Reply to post: The Win 32 API has huge significance.

Hey, Microsoft, we can call Windows 10 apps anything we like – you're NOT OUR REAL MOM

Palpy Silver badge

The Win 32 API has huge significance.

Obviously. Huge application base using it. It's also a continuing security PITA. One researcher wrote,

"The fact that windows and other GUI elements are not securable is perhaps the biggest flaw in the Windows security model. It’s a result of maintaining backwards compatibility with pre-NT editions where security wasn’t really considered in system’s design. By default, processes running as different users can affect each other by using various windows messages. Any GUI process can potentially spoof things like password input boxes because raw access to the desktop is not restricted – if an application can show its window, it can draw anything on the desktop. Clipboard is shared between all processes belonging to an interactive window station. Processes can synthesize keyboard and mouse input in a way that can affect other processes. Basically, it’s a mess." *

My understanding is that the Uni-App model is in part intended to sandbox apps in order to alleviate some of the inherited flaws of the Win 32 API.

* This is an excerpt from "A crack on the glass" by Rafał Wojdyła.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020