WinRT - New Ways to Infect Your Machine

You may think the title of this post is a little weird, but with Windows 8, Microsoft has announced a new platform for building applications or what they call "apps", called Windows RunTime or WinRT for short. Last year, they were telling all the MS developers to use WPF and Silverlight, this year it's something different.

I don't know ... being a developer, that would piss me off no end. Particularly, when a developer on the Windows Weekly Podcast mentioned his WPF app would have to have "large chunks" of the code rewritten for WinRT.


Now to the title of this post ... Web apps traditionally run in a browser; they're sandboxed from the rest of your operating system. Javascript is a language that can't access your file system, which is a good thing given all the vulnerabilities, cross-site scripting, code injection that has been done with it over the years.

WinRT now gives Javascript access to hard drives and the file system, display, speakers, printers, scanners, etc. and given Microsoft's track record ... that just scares the bejeezus out of me.