Metro-style app sales will be Windows 8 Store only

Apple sets the standard and Microsoft follows; has this ever happened before? The new example is that Metro-style apps will be sold only through the Windows 8 Store with the now standard 30 percent cut going to the house. Enterprises and developers will have ways to install their own apps, but you can't just sell to others without going through Microsoft. The result will be a much more secure 'ecosystem'.

It's all explained in a Primer for current Windows developers about Metro-style apps and the Windows Store:

Distributed through the Windows Store. Apps must pass certification so that users download and try apps with confidence in their safety and privacy. Side-loading is available for enterprises and developers.

This is all very Apple Store-ish. The certification process seems to be designed to find malicious apps, not buggy ones, so apps in the store might still be garbage, but the likelihood that they are malicious garbage is low. Look for a non-trivial developer fee structure as well, just like Apple and much more than Google, pushing up the price of malice and carelessness; certainly if you submit malicious code to the process you'll lose your account, and don't be surprised if the authorities come a-knocking after that.

And the malware scanning needn't stop when the app is published. If Microsoft is smart they will periodically rescan already-approved apps in case the scanners find something they didn't know about before. If they do find that a dirty app got through then they can notify and refund users who bought it, and remote-kill the app by untrusting its code signature.

The side-loading is also just like on iOS. There may be some way to set up an internal store and tell devices, probably through group policy, to trust apps code-signed by that store.

Yes, Microsoft will make a 30-percent killing on Metro-style apps and, just as with iOS, you'll never see the higher-value apps like Photoshop or anything like that sold on it because they aren't going to surrender 30 percent off the top to Microsoft. So it won't matter, right? I'm not so sure.

Here's how the alternative scenario works, and I'm a security guy so maybe I'm seeing everything through security lenses, but anyway: Undoubtedly consumers and enterprises will be able to choose to run only Metro-style apps, perhaps just by disabling "Desktop" mode. Such a Windows system will have no legacy code and all applications will be vetted through the Windows Store, which will malware-scan the living daylights out of them. Just as with an iPhone, users can reasonably suppose that their experience will be safe because it's much harder for attackers to get to them.

That's for malware. What about vulnerabilities, the kind that might get you compromised just by surfing a web page or opening a data file? The white-listing technique enforced by the store doesn't block vulnerability exploits, but Microsoft has made great strides against those in parallel moves such as increased use of ASLR and SmartScreen blacklisting of sites, as well as the now-standard antivirus. None of these is an airtight block against exploits, but it all adds up to a really safe experience for Metro Windows users. I think a system like that would sell, and it would sell apps, and that would be good news for Microsoft's bottom line.

So, how long do you think it will be before Macs run iOS (or go away and new iOS notebooks appear)?

Hat tip to Ars Technica.

Larry Seltzer is a freelance writer and consultant, dealing mostly with security matters. He has written recently for Infoworld, eWEEK, Dr. Dobb's Journal, and is a Contributing Editor at PC Magazine and author of their Security Watch blog. He has also written for Symantec Authentication (formerly VeriSign) and Lumension's Intelligent Whitelisting site.

© 1998-2014 BetaNews, Inc. All Rights Reserved. Privacy Policy.