Paul Thurrott's SuperSite for Windows
Home > Windows > Windows RT > Windows RT Jailbreak Silliness

Windows RT Jailbreak Silliness

Windows RT has been compromised. Oh wait, no it hasn't
Jan. 8, 2013 Paul Thurrott

Reports from earlier in the week suggested that Windows RT had been “jailbroken” by hackers, an event I ignored because the outcome was so obvious. And, as expected, Microsoft has confirmed the hack and will simply fix it in a pending update. But why does everyone take this stuff so seriously?

The issue is that Windows RT is essentially a sealed environment, like the iPad, where users cannot install apps willy-nilly as they can on traditional Windows versions, but can instead only select trusted and tested apps, in this case from the Windows Store. While power user will bristle at this limitation, it’s arguably one of Windows RT’s biggest strengths, since it helps bolster consumer confidence in the platform.

(By the way, blogger Hal Berenson argues, incorrectly I think, that There is no ARM in Windows RT, meaning that what will eventually differentiate Windows RT from Windows 8 is the desktop, in that RT will shed the desktop. Windows RT may indeed lose the desktop first, but the codename for Windows RT was Windows On ARM, or WOA. And I think that if you want to look past the chipset for a differentiator between Windows 8 and RT, it’s not so much the desktop as it is the Windows Runtime apps architecture, which is what enables the security functionality at the heart of this story. Anyway.)

Functionally, the problem with Windows RT’s sealed environment is that it comes with some pretty serious limitations, at least for now. You can’t install popular desktop applications like iTunes or Photoshop, for example. And you can’t install full-featured alternative browsers, like Google Chrome, let alone any browser plug-ins, including, humorously, Microsoft’s own Silverlight.

Microsoft argued at the Windows RT introduction, back when it was still called WOA, that it could not offer a way for users to run Intel applications on ARM because the latter chipset simply wasn’t powerful enough to virtualize or emulate x86. And this is certainly true. But it hasn’t stopped hackers from trying to get traditional (x86) Windows applications running on ARM. That’s what this jailbreaking is all about: Usurping the Windows RT protections and allowing users to install any application on the OS.

They succeeded. And this cued up the weirdest, but most easily predicted tech blog posts I’ve ever seen.

My favorite, however, was the hilarious Has Microsoft Tried To Make Windows 8 Too Secure?, which appeared on the Forbes web site. The argument here, which had been hashed out by others over a year earlier, was that “the great selling point for a Windows machine is simply the vast numbers of programs out there for it. Why cut off that great competitive advantage?” Why indeed. Security? Reliability? Performance? You know, the same reasons why smart phone and tablet makers do the same thing.

Anyway, the reason I didn’t write a sensational headline like “Hackers bring Windows RT to its knees” is because this kind of thing happens all the time. Put a sealed environment out in the world, and hackers will bend it to their will. If it’s a new, supported, and important platform like Windows RT, those holes will be fixed quickly. And that’s exactly what’s happening here. So the real story is, sorry: Nothing to see here.

“The scenario outlined [by the hackers that jailbroke Windows RT] is not a security vulnerability and does not pose a threat to Windows RT users,” a Microsoft statement notes. “The mechanism described is not something the average user could, or reasonably would, leverage, as it requires local access to a system, local administration rights and a debugger in order to work. In addition, the Windows Store is the only supported method for customers to install applications for Windows RT. There are mechanisms in place to scan for security threats and help ensure apps from the Store are legitimate and can be acquired and used with confidence. We applaud the ingenuity of the folks who worked this out and the hard work they did to document it. We’ll not guarantee these approaches will be there in future releases.”

Expect a fix. End of story.

Discuss this Article 10

Rev
on Jan 8, 2013

I haven't read this yet, but I just wanted to say this:

To run Metro apps that aren't in the store, you don't have to do anything hacky. You run one line of code in PowerShell (just applying a development certificate to your tablet), and all of a sudden you can install non Windows Store Metro apps. Obviously, it's not the same as running a desktop application, but I think it's interesting that this is a built in feature of Windows RT, whereas with Android, iOS, and Windows Phone you have to do a bunch of hacky stuff to get non-approved apps running.

And it's completely free, and easy for anyone to do. I'll definitely read this when I'm not working :)

Foxmeister
on Jan 9, 2013

You certainly do not need to do a "bunch of hacky stuff" to get "non-approved" apps running on Android. You tick one box in the settings - that is all! Definitely simpler than having to run something in PowerShell.

It has been built into Android since day 1. As far as I'm aware, the only major carrier to disable this functionality was AT&T in the US, and even they have enabled this now.

abw1987
on Jan 8, 2013

To be honest, I'd like to try installing a desktop application on my Surface, assuming this jailbreaking thing actually works. As I understand, this would require someone to write a new ARM application, or recompile an existing x86 application for ARM. Of course this defeats the purpose of a touch-friendly UI, but I'd just be curious to see whether it works. However if someone could recompile a program for ARM, it still might not work on Windows RT, since I heard that Microsoft removed a lot of the code required to support desktop applications. But I've no idea how true that is, given that Exporer, Paint, Office, etc. continue to work.

sevenacids
on Jan 8, 2013

Honestly, after that jailbreak became public (and even before that), I believe that there is no technical limitation to built Win32 applications that run on ARM. Indeed, Microsoft removed a lot of code - but only for the Start menu, etc. I think most of the Win32 API works fine on ARM, at least the essential bits. Maybe not performance-wise, but it works.

stlbud
on Jan 8, 2013

Two things are interesting about this "break". One, the break is only good for that session. Restarting Surface restores the "closed" environment. Two, the first app they chose to install is a SSH terminal program. There is already a SSH terminal program in the store. It's obvious we won't get iTunes any time soon (thank god), but we probably can get by, well enough, without a lot of simple utilities.
The really good apps, are going to be ported. Look at the efforts of VLC. I'm looking forward to powerful and innovative new apps that really take advantage of the Surface's features.

GoodThings2Life
on Jan 8, 2013

Honestly, there's only ONE utility missing from Surface RT's desktop mode that I desperately miss... good old command-line telnet.exe. If I had that RT would have accomplished 98% of my computing needs, including my work.

It would be nice, of course, if I could run ARM-compiled .exe's on an RT system's desktop environment and bypass the store, but I don't see businesses rushing out to do that for what is clearly a consumer device, so it begs the question... why do hackers feel compelled to do this sort of thing? Clearly those of us with these needs would be better suited with a proper Intel/Windows 8 system that doesn't require this level of hacking.

sevenacids
on Jan 8, 2013

I think the whole point of the jailbreak by clrokr was to show that there doesn't seem to be any technical limitation that makes Win32 applications impossible to run on Windows on ARM. Microsoft just doesn't allow it by enforcing any Win32 application compiled for ARM/Windows RT to be signed with a Microsoft certificate.

The assumption is that Windows RT is a clean port of the NT kernel to ARM; therefore, it should be able to run any Win32 application compiled for that architecture. I know, the whole point in Windows RT are the Metro-style apps and the Windows Runtime, and that there may be performance concerns on Microsoft's side (traditional Win32 applications that haven't been tweaked for ARM might not run very well on it or will drain your battery). But why not provide an interface where the user can turn off this aritfical limitation?

gsurath
on Jan 10, 2013

Paul, to quote Star wars "Only the Sith deal in absolutes". Essentially your statement of "The issue is that Windows RT is essentially a sealed environment, like the iPad, where users cannot install apps willy-nilly as they can on traditional Windows versions" is absurd. I have already installed 7zip to run on my Surface and it is surely not approved by the Windows Store. As we talk more and more apps are being recompiled (There is a separate thread for this on xDA) and I am sure We may get a fully featured Thunderbird running for eMail sometime in the future. Separately, I have successfully side loaded drivers for by USB ethernet cable so maybe you could just agree that Windows RT is not as sealed an environment as you probably thought it was?

pthurrott
on Jan 11, 2013

I can't stop the 1 percent from doing silly things. It's not about speaking in absolutes, it's about speaking to the norm/mainstream. Some people will hack Android, iPad, whatever. So to with Surface. But these things will always be prevented with updates going forward, so they're not to be recommended for normal people, who would then be emailing with spastic complaints because some silly desktop utility they installed suddenly stopped working.

metro884
on Jan 11, 2013

I think it has to be more like 88%. Most of who I know have jailbreaked their iOS devices. And that will make them more vulnerable. It's just like the Android. It's "bulletproof" until you allow unsigned apps and "marketplaces" in. iOS also always updates so that the current jailbreak won't work. And the next "jailbreak update" takes care of that. It's a constant race. Can't really blame people for wanting to do whatever with their devices, but most don't know the secuirty impications they also introduce when doing so...

Please or Register to post comments.

Related Articles

IT/Dev Connections

Las Vegas
September 30th - October 4th

Paul ThurottYou'll have the opportunity to experience:
• 120 Technical
Sessions
• Networking with Peers
• Expert Speakers


Come See Paul Thurrott & Mary Jo Foley in Person!

Register Now

Office 365 InfoCenter

Get the latest insight and info from Paul

Read Now!

What I Use
Apr. 18, 2013
Article

What I Use: On the Road 20

Every so often, I publish an updated version of my “What I Use” document, which details the technology products and services I actually use day-to-day. Since I’m currently on my third business trip in five weeks, this is perhaps an ideal time to discuss the technology products I rely on when I travel and a few related points....More
Mar. 6, 2013
Article

What I Use: March 2013 33

Lots of changes since November, including a new PC-based home server running Windows 8, several new smart phones, new PCs and tablets, new cloud backup, Office 365 Home Premium and a nice doubling of my Internet speeds courtesy of Verizon FIOS....More
WinSuperSite.com
Related Penton Sites
Copyright © 2013 Penton Media, Inc