Windows 8 Startup Screen and Eset 6 icon

Discussion in 'ESET NOD32 Antivirus/Smart Security Beta' started by Janus, Nov 8, 2012.

Thread Status:
Not open for further replies.
  1. Janus

    Janus Registered Member

    Joined:
    Jan 2, 2012
    Posts:
    588
    Location:
    Europe - Denmark .
    Hello

    I haven't been beta testing the new upcoming version of Eset, in combination with windows 8 pro. But of those who might has, can then anyone tell me, if you will receive a virus update notification through the Eset icon (the eye) from the windows 8 Startup screen. Why I am asking is because, it is not always that I go to the desktop right away, and then it would be nice to know that eset were updated and running.

    Regards, Janus
     

    Attached Files:

  2. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    Microsoft has made it very clear to anti-malware developers that they are not to develop WinRT-based applications and consider anti-malware software to be a "desktop" app. That said, there may be some room for creating a Modern Windows 8 Store (formerly Metro design language) style app that has some Live Tile-type functionality.

    Right now, though, the focus of ESET's efforts is on ensuring a high degree of reliability and performance under Windows 8 on the Win32 API side of things where more malware is seen.

    Regards,

    Aryeh Goretsky
     
  3. Janus

    Janus Registered Member

    Joined:
    Jan 2, 2012
    Posts:
    588
    Location:
    Europe - Denmark .
    Hello Aryeh

    Thanks for the clear and fulfilling answer,(even though I do not fully understand Microsoft's policy regarding this issue) ...and have a nice day.

    Regards, Janus
     
    Last edited: Nov 11, 2012
  4. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    Could you elaborate on this a bit? Is there no means for security vendors to hook in and exercise direct control over the WinRT environment and apps?
     
  5. cobrafirefly

    cobrafirefly Registered Member

    Joined:
    Jun 27, 2011
    Posts:
    68
    Maybe related, but Kaspersky was trying to get a live tile thing in the Microsoft app market too, but appears to have been thwarted as well. Maybe it's the same thing as the Eset guys have run into?
     
  6. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    Interesting. Has Kaspersky elaborated on what went on there?

    If I may refine my earlier comment...

    1) To what extent if any can a third party security vendor "hook" the WinRT environment and police what it and apps do?
    2) To what extent if any can third party security vendors communicate across the WinRT/Win32 border via purely local mechanisms?

    I assume WinRT's sandboxing impedes such things but I don't yet know if one or both are truly impossible. Even if both are impossible, one approach which I would expect to work is having the metro/Windows Store app communicate with the Win32 application via remote server. You would be opening one or both sides up to some remote management which is a generally bad thing for security as well as privacy, but perhaps through exceptionally strong client side only encryption/authentication that threat could be mitigated to the point that it would be acceptable. Particularly if #1 and #2 above were designed out by Microsoft, I could see Microsoft not being too keen on this approach. Generally speaking though, such WinRT<->Win32 relayed communications scenarios and apps/applications don't seem like something Microsoft should be prohibiting from the store unless it can be shown that they are malicious.

    Even if Microsoft does prohibit such things from being sold in the Windows Store, isn't there a way for software developers to distribute/update their metro apps via their own store/servers?

    Perhaps it all boils down to "Microsoft doesn't want us to do things we could do, and in order to assure some ongoing cooperation on the Win32 side, we better play ball"?
     
    Last edited: Nov 11, 2012
  7. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    It seems my initial reply may have been a little vague, so let me see if I can clear things up.

    First of all, you should understand that I'm speaking about Microsoft's guidelines-cum-requirements for Windows developers, which are a general thing for all developers, but how they would apply specifically to the types of software written by antivirus companies.

    The same types of scenarios, by the way, would apply to a few other products like backup software, firewalls, VPNs, disk defragmentation and other types of programs which consist of services and/or drivers that run in the background and also have a user-facing components like a GUI for configuring the software and seeing notifications. The invisible parts of the program communicate with the visible parts of the program through an application programming interface (API), which is where you receive notifications, as well as change program settings and so forth.

    Microsoft has made a lot of changes with Windows 8, both with the parts that you see, like the new Start Screen which you launch the Modern Windows 8 UI Style Store Applications (formerly Metro design language) programs and their associated Live Tiles, as well as under-the-hood changes for things like networking and security.

    The very biggest change (well, arguably the very biggest change) might be the creation of a new set of APIs for Windows 8, WinRT, which is not to be confused with Microsoft's similar-sounding operating system for tablets, Windows RT.

    Traditional desktop, notebook and slate computers with an IA-32 architecture CPU (also sometimes referred to as x86, x86-64 or AMD64) run Windows 8 and can launch programs written using both the new WinRT API as well as the older Win32 API.

    The new tablets, like the Microsoft Surface, have an ARM CPU architecture run Windows RT, which can only run programs written using the WinRT API. Furthermore, there's a subset of the WinRT API, called the Windows Phone Runtime, which is the used on smartphones running Windows Phone 8.

    Here's a chart of that:


    TYPE OF DEVICE | TYPE OF CPU | RUNS WHICH OS | USES WHICH API
    =============================================================
    PC (server,▪▪▪▪| 32-bit or▪▪▪|▪▪▪▪▪▪▪▪▪▪▪▪▪▪▪|
    desktop, slate,| 64-bit IA-32|▪▪▪▪▪▪▪▪▪▪▪▪▪▪▪|
    laptop, ultra- | CPU (a/k/a▪▪| Windows 8▪▪▪▪▪| Win32, WinRT
    book, netbook▪▪| x86 x86-64, |▪▪▪▪▪▪▪▪▪▪▪▪▪▪▪|
    etc.)▪▪▪▪▪▪▪▪▪▪| AMD) arch.▪▪|▪▪▪▪▪▪▪▪▪▪▪▪▪▪▪|
    ---------------+-------------+---------------+----------------
    ▪▪▪▪▪▪▪▪▪▪▪▪▪▪▪|▪▪▪▪▪▪▪▪▪▪▪▪▪|▪▪▪▪▪▪▪▪▪▪▪▪▪▪▪|
    Tablet▪▪▪▪▪▪▪▪▪| ARM CPU▪▪▪▪▪| Windows RT▪▪▪▪|▪▪▪WinRT
    ▪▪▪▪▪▪▪▪▪▪▪▪▪▪▪|▪▪▪▪▪▪▪▪▪▪▪▪▪|▪▪▪▪▪▪▪▪▪▪▪▪▪▪▪|
    ---------------+-------------+---------------+----------------
    ▪▪▪▪▪▪▪▪▪▪▪▪▪▪▪|▪▪▪▪▪▪▪▪▪▪▪▪▪|▪▪▪▪▪▪▪▪▪▪▪▪▪▪▪|
    Windows▪▪▪▪▪▪▪▪|▪▪▪▪▪▪▪▪▪▪▪▪▪|▪▪▪▪▪▪▪▪▪▪▪▪▪▪▪| Windows Phone
    Smartphone▪▪▪▪▪| ARM CPU▪▪▪▪▪|Windows Phone 8| Runtime (WinRT
    ▪▪▪▪▪▪▪▪▪▪▪▪▪▪▪|▪▪▪▪▪▪▪▪▪▪▪▪▪|▪▪▪▪▪▪▪▪▪▪▪▪▪▪▪| subset)


    I think the above makes things a little easier to understand.

    Now, in this software space, ESET develops apps for the devices in the first row, the PC, running Windows 8 (plus earlier versions of Windows) that use the Win32 API and not the newer WinRT API.

    The WinRT API is used for creating Modern Windows 8 UI Style Store Applications (formerly Metro design language) programs, which run off the Start Screen in Microsoft Windows 8. While there is some small ability for programs written using the Win32 API to access the WinRT API, it is for an extremely limited set of functions, like using the slate's ambient light sensor to determine whether to make the LCD screen brighter or darker in response to current lighting conditions.

    The other direction, though, is not allowed: Modern Windows 8 UI Style Store Applications (formerly Metro design language) written using the WinRT API may not access Win32 API functions, and doing so would be against the guidelines. An application which did that would not pass logo requirements, would not be be published in the Windows Store and the developer would, no doubt, strain their relationship with Microsoft. Just so we're clear here, this is not exactly a Microsoft-specific issue. A developer who violated the guidelines of Apple's or Google's programs would likely get thrown out of their application stores as well.

    This is not necessarily a bad thing in and of itself. For one thing, it should pretty much obliviate the chance of a Modern Windows 8 UI Style Store (formerly Metro design language) application causing a security problem, which was a big concern with insecure Gadgets running via the Windows Sidebar.

    So, where does this leave us? Well, a few anti-malware vendors out there have developed applications for Windows 8 and they are listed in the Security section of the Windows Store. However, if you take a look at them, they are more like tools to provide news and information about the company. While that's not necessarily a bad thing and, as a matter of fact, ESET even has a Threat Center app like that for Apple iOS, it is not the kind of thing which provides you with any protection or notification.

    So, where does that leave ESET? Well, I certainly would like to see the Threat Center app be ported over to WinRT with Windows 8 and Windows Phone 8 versions, as well as maybe do some things with ESET's VirusRadar data and maybe pull some content from the ESET Threat Blog as well (which, by the way, you should all be subscribed to, reading and commenting on the articles). I have not had any conversations with anyone about that yet, though, and am not sure what the plans are for that space, yet.

    If you have any further questions, please let me know. In the meantime, I think I may borrow this for an article in the blog....

    Regards,

    Aryeh Goretsky
     
    Last edited: Nov 21, 2012
  8. Janus

    Janus Registered Member

    Joined:
    Jan 2, 2012
    Posts:
    588
    Location:
    Europe - Denmark .
    Hello

    Thanks Agoretsky, great feedback and also thanks to" TheWindBringeth" for the good questions . Your last post Aryeh , was the last piece of the puzzle that for me gave a good understanding, and put things into perspective what a developer may facing regarding Microsoft's new Windows 8 user interface..... And why things is not so easy, all the time.;)

    Regards, Janus
     
    Last edited: Nov 16, 2012
Thread Status:
Not open for further replies.