A leading name in technology puts out an operating system that draws a lot of attention. It soon discovers, however, that people are jailbreaking its OS. The revelation brings scrutiny by its security team, and paves the way for users to load unsigned apps acquired apart from the officially sanctioned application store.
When Microsoft announced its Windows 8 and Windows RT-powered Surface tablets, it shocked consumers and, perhaps, manufacturers alike. The software company has typically stuck to what it does best: making software and operating systems. However, its hardware partners think it…
Bill Gates recently sat down with Charlie Rose to talk about his recent trip to India and his philanthropic work. Even though the conversation was focused on Gates’ good deeds, the topic of Microsoft and its new Surface tablets managed…
True to its word, Apple has pushed out its latest iOS 4.3.4 software update today to address a very well-publicized PDF security hole inherent in all iOS devices. Users who clicked on a link within mobile Safari could unknowingly download…
Sound familiar? It should — the iOS jailbreak community knows this story inside and out. But the company in the spotlight this time isn’t Apple; it’s Microsoft. And unlike Cupertino, it actually applauded the security researcher, ”clrokr,” when word about his hack popped up this weekend.
The scenario outlined is not a security vulnerability and does not pose a threat to Windows RT users. The mechanism described is not something the average user could, or reasonably would, leverage, as it requires local access to a system, local administration rights and a debugger in order to work. In addition, the Windows Store is the only supported method for customers to install applications for Windows RT. There are mechanisms in place to scan for security threats and help ensure apps from the Store are legitimate and can be acquired and used with confidence.
We applaud the ingenuity of the folks who worked this out and the hard work they did to document it. We’ll not guarantee these approaches will be there in future releases.
So Microsoft doesn’t believe this poses any real security threat, and judging by the limitations, it probably doesn’t. Sure, users can run unsigned ARM desktop apps, but the modifications aren’t permanent on devices with Secure Boot. That means they have to be changed again whenever the PC starts up. And likely no one but the hard-core geek crowd will be able to execute the hack and be willing to persist with the constant upkeep.
Even so, it could only be a matter of time before someone makes a more user-friendly program with more permanent results. And if that happens, not only could it birth a genuine homebrew scene for Windows RT ARM-desktop applications, but Microsoft may even allow it to go on. After all, the last line in the company’s statement doesn’t promise to close the exploit or commit to persecuting (or prosecuting) any hackers.
Past history bears this out. The company practically celebrated Kinect hackers. As long as security isn’t threatened, it’s more than possible it could take the same approach for Windows RT jailbreakers — which makes the prospect of a Surface tablet way more interesting.