Linked by Thom Holwerda on Sun 6th Jan 2013 23:00 UTC
Windows "It's taken longer than expected but it has finally happened: unsigned desktop applications run on Windows RT. Ironically, a vulnerability in the Windows kernel that has existed for some time and got ported to ARM just like the rest of Windows made this possible. MSFT's artificial incompatibility does not work because Windows RT is not in any way reduced in functionality. It's a clean port, and a good one. But deep in the kernel, in a hashed and signed data section protected by UEFI's Secure Boot, lies a byte that represents the minimum signing level." Good stuff. Very good stuff.
Thread beginning with comment 547670
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Seems like a lot of work
by Nelson on Mon 7th Jan 2013 15:23 UTC in reply to "RE[2]: Seems like a lot of work"
Nelson
Member since:
2005-11-29

Unsigned Windows Store apps have always been able to run (using the aforementioned Remote Debugger) which also allows you to use the full .NET/Win32 API in your apps for pure sideloading.

This facet of the Windows App sandbox is enforced only at Submission time by running the Windows App Certification Kit.

Its always been the case. And has therefore always been possible to run unsigned code for your own purposes on your own device (As I've been tirelessly saying for months, but which people conveniently ignore in their criticisms).

I just tested it and fired up an C++ app which uses a Win32 API (that also fails the App Certification static analyzer) and can be successfully deployed to my Surface RT.

Reply Parent Score: 3