Microsoft’s Windows has traditionally been the Android of desktop operating systems. It is an open syste that allows users to install any apps they choose, from arbitrary Win 32 apps, to Windows store apps targeting the universal Windows platform. But for some, this isn’t enough. Windows 8’s metro apps weren’t good enough for many users, and even now some still rail against what they see as the “appifcation of Wiindows”. Epic’s Tim Sweeney is one of those who see universal Windows apps as a threat to the openness of Windows in general. In an article in Venturebeat today, he defended his editorial that “Universal Windows apps must die”.
To Sweeney, Windows 10 is less open than Windows 10, and this is a veerrryyy baaaaddddd thing.
First of all, he addresses Microsoft’s UWP system. He praises the idea behind securing Windows, but doesn’t like the practical reality of it.
Broadly speaking, UWP aims to solve the problem of sandboxing and application security that has led to the wider occurrence of malware on Windows than, say, iOS.
The win32 APIs are difficult to secure because they are both extraordinarily broad in extent and extraordinarily constrained by the backward-compatibility requirements of hundreds of thousands of PC programs that consumers and businesses use. The APIs that AutoCAD uses in powering great industrial design applications, for example, are also what malware leverages to take over a user’s PC.
By creating UWP, a new set of Windows APIs aimed primarily at consumer applications, Microsoft is starting from a simpler foundation and adopting a modern capabilities-based security model that is easier to secure and to trust. Should a given app be able to access the microphone? Access the file system’s root directory? Install device drivers? These are problems that UWP and iOS similarly solve.
This core technical idea behind UWP is a good one, and one that many industry participants would like to support were its positive benefits decoupled from the present design decisions constraining the UWP ecosystem.
What he doesn’t address is the reason Microsoft is moving to the store over Win 32. Windows Win 32 apps are a mess. Every app, every program, has is own different way of being installed and being updated. Skype installs one way, Office another, Evernote another, Spotify itself and so on. These apps may decide to run at start-up, they may install themselves in ways that makes them hard to remove, and they all update themselves independently using different mechanisms that are disconnected from each other. If Apple has a walled garden, Win 32 has a sand pit with no gates and developers are free to play as they choose. Sure you may get some responsible developers, generally big time devs who work for large companies (and not even then), but the average application is a mess. Microsoft’s Windows store and UWP attempts to fix this by streamlining everything for the developer and the user. You have a single store, the Windows store. You upload your app to the Windows store, and then your users download it. Its convenient and easy for users and developers alike.
He argues that Microsoft’s requirements of signing apps is a bad thing. It restricts openness. It restricts free speech and is essentially malware.
In an open ecosystem, developers and publishers are free to create and release software without the certification or approval of an operating system vendor. Users are free to consume any content they choose, from any individual or company. And all parties are free to engage in commerce directly with each other, without one corporation intermediating all transactions.
Software, and the content it contains, is a mode of human expression on par with speech itself, and the imposition of any centralized certification or censorship authority is of grave concern to the future of public discourse.
There are two things he forgets, Windows is just as open as Microsoft wants it to be. It us not a crowd funded operating system. It is not Linux, it is Windows. There’s already a precedent of certain kinds of software not being allowed on Windows (malware), so it is a bit too late to play the censorship card. To go back to our sandpit analogy, think of the Windows platform as a giant playground. Users and developers are allowed to play in it and do whatever they want. However, some people aren’t playing fair. Some people want to throw sand in other people’s eyes and step on their sand castles. If the playground manager decides that he’s going to need to lay some rules down for health and safety reasons, surely no one would argue that’s a bad thing?
Moreover, the rules Microsoft lays down for developers in order to get their apps into the store are very few. You just have to not destroy the PCs or phones of the users, and they’ll let you in. While we would prefer they were a bit more closed in terms of what apps they could let into the Windows Store, its clear that Microsoft is still erring on the side of “open” here. Microsoft’s requirement of apps being signed is another thing that protects users. In the big wild world of win 32 apps, developers can write malicious apps and software that target and destroy users computers. This isn’t good for anymore, not Microsoft and not users. If an equivalent Windows store app were to be found acting so maliciously as to be a threat to users, Microsoft could simply kill the app remotely by revoking its certificate, and that would be the end of that – assuming said app even gets past screening in the first place.
For developers, the benefits are obvious. You don’t have to create a website to host your app, you can push updates through the Windows store, and you have a higher chance of being seen by users browsing for your app than on the web, For users, you can be sure the apps won’t melt your PC or phone, and that good quality ones will extend your PCs functionality without doing more than necessary.
Making UWP more “open” as Mr. Sweeney describes, defeats the point of UWP. If any random person can install any random app on their PC, then security goes out the Window. This is not to say that Microsoft shouldn’t allow people to be able to host UWP apps on their own site (argument for another day), but there’s an argument to be made that the security and streamlined nature of the store overcome any arguments of openness.
In an open UWP ecosystem, all sources of software would exist on equal footing — Microsoft’s Store, Valve’s Steam service, Adobe Creative Cloud, and the numerous developer web sites that provide software. And Windows would provide all developers with equal access to the Operating System features and services that are available to Windows Store itself in managing UWP applications.
If the average Joe wants an app, the Windows store should be the place to get one. If someone more technically experienced wants an app not in the store, there are ways around that that are trivial for said people. It’s a winning situation without jeopardizing the security of Windows for the consumer – and that’s not even considering the reduced threat of piracy for developers.
To conclude, there is a reason the industry moved towards curated stores for all platforms – mobile, console and PCs. The wild west approach has been tried in the past for decades, and it just wasn’t working so there’s no point trying it again. Arguing that UWP should be more open because Win 32 is open misses the point. Microsoft is trying to move away from that openness and the risks associated. The cult of “open” for its own sake needs to move on.
Do you think Microsoft should open the UWP system even more? Let us know in the comments below.