As Windows 8 approaches, Mozilla developers have been working hard on a Metro version. If you’re using Windows 8 on the desktop, no problem. Tablet users, however, are going to be denied a fully functional Firefox – and will face restrictions on many other third-party applications. In the name of security, Microsoft is forcing them into a “sandbox” on ARM devices. The lockdown renegs on the company’s prior promises, and it’s going to have some far-reaching effects on many applications.
Mozilla’s Asa Dotzler touched on this issue yesterday, saying that Microsoft “is trying to lock out competing browsers when it comes to Windows running on ARM chips.” But it actually goes farther than that.
Microsoft is restricting access to some APIs on ARM-architecture devices that are, as Dotzler says, “absolutely necessary for building a modern browser that it won’t give to other browsers so there’s no way another browser can possibly compete with IE in terms of features or performance.”
Dotzler is focused on the implications of Microsoft’s win32 API restrictions on ARM because they affect Firefox. This makes sense because Dotzler works for Mozilla and focuses on Firefox in general, not to mention Microsoft’s long history of anticompetitive behavior towards third-party browsers. Make no mistake, though: Limiting access to the win32 APIs is likely to impact many other applications as well. How can LibreOffice or Apache OpenOffice compete with Microsoft Office if they’re shut out of the win32 APIs?
In the Name of Malware
Microsoft is getting cut a lot of slack for its anticompetitive stance, because it is casting the anti-features for developers in the name of “protecting users from malware.” It’s OK if Microsoft cuts off competing applications at the knees, because it’s trying to prevent malware.
Leaving aside Microsoft’s intentions – perhaps it truly is motivated only by the best interests of users – this argument fails on a number of levels. First, it assumes that Microsoft’s own applications won’t be exploitable. Given Microsoft’s history with security, this isn’t likely. Why does Microsoft get the assumption of secure applications, while third parties do not?
And let’s not forget who got us to this juncture in the first place. Microsoft users have been worn down by more than a decade of security issues that trace back to Microsoft itself. Microsoft is essentially using its own failings to excuse its blocking of third-party apps that may well have better security than its own applications.
Sandboxing third-party apps into limited parts of the machine does nothing to ensure that Microsoft’s own browser won’t be ownable by malware. Since Internet Explorer code isn’t open source, security researchers can’t audit the code directly. Firefox, which can be independently audited, won’t be available on the new ARM tablets.
Why Not Complain About Apple?
Some folks have tried to dismiss complaints about Microsoft’s ARM policies by pointing at Apple. Since Apple also discriminates against developers on iOS, why shouldn’t Microsoft?
Yes, Apple’s
0 Responses
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.