned on. If you don’t know why this is relevant, this topic doesn’t apply to you, and you don’t know how many issues turning OFF VSync has fixed for games.   On top of it, all game files are encrypted and cannot be changed in ANY WAY…so this means NO MODS or hot fixes without going through MS certifications. Which…when was the last time you had a AAA ship day one and not need a day 1 patch or hot fix (The fact that you HAVE to think about it says it all)? SLI/Crossfire support is STILL broken as heck. So this aligns with the SAME thing valve said before that seems to align with MS’ tactic that the Windows 8/10 store is a “Direct attempt to create a walled garden for PC” which seems to fit into MS’ strategy of Adopting standards, adding proprietary standards, then using said standards to disadvantage the competition. Even IF this isn’t the case, MS is saying the UWP is open when…that sounds pretty darn closed off to me.  It seems as if that the goal is to lock down a market (i.e. PCs) to achieve simplicity like the consoles, but PC’s HAVE NO STANDARDS because they change every month! No two PC’s are the same, and you can’t force a platform like that to a standard. Clearly people forgot about games for windows live. Oh and why certain software can’t be sold on disc with windows discs because the courts checked them on it.   Let’s take an example: Tomb Raider. Currently on Steam and Windows Store. Patches, add-ons and updates come out later on the UWP version. Probably because they need to pass certs on UWP. With the average person looking at reviews online and advice, there is NO reason to get it from UWP than Steam for that reason.   Do your research people and stop gun jumping in defense of MS. Let’s also take note: If Sweeney actually didn’t want to see this succeed, why would he offer advice and suggestions?
  • Ok lets let them be open. Allowing for people to mess with files, put attached virus' inside and give us more to worry about.
  • Sweeny is an idiot. The entire reason why is do not want to install any random exe from a random website is security concerns. Windows store allows anyone to confidently install an app because these are checked and signed by Microsoft. Sweeny is still in 1999. Also this makes me think, why is this dude not complaining about the app store and play store.
  • He's backpedalling slowly. First he goes nuts about it. Now he wants it to be w32. The argument that MS still has to approve it is just ridiculous. So what? They approve it and you're done with. Anyone can get this approval. I think he has some other agenda.
  • Sounds like it to me. Other agenda"
  • While I am uncertain to what extent MS checks submissions to the Windows app store--just look at the amount of fake apps that exist in the Windows Phone app store--I agree with your point that Sweeny did not mention the popularity of the Apple app store, despite the fact that iOS is a closed ecosystem.
  • Which is weird since Apple App Store is similar to Windows Store and vice-versa, I can bet he's using an iPhone so I'm not sure he didn't get it why it's like that. It's really about security and keeping the quality of the apps (unfortunately Windows Store have too much crap apps published over there), and Apple are very successful with it. I bet he's trying to make Universal Apps similarly distributed as Play Store apps, look what happened to Android's reputation, it's the mobile platform that have constant threats to malware because of some users gettings apps outside the Play Store. I bet Microsoft is just not willing to take a risk to have another thing being accused as "malware vurnable" OS from Universal Apps. Windows is already have enough issues with malwares in a form of exe files. Sometimes Microsoft has to do something to save users from their own mistakes.
  • The fake apps are the fault of MS wanting more apps in the store.  But at the same time they are contained so they can't really do much outside of getting some info about you if you don't set privacy settings.  And of course can trick people to enter info.  My guess is that there is a hierachy of how apps are scanned for intrusiveness.  The more info it requires the higher up and deeper scans occur and possibly may have human intervention.  Or at least should.  Thus far nothing bad has come of it.  But MS does seem to be listening to the issues and trying to work on it.  And yah they are slow as most of their focus is on the developer tools side and PC.
  • "But at the same time they are contained so they can't really do much outside of getting some info about you if you don't set privacy settings." Because who cares about a malicious party getting personal info, right?   Drew Neilson makes a good point regarding fake apps. If they can't even properly manage that, then how can we be confident the App Store won't be a malware heaven?   The current trend in malware is to either steal personal info or to hold their files hostage. And the first can very, very well be done via the App Store.
  • The only info they could get is name, maybe contact list.  Depending what the required permissions are. Again, this is nothing to what w32 can do.  That's the whole point.     And no you can't get that stuff through the app store as there are tiers of scanning.  The app would be contained so it wouldn't be able to encrypt any data but its own.  That's what makes UWP so great.  Now look at all the cases of hostage files in windows, they are all w32 malware/viruses/spyware.  UWP solves that.  Again.  You should just let things progress.  See where it goes.  By the time windows 10 is even close to being finalized after redstone 2, Google may already have their OS in beta stages, who knows.  Either way you can go to linux if you are that worried.   See you need to understand these things otherwise people freak out.
  • "The only info they could get is name, maybe contact list.  Depending what the required permissions are." Indeed, depending on what the permissions are. So yeah, you'll just use every permission there is and start mining data. "Again, this is nothing to what w32 can do." It's exactly the same.  "And no you can't get that stuff through the app store as there are tiers of scanning." Hahaha that is such an ironic assumption. You assume that that is the case, you assume that because it is there it is per definition safe. Which, it is not. In fact, it is less safe because you rely on an outside party to do the security checks, without any way to validate that those checks are properly done.  I'd rather decide for myself if an app is safe or not rather than putting blind trust in someone doing it for me.   Also, I believe somewhere else you said that Microsoft doesn't do anything about doubles on the App Store to strengthen the numbers of apps. What makes you so certain that they do not do the same thing in regards of malware? " The app would be contained so it wouldn't be able to encrypt any data but its own.  That's what makes UWP so great.  " Hardly. It hasn't actually solved anything. It gives the delusion that everything is a-okay. Which, imo, is far worse. There are many other ways to do something malicious, by the way. While I named ransomwhere, there are many other things. And privacy is a great one on that aspect. "Now look at all the cases of hostage files in windows, they are all w32 malware/viruses/spyware.  UWP solves that" No it does not. Just because they locked their doors doesn't mean they can't break in. " Again.  You should just let things progress. " Actually, I should not. But then again, how else can you shove UWP down people's throats? " Either way you can go to linux if you are that worried." Not worried at all, I don't know where you got that suggestion from   "See you need to understand these things otherwise people freak out." Was that supposed to be ironic?        
  • MS actually has done a great thing with privacy and per app permissions.  This is why ios and android followed.  You are in total control of this type of information.  I honestly don't care if people get my contacts, nor if i'm someone's contact.  They get my e-mail and number, sure.  But facebook does, everything out there does.  Those items are already all over the internet.   Again most people get stuff that is known and rated in app stores and can read through the comments.  With w32 it's just on the web and you sort of take your chances as you said.   But again w32 will always be there so keep taking your chances.  I'm saying that none of us really know the end result so to fear it is silly.  Once things happen we can make decisions, but for the time being just watch things unfold and see what happens.  There's no Doomsday scenario here.    You keep trying to underscore the security, but ios is proof that this sort of model is secure.  Any exploits on ios have been from jailbroken units.  And the small amount of malware that made it into the store was through a hacked 3rd party publishing software that Apple remedied super quickly due to the control they exhibit.  With w32 MS has no control.  Once the stuff is out there, it's out there.  Heck you could have a rootkit running on your system and you would never know because of how they conceal themselves and control your virus scanners.  That can't happen with UWP.  
  • "MS actually has done a great thing with privacy and per app permissions.  This is why ios and android followed.  You are in total control of this type of information. " Except the vast majority of people never look at such a thing(If they did, then the security wouldn't even be an UWP argument) "I honestly don't care if people get my contacts, nor if i'm someone's contact.  They get my e-mail and number, sure.  But facebook does, everything out there does.  Those items are already all over the internet.  " Most people don't really like that. "Again most people get stuff that is known and rated in app stores and can read through the comments" Who ever looks at the comments? Here my previous point applies again; If people did so security wouldn't be a UWP argument. "With w32 it's just on the web and you sort of take your chances as you said" Can't remember saying that. And no, it's not taking your chances, just using your brain is very useful. "You keep trying to underscore the security, but ios is proof that this sort of model is secure. " http://www.computerworld.com/article/2989037/malware-vulnerabilities/iph... The same thing goes for Android, by the way.  "Any exploits on ios have been from jailbroken units. " Nope, see the link above. "nd the small amount of malware that made it into the store was through a hacked 3rd party publishing software that Apple remedied super quickly due to the control they exhibit." But you just said that it has proven to be secure? Doesn't this quote tell you the exact opposite?   "With w32 MS has no control. " Which is the whole point. That's literally Tim Sweeney's criticism summed up. His whole complaint comes down to one thing: MS has control. "Heck you could have a rootkit running on your system and you would never know because of how they conceal themselves and control your virus scanners.  That can't happen with UWP.  " Actually, why wouldn't that be able to be concealed on the app store? Doesn't the exact same thing apply here? Or are we now assuming Microsoft has superpowers that can magically detect every little thing?  You literally have no guarantee on security with UWP. Unless you think Microsoft telling you it's okay is a guarantee.         
  • Yes that link you posted was due to what I mentioned.  It was fixed already as all apps were pulled, including from users. UWP can't gain root access because it is self contained in a virtualized container that uses random memory allocation.  It would require figuring out the memory space and then escaping the contained jail.     And yes Tim is worried about that, but that's the point the majority of people aren't.  They prefer MS takes control and keeps them secure.   "I'd rather decide for myself if an app is safe or not rather than putting blind trust in someone doing it for me."   That's where you mention taking chances.  Your decision isn't always the correct one as you do not have any idea what the software is doing.  You just install it with elevated access and that's that.  It can then fetch more code to execute and take over your PC all without your knowledge.     Anyways, this is just going to keep going.  Fact is it's happening.  And it is safer, no doubt about it.  
  • "Yes that link you posted was due to what I mentioned.  It was fixed already as all apps were pulled, including from users." So? Still doesn't mean it's guaranteed to always be malware free. Yes, the problem was fixed, but the issue here is that it could happen in the first place. "UWP can't gain root access because it is self contained in a virtualized container that uses random memory allocation.  It would require figuring out the memory space and then escaping the contained jail.  "   Which I'm certain can be done. " "I'd rather decide for myself if an app is safe or not rather than putting blind trust in someone doing it for me."   That's where you mention taking chances. "   Nope I did not. Taking chances would we quite a lot different. I don't randomly guess if this .exe is okay or not. "Your decision isn't always the correct one as you do not have any idea what the software is doing." Actually, taking a good look at what you are actually downloading and attempting to run goes a very far way. UAC is a really great help here.   " You just install it with elevated access and that's that. " If you roam the internet with no brain, maybe. But those same people will find themselves in problems with Apps from the store. "It can then fetch more code to execute and take over your PC all without your knowledge.  " So could a UWP app. "And it is safer, no doubt about it.  " If you believe someone's word, which you can in no way reproduce nor validate, then sure. And there is the main problem; You got absolutely no clue whatsoever how Microsoft checks the apps and got no clue of the results either. So whatever app you download is as much more of a guess than an executable you downloaded and checked yourself.          
  • Malware too can find it's way to an App Store.
  • Better yet allow them to be updated and maybe downloadable from verified businesses and game companies. Like Ubisoft, Activision, squareenix, etc
  • Exactly sort of like the xb1 original drm model
  • [FIND] UWP
    [REPLACE] UWP (just like Apple and Google)
     
  • HEY TIM Go AWAY.... next time it is not GO AWAY... it is GO TO .....
  • There are no Win32 apps. Most apps use DirectX to render.
  • He is 100% right.
    Microsoft should allow dev to distribute their apps as they see fit. That's is the model with Win32 apps.
    ----
    Furthermore, Microsoft should drop any fees for new UWP apps uploaded to store.
    -----
    Lack of apps is serious issue that is hurting the ecosystem. Situation is pretty desperate and requires bold measures. MS must make every effort to attract dev back.
  • And of what benefit is that to Microsoft when they are already moving away from having sales of Windows as their main money maker? Clearly the fees aren't hurting developers that much since the store is currently growing at a nice pace. MS is not a charity and it costs money to keep thi