“It’s taken longer than expected but it has finally happened: unsigned desktop applications run on Windows RT. Ironically, a vulnerability in the Windows kernel that has existed for some time and got ported to ARM just like the rest of Windows made this possible. MSFT’s artificial incompatibility does not work because Windows RT is not in any way reduced in functionality. It’s a clean port, and a good one. But deep in the kernel, in a hashed and signed data section protected by UEFI’s Secure Boot, lies a byte that represents the minimum signing level.” Good stuff. Very good stuff.
To get around this limitation. There are no apps, other than .Net apps, that will run on Windows RT. So I am not sure I see the point, other than to prove it can be done, which in thinking about, may be reason enough.
There are people out there who do it because it’s fun
Windows Store apps can be in .NET, C++, or JS.
This affects desktop apps, not store apps. Because desktop apps are Win32 apps, they aren’t compiled to run on ARM.
But they can be compiled to run on ARM, and with the exploit now they will run.
This is of course not interesting for commercial software vendors, but people who want to build Win32 desktop apps for the Surface RT now have the ability to.
It’s probably a bad business plan to base your app on a vulnerability in the base OS, but hey, that’s just my way of thinking.
Lots of Android vendors do it, and their “root only” apps are even in the official Google Play store. Why shouldn’t Windows RT users have the same kind of fun?
Because MS might close the vulnerability, it’s 50/50 with them, Google doesn’t care, they don’t do the locking themselves, carriers do.
That’s just reality. The Windows Runtime is the future of Windows, and Windows RT is the direction that Microsoft is headed in. I don’t believe the transition will be complete until WinRT completely replaces Win32, but it will eventually happen.
This blog post is insightful and sheds a lot of light on their strategy: http://hal2020.com/2013/01/02/there-is-no-arm-in-windows-rt/
WinRT and This hack have nothing do with each other. This is a hack to allow unfettered access to the desktop, It doesn’t have anything to do with the app store, WinRT or Metro.
Its a reality to expect to have to take such measures because Win32 moving forward is of limited strategic importance to Microsoft, as such, it is unlikely that they relent on their position.
So if a company *really* wants to run their full fledged Desktop app on Windows RT, this is the only avenue they have.
Not that its a good solution. Its much better to just sideload a Windows Store app without restrictions (as I’ve mentioned in one of my comments below) because you get integration with the new lifetime process manager for free.
Win32 will never be replaced. It will be here as long as computers exist.
There are millions of lines of Win32 that no one even understands. The people who wrote them are all dead or retired. Do you want to go step through black box code that helps a machine process ore? Of course not which is why Win32 isn’t going anywhere. Even if Microsoft went tits up Win32 be duped and supported. Win32 is needed more by society than Microsoft.
Sorry, but judging from your last comment, I refuse to even acknowledge you have a shred of insight on anything pertaining to this topic.
Legacy will likely remain in Windows 8, but Windows RT is unmistakably Microsoft’s OS moving forward.
Sure, many, many years down the line there will be an incarnation of Windows that ships with Win32, but it won’t be consumer facing.
Microsoft is positioning the Windows Runtime as the replacement for Win32, and by forcing Windows Store apps to only use the Windows Runtime, it is guiding developers through that transition gradually.
You not being able to see the tea leaves doesn’t really matter.
Nelson,
Just my opinion mind you, but I think Microsoft will likely continue to keep win32s if only because 3rd party proprietary win32 applications are the strongest drivers of their market share. Maybe that will change, but I see no indication that a change is taking place today with winrt.
If MS did choose to abandon win32s all together, I suspect most commercial developers would rewrite their software using a portable toolkit and thus mark the end of microsoft’s effective desktop monopoly.
I wouldn’t expect you to see a change given that Windows 8 has been out less than three full months. I’m speaking medium to long term, over multiple OS release cycles.
and the 3rd party Win32 apps being the drivers of marketshare, would in my opinion be replaced by 3rd party WinRT apps over many release cycles and iterations of the platform.
WinRT isn’t this static thing, it will improve, it will become more flexible, and a better fit for a larger swath of the scenarios out there.
It wouldn’t be overnight, it’d be gradual and I think the inertial effect of Windows itself emphasizing WinRT over time would alleviate a lot of this.
chithanh,
“This is of course not interesting for commercial software vendors, but people who want to build Win32 desktop apps for the Surface RT now have the ability to.”
It is a nice, yet temporary exploit for end users. Now that this is out of the bag, the byte is not likely to exit in future updates (which may or may not be mandatory for current users who don’t want to loose functionality like the whole PS3 debacle).
Edited 2013-01-08 05:51 UTC
Unsigned Windows Store apps have always been able to run (using the aforementioned Remote Debugger) which also allows you to use the full .NET/Win32 API in your apps for pure sideloading.
This facet of the Windows App sandbox is enforced only at Submission time by running the Windows App Certification Kit.
Its always been the case. And has therefore always been possible to run unsigned code for your own purposes on your own device (As I’ve been tirelessly saying for months, but which people conveniently ignore in their criticisms).
I just tested it and fired up an C++ app which uses a Win32 API (that also fails the App Certification static analyzer) and can be successfully deployed to my Surface RT.
Please stop spreading this myth.
.NET and C# are not the same thing.
Microsoft is not allowing .NET applications in Windows RT. C# is a supported language but without .NET that means existing applications have to be re-written in WinRT.
It’s total bullshit really and an insult to .NET developers. Everything is expected to be re-written except Microsoft’s software that gets access to the secret .NET/Win32 stash.
I’m well aware, and there is no myth.
From MSDN: (http://msdn.microsoft.com/en-us/library/windows/apps/br230302.aspx
And since you obviously are misinformed, here’s a white paper for you to read: CLR and the Windows Runtime (http://go.microsoft.com/fwlink/p/?LinkId=243099)
No. Microsoft supports .NET . It just supports the CoreCLR profile of the 4.5 BCL. That’s a limited subset.
It also doesn’t include WPF, WinForms, or any other things that wouldn’t make sense for the Windows Store.
The BCL is there, the execution engine, IL, the JIT compiler, everything is there.
You want to know what’s an insult to .NET developers? Your complete and utter ignorance on this subject matter.
The Windows Runtime and XAML stacks are for the most part native code. However, the WinRT projection library and some clever .NET Interop at compile-time manages the glue between WinRT and .NET pretty efficiently. A lot more efficiently than COM RCWs or P/Invoke.
You not understanding this only speaks to your ignorance as a .NET developer.
I shouldn’t even have to be saying this, if you want a primer on the Windows Runtime (and judging by your sorry excuse for a comment, you need one) you can read the MSDN documentation.
Your blind, irrational, hatred for Windows 8 does not entitle you to your own facts.
Edited 2013-01-08 06:32 UTC
I believe that good OSS stuff like 7zip or GIMP will now eventually get ported.
Heck its even more pointless as Surface is a megabomb and all the other OEMs have “delayed” (read canceled) their WOA products so pretty much the only thing which this could ever be used on is the Surface which is frankly priced so stupidly its gonna just rot in the MSFT stores.
Last hard data I saw had fewer than 1 million sold and indicators so bad that MSFT called their manufacturer and cut their order in half just to keep from ending up with a warehouse full of the things.
Now one could pin their hopes on MSFT unloading all those Surface units on Woot!, like HP did with the Touchpad, but if you look at the past history of the company and what has been done to cover Ballmer’s BS, such as counting every single Vista downgrade as a Vista sale to keep it from being listed as the megaflop it was? Frankly I wouldn’t be surprised if he had the Surface units buried in a landfill in NM rather than admit its a complete failure.
Kinda sad really, the Tegra 3 is a nice chip and if you had an OS like Android better optimized to the hardware and with better app selection it would probably make a nice $200 tablet. But all the reports I’ve seen indicate the appstore is a broken mess, the apps that they DO have are money ripping knock offs like the “Steam” app that merely stick icons of your Steam games on the screen for you to look at or the dozen FB ripoffs that just call FB through the browser and mine all your data.
So does that mean that Windows RT will be vulnerable to all the Windows virus, malware and other crap that windows catches?
No.
No indeed, because Windows RT is same as Windows 8, not Windows XP…
Maybe. You might have to have two different versions of the virus x86 and arm, but they possibly could exploit the same bug in windows.
If it’s just a single byte it seems to me if can/will/might be fixed very quick by Microsoft.
From the article:
So Microsoft cared so little about the vulnerability that they ported it from x86 to ARM kernel?
Of course they will fix it if they determine that it is against their business interests. But I think they will observe what people do with the exploit to run their own Win32 apps. Because in the meantime, it can help badly needed sales of Surface RT.
Being able to install illegal software is a double edged sword I guess. It can help sell hardware, which increases the customer pool, but it also looses software sales, but without hardware in people’s hands there is no software to be sold.
So you’re right and it will be interesting to see when/how Microsoft will respond.
Illegal software?
Only open source software can be ported to Windows RT with this (since proprietary vendors won’t, of course). How is that illegal?
Ah, I was under the impression that anything could be installed, so also cracked warez.
No, the hacked warez would be x86 code. To work on the tablet, it would need to be recompiled for ARM, which requires the source-code to feed into the compiler. I suppose there may be some closed source stuff that people have stolen the sourcecode for, but I doubt that would be much of a large-scale issue.
The “vulnerability” is really a non-issue, the way this procedure works starts by getting administrator privileges by attaching to a system level process using the debugger. This is perfectly allowed and lands you administrator privileges at once (which more or less means that everything is already broken into). The “vulnerability” is just a question of fooling CRSS, which is basically a user-land kernel component, into poking the kernel in the ways you wish.
It is certainly not a vulnerability in the sense of permitting malicious code to do bad things, since the malicious code being able to launch and connect the debugger to arbitrary processes means that it has already done everything it needs.
Wrote this review about it:
http://www.amazon.com/review/R7NPQ0AFSN3AE