Regardless of the operating system, a consistent area of concern for Internet security experts is the safety and reliability of apps. Windows 8 Metro apps are primarily served through the Microsoft Store. In many ways, the set up is similar to the android marketplace. Over the years, there have been a variety of mishaps and Internet security breaches associated with android apps. By comparing Windows 8 apps to android apps, it becomes clearer how vulnerable Windows 8 apps are.
The Vetting Process
The android market is consistently under fire for allowing rogue applications posing serious Internet security risks to find their way into the marketplace. This was primarily because new applications could be made available within minutes which left no time for manual verification. Microsoft eight overcomes this problem by reviewing all apps before they appear in the Windows Store. While it is unclear how much this will limit Internet security threats due to rogue apps, there are a strict set of requirements which prevent advertising-only apps from being made available.
Another Internet security weakness created by android apps stemmed from the ability from users to install apps from any publisher’s website. With Windows 8, the only way to utilize nonstandard installation routines is via the command line. Additionally, it requires a trusted certificate installed on the user’s device and the app must be signed via that certificate. This will minimize the Internet security threats associated with nonstandard installation.
A noticeable difference between the app permissions settings of android apps and Windows 8 Metro apps is the limitation of system-level access. While both types of apps declare the type of permissions required for the app to function, only Windows 8 apps restrict system-level access. The goal of this is to eliminate the threat of rogue apps killing other apps, formatting external storage, or retrieving information about other apps on the device.
One of the biggest Internet security risks created by android apps was all apps could read system settings. Windows 8 apps do not allow the same freedom which provides enhanced security for users. Another Internet security feature for Windows 8 Metro apps is they do not have access to the registry. One potential storage related threat is the apps gain access to removable storage devices if they contain a file type listed in the app manifest.
The Biggest Threat is Desktop Apps
Compared to the android marketplace, Windows 8 Metro apps provide a significantly more secure environment. Currently, one of the only major Internet security threats is the ability to inject code from a desktop app into and executing Windows 8 Metro app. This has the potential to present a variety of different risks for app developers who are charged with handling sensitive or confidential user information. While Metro apps are essentially contained by their own sandbox, desktop apps do not provide the same safeguards. Some people use VPN to secure the connection.
While new vulnerabilities to Windows 8 Metro apps will likely be introduced as Windows 8 becomes a more popular operating system, the platform is designed to provide a large amount of protection for users. There is no doubt it creates a safer environment than when using android apps, however only time will tell if the you Windows Store proves to be as good at detecting and eliminating rogue applications as the Apple iStore.