November 29, 2022
  • November 29, 2022

Microsoft UWP strengthens Windows app security

By on March 31, 2016 0

Microsoft’s renewed emphasis on the Universal Windows Platform (UWP) goes beyond an improved user experience or an attempt to get additional apps into the Windows Store. UWP brings Windows app development closer to a more secure ecosystem where Windows software can’t wreak havoc on user devices or compromise data.

UWP was originally introduced alongside Windows 10, with several enhancements announced during Microsoft Build 2016. UWP offers developers multiple options for user authentication, ranging from single sign-on to third-party vendor services such as Facebook Login or Twitter. The apps also work with Windows Hello, which lets developers add fingerprint biometrics to apps so users can swipe their fingers to confirm an in-app purchase or access restricted resources. At Build, Microsoft’s Bryan Roper demonstrated on stage how he could log into the USAA website by swiping his finger across his computer’s built-in fingerprint reader.

The developer initiative has many critics, including Epic Games co-founder Tim Sweeney, who doesn’t like Microsoft’s shift to a walled garden approach for Windows. In the past, it was easy to develop Windows software and make it available from anywhere. With UWP, developers must now be accepted into the Developer Program and submit their UWP apps to Microsoft for approval. Microsoft digitally signs accepted apps and makes them available through the Windows Store. Developers can also take signed apps and distribute them on their own.

UWP and the Windows Store, however, aren’t as expensive as Apple’s Mac OS X store or App Store for iOS apps, because developers can still push their apps through their own channels.

“It’s an open platform. For more than 30 years, Windows has hosted an open ecosystem of hardware and software partners. Nothing changes with the Universal Windows Platform,” Satya Nadella told Build.

Nothing changes, except the fact that Windows becomes more secure.

Walled gardens increase security

While the days leading up to UWP were perfect for widespread adoption, it was terrible for security. Malware is much more prevalent on the PC platform precisely because of the open distribution model. If a developer made a mistake and misused the API, the resulting application could cause compatibility issues with the operating system, device drivers, or other installed applications. Software updates are difficult to manage, and in some cases, upgrading the operating system can break applications. All of this creates a maintenance and security nightmare on the PC.

A gatekeeper is good for security because it adopts a more application-centric model that is easier to secure and trust. Analyzing apps to determine how they use approved APIs (UWP has over 1,000) helps reduce inappropriate behavior. Microsoft may enforce technical rules, such as prohibiting the use of certain APIs in certain circumstances and imposing and enforcing performance requirements.

UWP also uses sandboxing, so apps can’t access resources they don’t need, preventing malicious apps from directly addressing hardware, installing device drivers, or modifying core system elements. operating system. Malware will be less likely to enter Windows devices and, more importantly, it will be harder to cause damage even when infected with malware. UWP won’t solve the malware problem (hey, Mac OS X has malware too), but greatly reduces the risk.

Improve app experience

During Build, Microsoft announced that its Edge browser would support Windows Hello for websites to allow users to log in using biometrics. The Anniversary Update for Windows 10 will allow owners to use fingerprints and other biometric information to sign in to apps, not just devices.

Besides sandboxed security, UWP solves another problem of today’s Windows ecosystem: updating and uninstalling software. With the Windows Store handling installs, uninstalls, and updates, users get a seamless experience across all apps, and developers don’t have to worry about litter being left behind or users not updating. not update the software regularly.

With UWP, developers can write an app once and run it on any Windows 10 device, whether it’s a PC, tablet, smartphone, Xbox or HoloLens. The fact that “Run Anywhere” includes Xbox and HoloLens, Microsoft’s augmented reality headset, was big news at Build. Game consoles deliver a predictable experience, with smooth updates, clean uninstalls, and no weird video driver incompatibilities. This will now be possible for Windows 10.

All of these devices will benefit from a gatekeeper to ensure security, sandboxing isolation and compatibility. Microsoft is trying to build the same model for everything that runs Windows, and if we want to see a more secure Windows world, this is the approach that makes the most sense.

Copyright © 2016 IDG Communications, Inc.