If I want to give an appx app package to someone to sideload on a windows 10 pc with a developer account, is there any way to prevent the appx package from being distributed online?
When it is in the Windows store, the store handles payment and basic licensing. There is no strategy whereby I could revoke a side-loaded app???
Thanks...
The appx package doesn't provide anything for you to verify the usage of it. Anyone can install with your package.
But you can create your own account system by setup a server and ask your user to login to use your features. If they are not licensed user when you verify their account, you can disable the navigating behavior from your app to prevent they use your functions. This means although they can install your app, they may not able to use the functions you provided behind your verification. Does this make sense to you?
If you intend to deploy the app in the store you should submit an .appxupload. The .appx is only used to sideload the app on a device.
Of course anyone that has access to the .appx can do whatever they want with it - like for example side-loading it - just like they can do whatever they want with an .exe. There is no functionality within the .appx deployment technology that allows you to "revoke a side-loaded app" from an unknown computer that you don't have access to if that's what you are asking.
If you want to restrict the access to your app, or rather the app content, you should implement some kind of authentication and/or authorization within the app itself. You could for example connect to a remote service that grants access to user's at startup.
Related
I am curious about this when I am getting to know more about programming WinRT app. Normally for regular Windows programs, developers can use system headers like WinINet.h or WinHttp.h, etc. However, it is not allowed to use them in an WinRT store app.
I was wondering what way they use to prevent developer from using those dlls, how do they check, and why they do this to developers?
Thank you
All Windows Store apps run inside of an AppContainer. All of the dlls and libraries that they are allowed to import/use are limited by the rights of the AppContainer. Generally, the apps have the rights of the user "ALL_APPLICATION_PACKAGES" I believe, so that means that they have the read/write capabilities of that user. They still are only able to access the system via the AppContainer, so any limitations imposed by the AppContainer still exist.
Now, there is a way around this. The developer can use the FileOpenPicker to allow the user to choose a file or folder (via the FolderPicker) that the program can use.
They do this to developers to make it so that the AppContainer is a very closed-off sandbox running in basically a virtual environment. In this way, simply for the fact that a program is running inside of the AppContainer, it can be said to protect the users data and prevent the installation of malware.
This does not necessarily prevent an app from social engineering or phishing. That is policed via the certification and compliance system.
I need to write an application that can detect if the "Bing - Get me there" application is installed on the current phone and if so, launch it.
Is this possible? The app would need to do this for other external applications as well, so a generic method or interface for this would be helpful.
Applications run in a sandbox on Windows Phone and there is no way to tell if other applications are installed unless you are writing both of them and you use a method to announce to other applications that you are installed and they know how to read that announcement.
2 approaches to such announcements would be:
Have both (all) apps synchronise with a web server and report which devices they have been installed on. The apps can the query which other apps have been installed on that device.
Have all apps write a file to a location where all apps can access. The only place to do this is the PicturesLibrary so you have to embed the identifier in the name of the image or in its contents and be able to query all images to identify the other installed apps. The user could manually delete any images you create in this way though.
Beware, neither method can tell if the other app has subsequently been uninstalled though so this is far from foolproof.
As far as I know, there's no way to do that.
Applications on Windows Phone run in complete isolation, and can not act with other applications, other than some highly specialized apps (i.e. for playing media).
Is there anyway to install wp application to the phone directly, Lets say I have a wp application and xap file, I want to put it somewhere on internet and the wp user will get that link and install application to the phone. I dont want to put it to Marketplace and I dont want to deploy it to phone from PC.I want directly get it from internet and install to the machine.Is that possible?
No it is not possible.
Microsoft only wants deployments through the marketplace and for developers they created a way to deploy it from your pc to test stuff. for every other user all the installations have to go through the Marketplace.
The reason they do it this way is that they have control on which apps are being published for the platform and they will test all the applications submitted to the marketplace. If you could download apps while skipping the marketplace they can't do the testing etc.
If you want to do beta-testing of your Application with a specified group of user
there is a special way. Its integrated within the marketplace, but your app wont be available to the public. Read this article about it.
Only developer unlocked phones can deploy XAP files in that manner. For others they have to download it from Marketplace, no other options are available.
But for hobbyists , there is Chevron. This will allow you to side load apps .
You can can find several links explaining about ChevronWP7 over the internet.
I have an app that I'm going to put in the Mac App Store. I'd like to add iCloud support for preference syncing, and for that reason, I'd like to distribute the betas signed in such a way that they can access iCloud.
However, I haven't been able to find anything in the Mac documentation library about distributing an app, signed with a distribution key, outside of the App Store, and being able to access iCloud.
So far, my attempts to distribute such an application have met inability to launch on testers' machines, with messages in the Console complaining about the app having the iCloud entitlement.
Is what I'm after possible, or should I abandon iCloud support? If it is possible, what do I need to do to make a distributable, iCloud-capable build?
Edit: To be clear, you can replace “iCloud support” in this question with any other feature that is only available to App Store apps. I mention it to establish that the solution is not “just distribute it unsigned”. iCloud is the goal in my specific case; I'm asking about the general process.
You would need to gather the UUID for the tester's mac, either available via Xcode's Organizer or you can also access it via Apple System Profiler under the hardware overview. After adding it to the developer portal you'd generate a provisioning profile.
In order for them to actually run the application they would need to make use of an iTunes Connect test user account. This is one of two types of accounts that you can create in iTunes Connect, the other being an account with privileges (financial/technical/etc) for your developer membership. The test user account is needed in order for a receipt to be generated and the application actually run. Though you might be able to sidestep the test user account requirement by not actually validating receipts at that phase of development.
If you want to do iCloud or Push you need the UUID.
If you want to test a MAS app that doesn't need iCloud or Push, but does do receipt validation you need only the test user account.
My iCloud Mac app is stil in development, so I didn't try yet. But isn't it possible to sign the app with an entitlement and add a test user to iTC. In the OS X provisioning portal you can already add devices, and you need to add the testers Macs there and re-create the provisioning profile afterwards. After build & archive you "Share..." the app as installer or .app. The user needs to login with the/his test user you created in iTC on her/his Mac.
To get Windows users to log on as regular users instead of admin, I need to check that all their applications run OK with limited rights.
Is there an application specifically aimed at checking that an application can run with limited rights, or is SysInternals' Process Monitor what everyone uses for this purpose?
Thank you.
Create a test account that has the permissions as the domain users of your application Login in as this user on a non-development computer. Preferrably a computer with a new operating system installation and all of the other "standard" company software. Install the software and run. This is the only way to really test your application.
Make sure you exercise the entire application.
Make sure install and uninstall work as expected and do not leave any artifacts behind.
Having the ability to restore the operating-system and software on the test computer to its original state is a great help.
Use the Permission Calculator Tool to make sure you handle obvious issues before performing this test.
I'm not sure if it would help since I never used it but I know there's a Permission Calculator Tool (Permcalc.exe) at http://msdn.microsoft.com/en-us/library/ms165077%28VS.80%29.aspx.
Permission Calculator Tool
(Permcalc.exe)
The Minimum Grant Set Determination
tool (Permcalc.exe) is used to
estimate the permissions callers must
be granted to access the public entry
points of an assembly. This tool is
new in the .NET Framework version 2.0.
It is intended for use by advanced
users.
Run this application on Windows 7/Vista with access control enabled. You may consider Windows 7 as such testing application :)
It is recommended to use non-administrator account with activated access control on a developer computer, when you write and debug the program. This creates some problems, and Windows developers hate this, turning off access control or using administrator account. However, working on Linux/Unix, we don't have administrator rights, and this is OK.