

Microsoft unveils sandbox boundaries for Windows 8/Metro developers  - kefs
https://blogs.msdn.com/b/b8/archive/2012/05/17/delivering-reliable-and-trustworthy-metro-style-apps.aspx

======
eslaught
"While it is possible to hide or obfuscate calls to APIs that are not included
in the SDK, this is still a violation of customer expectations and Store
policy."

Wait, does the platform not include a sandbox to make sure this doesn't
happen? What "security" can you expect to get out of such a platform?

~~~
nemeth
Windows 8 Metro apps can be written in real C++. How could they sandbox a
custom C++ app? There's no virtual machine to do it.

[http://msdn.microsoft.com/en-
us/library/windows/apps/hh46504...](http://msdn.microsoft.com/en-
us/library/windows/apps/hh465045.aspx)

~~~
mkup
Virtual machine is not required for sandboxing C++ apps in 21st century.

[1] <http://code.google.com/p/nativeclient/>

[2] <http://www.cl.cam.ac.uk/research/security/capsicum/>

------
jamesu
There are a lot of claims made here with regards to how end-users will
effectively like to download and try apps from the metro store and take the
time to write a good reasoned review about their experience.

Given the average response i've heard from end-users however, i somewhat doubt
this. Most people i've talked to simply hate metro. Looking at other app
stores, most reviews i've seen are low quality and emotionally driven.

Will be interesting to see how it all pans out.

------
yoblin
One upside of this is that it looks like they're really pushing the one-click
installs. It isn't apt or yum, but it's certainly better than what Windows has
now..

~~~
DavidAbrams
How? Windows installation has been fine for a decade and a half. Actually,
it's going BACKWARD, with vendors now not bothering to ask you WHERE you want
application links stored and instead littering your machine's program menu
with endless directories named after themselves. Who the hell organizes their
applications by vendor? I want my graphics apps together, my audio apps in
another group, general office-type apps in another.

With every release, Windows has made this basic function (organizing
applications) a bigger pain in the ass. If Microsoft is going to start
enforcing policies, then this should be one: No application can simply barf a
bunch of crap into your Start menu without ASKING where you want it to go.

~~~
dpark
Sorry, I think you missed a pretty big memo. The Start Menu is gone in Windows
8.

~~~
tomjen3
Does this also mean that winbutton no longer gives you access to search
through your programs and documents?

~~~
recoiledsnake
No... just hit winbutton and start typing away.

~~~
DavidAbrams
Because you remember the name of every program on your computer, including
that seldom-used demuxing utility you downloaded last year.

------
TazeTSchnitzel
Apps can only access files with the same file type association?

What about generic text editors? SSH clients? :/

~~~
InclinedPlane
Whoa there, read more carefully. It seems that if you use the built-in
FilePicker then your app can use any file on the system, provided that the OS
is sure that the user has actively given you access to it. Also, there appear
to be ways to obtain permissions beyond the default level.

