Windows 10, UWP and Jim Sweeney: a reasonable outburst?
NOTE: this was supposed to be released months ago. I just found it in my drafts.
A lot has been written on the subject of Jim Sweeney, the CEO of Epic Games. He presented some very (for the Windows community) outrageous cricitism based on a theory that UWP ecosystem is, in fact, locked down, and that Win32 applications do not have these restrictions.
Well, let me tell you something, and some of you won’t like it. (You know that I try to advocate MS sometimes.) That guy has a point.
If I wanted to publish a game right now, but not on the Windows Store, but through side channels, I’d have a problem. Not that it’s impossible (it isn’t), but it’s much harder. And if you had wanted to sideload that app:
- First, you’d need to find a way to enable these installations.
- Then, you’d need to have the app signed by a trusted CA. That might mean that you’ll need to install the dev’s CA as trusted. Do you trust your developer?
- After that, you’d have to find a way to install the app. Which is frankly not so difficult, if you have the tools, but if you don’t…
It’s not THAT harder than just simply installing apps from Store, but now it’s not one step, it’s at least three. But I think the point is in something else. By creating a closed ecosystem, Microsoft essentially creates a walled garden. For some of us, that’s not an issue, but from my own experience, no developer likes to have their options artificially limited. It’s also not pleasant if you have more easier options on one framework than on the other. Yes, I’m talking specifically about WinRT vs regular Win32 APIs. Tim Sweeney, albeit “silenced” by Phil Spencer from Microsoft, did have a point here. Because you can only use these sweetly simple options when you are on WinRT, UWP, and also Centennial – these are all Windows Store stuff. Whining of a disgraced dev? No, I like the options presented by UWP, I just want to use them in a non-sandboxed, non-containerized way if there’s a need to.
One of the arguments for UWP is the security. Yes, that’s true! Sandboxed environment helps to isolate apps from the system, and by passing certification in Store, the app shouldn’t cause much havoc to your data. That should also apply to the containerized Win32 apps (see Project Centennial). But, to be honest, most apps these days don’t go through manual certification at all, which is sad. And then I think that if I was to create a malicious app and try to push it to Store, what’s stopping me? (My reputation, of course, plus the laws. Not the point, though.)