Coffeehouse Thread

24 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

Project Centennial: is Microsoft giving up on UWP already?

Back to Forum: Coffeehouse
  • User profile image
    d3rf3l

    So I have been looking at the Build talks about Project Centennial and, while it is an improvement over the current situation with desktop applications, it seems to me Microsoft is shooting its foot on this one.
     
    - App install and uninstall are performed by the OS, which reverts any changes done during install. Anything that happens after install is, however, not reverted.
    - Centennial apps have no sandboxing, obey no app permissions and can do whatever the user can (Microsoft explicitly mentions them running with full trust). I.E. something like a cryptolocker is in no way hindered by the Centennial security model; less damaging changes are home page hijacking, malicious extension installation (Edge included) and all the lovely stuff you'd usually get from installing adware riddled apps today. And this is by design
    - Since there are no technical countermeasures against bad behavior and review can't possibly catch everything, bad apps will find their way to the store. This is gonna be a worse situation than the current one on Android and the Play Store, since at least the Android security model enforces permissions uniformly.
    - As a consequence, users will have no reason to trust the store the way they can now: they will be much less likely to try new apps.
    - Allowing desktop apps in the store removes the single biggest incentive for developers to port them to UWP. Why put in the effort if one can reap the biggest advantage anyways?
     
    Question is: why would they do this to the platform? Is boosting the number of apps on the store worth it when it's going to mean killing the platform going forward?

  • User profile image
    Proton2

    I believe these appsa are sandboxed, it's just that these apps don't know that they are.

     

    More info here :

    https://www.thurrott.com/windows/windows-10/65841/hands-on-project-centennial-converted-in-one-minute

     

  • User profile image
    Proton2

    A lot of confusion about this.

     

    Also, a lot of people are unaware that you can use the UWP API from a desktop app. I am during development of my UWP app so I can run my unit test apps from a PCL project without having to spin up the UWP infrastructure. I am also using a WPF project to learn and flesh out UI things.

    https://www.nuget.org/packages/UwpDesktop/

    Example of one of my projects using this technique :

    Project Wattson

  • User profile image
    Proton2
  • User profile image
    d3rf3l

    Uhm, sorry but no: what they sandbox is IO to some locations (like the registry, Widows\System etc. where programs typically put stuff during install). Other locations, the ones the user has write access to, can't be virtualized the same way. This has actually been confirmed by Microsoft itself: watch this Build 2016 session, relevant bit from 50:40

    Whereas UWP apps have from the start only been able to interact with files the user has selected using a file open/save dialog or with files in user's libraries if they declare that capability in the manifest and nothing more, Win32 ones never had such a restriction and many rely on this level of access to do their job.

    I can see no way for Microsoft to add this form of sandboxing to Centennial apps without breaking a huge number of them, which would make the whole thing pointless.

  • User profile image
    bondsbw

    No.  Microsoft announced Project Centennial during Build 2015, several months before UWP was released.  This was planned the whole time, so it isn't reasonable to say that they are giving up on UWP.

    Centennial apps cannot be run on phones, Xbox One, HoloLens, or any of the IoT and other devices that UWP is designed for.  That is the primary reason people will want to port their apps to UWP; if you don't want to run on those devices, don't port, it's not a big deal.

    Centennial apps run under standard user account permissions; this by itself severely limits the types of damage they can do.  Centennial apps can't start services or act as kernel-mode drivers.

    Plus, Microsoft stated that if a developer somehow gets a malicious app past their defenses, the app (and I assume all other apps by that developer) will be revoked immediately and that developer will no longer be trusted again... ever.

    In any case, this will be a curated store of applications from a source that has a lot of incentive to get it right.  I would trust apps from the Windows Store before other third-party sources.

  • User profile image
    Proton2

    @d3rf3l: You are quite right.

     

    My biggest headache was switching to async functions, and learning what they were.

  • User profile image
    d3rf3l

    @bondsbw:

    Centennial apps cannot be run on phones, Xbox One, HoloLens, or any of the IoT and other devices that UWP is designed for.  That is the primary reason people will want to port their apps to UWP; if you don't want to run on those devices, don't port, it's not a big deal.

    Sure, Windows Phone and the huge market share it commands will be the incentive to migrate to UWP... (and I say this as a Windows Phone fan). HoloLens and Xbox one are very different platforms usage wise, so they won't be relevant to the majority of desktop app developers.

    To me, the biggest reason traditional app developers would have ported apps to UWP would have been to get in the store. Remove that incentive and almost nothing will get ported, because doing the bare minimum is the economically rational choice.

    @bondsbw:

    Centennial apps run under standard user account permissions; this by itself severely limits the types of damage they can do.  Centennial apps can't start services or act as kernel-mode drivers.

    Plus, Microsoft stated that if a developer somehow gets a malicious app past their defenses, the app (and I assume all other apps by that developer) will be revoked immediately and that developer will no longer be trusted again... ever.

    Running as standard user does indeed limit the damage, but it still allows to do plenty. Yes, Microsoft will be able to remove bad apples from the store afterwards, but affected users will lose trust in it. Once trust is gone, being on the store doesn't mean much anymore and Microsoft is back to where it started with Windows.

  • User profile image
    magicalclick

    sounds like **** to me. Really, if I know apps from the Store has the potential to **** me up in User Privilege, I don't trust the Store at all. The same **** security bashing ads incoming. Seriously WWWWWEWWWTTTTTTTTTTHHHHHHHH!!!!!!!!!

    Leaving WM on 5/2018 if no apps, no dedicated billboards where I drive, no Store name.
    Last modified
  • User profile image
    bondsbw

    , d3rf3l wrote

    To me, the biggest reason traditional app developers would have ported apps to UWP would have been to get in the store. Remove that incentive and almost nothing will get ported, because doing the bare minimum is the economically rational choice.

    A major point of Centennial is to help in the porting process.  No longer does your app have to choose all-or-none UWP, but it can add UWP features slowly over time.  You can make several incremental releases where more and more has been ported.  Then one day, everything has been ported and that app is pure UWP... it now works on all those other devices (if you choose).

    But many UWP apps are new to the platform, and many developers of older apps might choose to start from scratch to take advantage of many of the modern technologies (including UWP) which have been delivered since they originally wrote the app.

  • User profile image
    kettch

    I need to get some time to play with this. If porting the installers is as simple as the few examples they've shown, it makes me wonder about the implications for enterprise deployment of third party apps without that vendor needing to be involved.

  • User profile image
    TomInSeattle

    @d3rf3l: First, Centennial is not a security boundary. Think of it this way. There are applications which you install on your machine regularly (Office, Photoshop, etc). Why do you trust them? They obviously run as User and could theoretically harm your machine (although not as bad as admin). You trust them because of the reputation of the software vendor and where you obtained them. Centennial is no different. Sure, you could theoretically download a Centennial app from the Internet and side-load it (if an admin enabled side-loading). But nearly all people will receive Centennial apps from the Microsoft Store. Which gives you a better promise of security. Microsoft isn't going to onboard any app that wants to be there. Its policies will dictate the qualification and reputation requirements. Second, you misunderstood. Centennial is an extension to the existing UWP application model. It isn't a replacement. It provides a way for Win32 desktop developers to port their apps from desktop into the UWP world. Some of the apps in a package CAN be UWP -- and some CAN be full-trust Centennial apps. They can interoperate with one another. Which means that you can port some of your code from desktop into a UWP app. Furthermore, Centennial apps can call WinRT APIs. So can desktop apps.


  • User profile image
    magicalclick

    They better force some skull icon on top of the app tile for those less secured Centennial tiles, so, I know it is some unsafe app that I am doing my 10000% effort to avoid. If not, I will tell my dad that all Win10 Store apps are now unsafe and there could be malware to steal his information. And they better make sure app update is blocked when a safe UWP is switched to virus friendly Centennial, and when I try to update the app manually, a giant red pop up warning should appear telling me the app is now virus friendly.

    Leaving WM on 5/2018 if no apps, no dedicated billboards where I drive, no Store name.
    Last modified
  • User profile image
    Craig_​Matthews

    But nearly all people will receive Centennial apps from the Microsoft Store. Which gives you a better promise of security. Microsoft isn't going to onboard any app that wants to be there. Its policies will dictate the qualification and reputation requirements.

    Seriously?

  • User profile image
    Bmcmcm

    Centennial is merely a method of getting your desktops apps into UWP without massive re-coding. It seems pretty obvious that the ultimate goal is to drive as much content into UWP, and therefore the Windows Store, as possible. The problem I see with UWP is that there isn't a big carrot for developers to go after and there isn't a big stick forcing them to move into it either. I don't see how anything but fee free sales on the Windows Store will get a majority of developers to abandon desktop apps (and even free, it's questionable).

    If Centennial turned into something larger, like the only way to get a desktop app to run on Windows 11 (and above), then things get a little more clear. If Microsoft announced an end of support date for Win32 outside of UWP; that would be a nice big stick to whack the developers with. I don't think the carrot (Windows Store) is going to pan out as a big draw. The big stick is basically Armageddon for developers and I'm not sure an announcement like that could avoid Congressional hearings. So in the end, it seems like Centennial and UWP will go the way of many half-baked Microsoft projects.

  • User profile image
    kettch

    @Bmcmcm: There's no conspiracy here. Centennial is exactly what it's being described as. A way to wrap traditionally installed apps in a different install container. I'm not sure what the problem is here.

  • User profile image
    Bmcmcm

    @kettch:Never said there was a conspiracy or a problem, I was making some speculations. Microsoft obviously has a plan and it might be as simple as providing a way for developers to make their desktop apps available on the Windows Store and that is it. At this point, it is unclear. So if there is any problem, it's that the push for UWP is strong enough that a lot of developers and publishers aren't sure where all of this is headed.

  • User profile image
    TexasToast

    @Bmcmcm:I have not tried it yet but I have heard you are given access to new API's that are available in UWP only previously.   Some of these are improved security but I am hoping for a User interface that is ahead of what the desktop currently has.   I am also hoping that native compiling is now in desktop applications.   They had it working for Windows store apps but I heard no official word on where that is.  These would provide some motivation for desktop apps to move forward.  Of course,  they need to get everyone on window 10 too because store apps only work in windows 10.

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.