I want to evaluate the new sandboxing mechanism in Windows 8/Windows Server 2012. I searched MSDN site for any resources but the documentation is extremely scarce. In comparison with FreeBSD Capsicum documentation, the one provided by Microsoft is just unusable.
How are we supposed to build robust sandboxed apps? Are the sandboxing APIs intended for metro style apps only?
I'm not sure what you mean by "sandboxing APIs". All "metro" (Windows 8 UI Applications) are sandboxed. I'm not aware of any way to sandbox desktop applications in the same way. See here.
Metro apps are pretty tightly sandboxed, and apps submitted to the
Windows Store need to declare many types of capabilities that they use
— not unlike Google Play's permissions list.
. . .
Windows 8 features a specific SDK for Metro style apps . . .
A quick explanation of capabilities: There are certain potentially sensitive things that you can do on a user's machine, such as access the Pictures library or use the webcam. If an app wants to do these things, the developer must declare a capability in the app's manifest. Then, when users download the app from the Windows Store, they can clearly see if the app is using any of this functionality. More info and a list of all of the capabilities is provided at App capability declarations.
Regarding sandboxing, there is some information at http://msdn.microsoft.com/en-us/library/ie/hh673561(v=vs.85).aspx. Yes, Metro-style apps are sandboxed in a way that desktop apps are not.
There is a whitepaper discussing security in Windows Store apps built with HTML5 at Secure development of Metro style apps with HTML5. There are also some common security scenarios documented.
Related
Is Universal Windows Platform the replacement of WinRT of Windows 8 and Windows Phone apps?
I mean, there was a WinRT platform to develop metro apps exclusively for Windows 8. Now, that is replaced by UWP, isn't it?
That is correct, UWP is the new platform for ALL Windows devices going forward (Win 10+). However WinRT is not replaced by UWP but is instead an extension on top of it, making UWP a much broader set of APIs that can be used across even more devices. As Microsoft themselves state:
With this evolution, apps that target the UWP can call not only the WinRT APIs that are common to all devices, but also APIs (including Win32 and .NET APIs) that are specific to the device family the app is running on.
The UWP platform supports the "Universal Device Family" class of APIs which is then supported on ALL windows platforms (Xbox, Phone, Desktop etc). There are some extension families that you can use that will limit the apps reach, such as a "Mobile Device Family".
These specific device family APIs can however be checked for and used at runtime gracefully. For example you could show your own position using GPS on a phone, but not enable that functionality on a Xbox.
I hope this answer helps you, if you have any more questions about this I recommend reading this article about the UWP platform:
Source: https://msdn.microsoft.com/library/windows/apps/dn894631.aspx
Have a wonderful day!
This is a bit confusing because in Windows 8.x, "Windows Runtime" was actually used to refer to a few different things:
A new pattern (and supporting code/OS components) for defining and consuming Windows APIs, meant to largely supersede "Win32" (i.e., flat C-style) and classic COM for new APIs in most scenarios. This was/is really about language interop: allowing the Windows team (and potentially others) to create components in C++ that expose APIs that don't depend on GC or a runtime like the CLR, but still feel relatively natural to use from C# or JavaScript without needing manually written wrappers.
The set of Windows APIs that follow the above pattern.
A new platform/environment for building and running a new type of Windows app, which are meant to have some of the characteristics of mobile and web apps in terms of causing fewer potential problems with system security, reliability, performance, battery life, etc. This is what evolved into UWP with Windows 10.
In the Windows 8 days, these apps were called "Metro style apps" during most of 8.0's public preview period, and officially dubbed "Windows Store apps" just before RTM. The platform/environment for these apps ... officially didn't really have a name (other than "platform for Metro style apps"). Unofficially, people (including at Microsoft) sometimes referred to it as "Metro" (a whole can of worms in itself) or ... "WinRT".
So what's the relationship between WinRT "proper" (definitions 1 and 2), and unofficial WinRT definition (3) aka UWP aka the formerly-nameless "platform for Metro style apps"? Well, since WinRT and the new app platform were both introduced in Windows 8, most of the WinRT APIs at that time were specific to the new platform. The app platform (and Store policy) at the time was also much more restrictive about which legacy Win32 APIs were allowed for use in apps - for the most part this was less about any technical limitation and more about the team hoping to use the new apps as an excuse to clean up the bloated Win32 API surface. But technically, WinRT is meant to be the common pattern for new Windows APIs in general, whether used in UWAs or not, and "UWA vs. classic app" and "WinRT vs. Win32" are mostly independent; over time, they've gradually enabled more WinRT APIs for use outside UWAs and also relaxed their policies on using a lot of legacy Win32 APIs in apps (and also continued to introduce new flat C-style APIs for certain use cases).
So to summarize, it's not technically accurate to say that "UWP replaced WinRT", though understandable since this stuff is pretty confusing. UWP replaced the nameless app platform (3); essentially it's just an updated version that's been ported to other device types and integrated with the classic desktop UI. WinRT, in its proper definition (1), continues to be the basis for new Windows APIs for use in UWAs and even outside them.
Windows Universal Platform is the development platform going forward for devices running Windows. Previously, development was separate for Desktops and Tablets vs Phones. With UWP you are now able to target any device running Windows 10, could be phone, desktop, tablet, xbox. The beauty is that you can now use one Binary for all of these platforms and has brought us much closer to a truly to a universal Windows app.
So, to answer your question, yes, UWP is the platform going forward for any device which runs Windows 10
I am new to Windows 8 development, I am having one application which is already running in the i-pad (ios). I want to convert same application into Windows Store apps as this is the client requirement. So do i need to follow the design guidelines for such legacy application? Or I can just follow the same UI which is been developed in i-pad. Is this accepted by Microsoft for Windows Store apps certification ?
Thanks.
According to Microsoft's guidelines, it should not be accepted.
However, some such applications have appeared in the Windows Store in the past, so it's not completely impossible. I would not bet on it though.
And if your app is a game, the guidelines are less strict.
All the user experience (including design) guidelines are referenced here.
And there is a UX checklist to make sure you confort to them.
I planned to create a Windows 8 Store App but reluctantly had to switch to desktop application. I found that Windows 8 Store Apps fail to detect second screen, which is necessary for me.
The intention still is to mimic the behaviour of Windows Store App as much as possible. Partly to educate myself but also to use a modern nice design.
I use WPF with very similar design (App bars, Navigation bar, snappy await-async pattern, etc)
Now I come to the point where I need to store settings!
I would really like to use the very convenient central storage available through Microsoft Live login. Is that possible even if I don't have Windows Store App?
Clients might be Windows 7 or Windows 8.
Can I make the user login to Microsoft Live and use these facilities?
Many WinRT APIs are available from desktop applications, in addition to Windows Store applications. Windows.Storage.ApplicationData appears to support desktop apps. Look under the "Requirements" section in the documentation:
Minimum supported client: Windows 8 [Windows Store apps, desktop apps]
Someone at Intel posted on how to use WinRT APIs from desktop apps. The post is from September, 2012, and the screenshots appear to be for an older version of the MSDN documentation. Just keep that in mind.
Dave Bennett of Microsoft has a useful blog post which will introduce you to roaming your app data.
I may have misunderstood you, but I think what I mention above is what you want instead of using the Live Connect APIs.
As far as I understand, Microsoft wants to allow "having both desktop and modern ui GUIs" only available for web browsers (am I mistaken here ?).
Does that mean common apps will be developped twice ? With e.g Skype being available both as pure desktop app and pure modern ui app ? And if a user installs both, these both instances will share no data ?
I can't imagine them doing a shift towards gesture friendly uis/hybrid ui, and leaving full blown desktop apps (not toy/phone-like/game apps, that can live in one space only) with no integration/entry points inside modern ui. Or maybe they want to participate in that "kill full-blown desktop apps" movement ?
So is there a model for a desktop app developped in whatever GUI toolkit, that wants to have some minimal integration with a small HTML/CSS/JS frontend in modern ui, like for e.g providing a dashboard of favorite or recently accessed files, contacts, etc ?
Your first statement of "only in a browser" is not correct. Desktop applications don't change their current design paradigms. You can have browser-based apps on the desktop, of course. But full clients are still supported and still viable as a real solution to problems.
Your takeaway from that comment should be that desktop applications are not deprecated as people assert. The reality is, desktop applications are still the only solutions to many problems.
Your second question of shared data is not correct. Skype shares lots of data with its app companion. Not because of shared local storage, however; it is because of the services that it shares. My account and contacts are on the server. So, they share a lot.
Your takeaway from that comment should be that Windows 8 apps should not highly leverage local storage but should be built as service-oriented clients. To that end, your desktop applications should have already started to leverage this architecture, too.
Your third question (which is very cryptic) seems to be asking if a desktop application and a companion Windows 8 app can share or integrate with each other. The answer is yes. Not only can they share the same service, but file associates, custom protocols, and some of the non-Store manifest capabilities allow for this explicitly. Line of business applications should have a companion app, if you ask me. The integration points are many - though not every. But there is no other way to leverage the new capabilities of Windows 8 without introducing a companion app - even if that app does very little.
Your takeaway from that comment should be that Windows desktop applications and companion Windows apps are the preferred and anticipated development approach.
Best of luck, thanks for the question.
I know this is repeated question. I read almost all the threads , googled a lot and became more confused. I read Microsoft Mobile Internet Toolkit (MMIT) is not used anymore and Windows Mobile 6.5 Developer Tool Kit is widely used .
Requirement:Develope and publish websites for mobile phones.
Envoirnment:VS2008/.net 3.5
I am new to mobile web application development. I want to know how to start ,what are the frameworks i should know/download,sample websites or articles..
Thanks,
Vanitha
If you want to create web applications for mobile devices using microsoft technologies check out this site:
http://www.asp.net/mobile
It has simple how-to.....
If you're going to invest in a new skill, I'd focus on iPhone and Android development - they're far more widespread than windows mobile.