Forgot your password?
typodupeerror
Businesses Microsoft Software Windows

Microsoft's Windows 8 App Store Is Full of Scamware 188

Posted by samzenpus
from the needs-a-cleaning dept.
Deathspawner writes Windows 8 brought a lot to the table, with one of its most major features being its app store. However, it's not a feature that Microsoft seems too intent on keeping clean. As it is today, the store is completely littered with misleading apps and outright scamware. The unfortunate thing is that to find any of it, all you have to do is simply open the store and peruse the main sections. Not so surprisingly, no Microsoft software seems to be affected by this, but many open-source apps can be found at the store from unofficial sources that have a cost, or will lead the user to download a third-party installer. It's only a matter of time before malware sneaks its way in, if it's not there already.
This discussion has been archived. No new comments can be posted.

Microsoft's Windows 8 App Store Is Full of Scamware

Comments Filter:
  • by Opportunist (166417) on Monday August 18, 2014 @03:08PM (#47697519)

    Sadly now the table is cluttered with crap nobody needs. Could someone bus the table, please? I got work to do.

    • Re: (Score:3, Informative)

      by Anonymous Coward

      Could someone bus the table, please? I got work to do.

      That is the whole problem. Windows 8 is not designed to produce anything, only consume stuff produced by others. Probably another reason it has never caught on with businesses, you can't actually do anything useful or productive with it.

      • by tepples (727027)
        That might be true of Windows RT, but Windows 8.1 with Classic Shell is just as ready for production as Windows 7.
        • by Opportunist (166417) on Monday August 18, 2014 @04:18PM (#47698109)

          But why should I get Win8 when I have to get it and then jump a few hoops to get what I already had with Win7?

          • But why should I get Win8 when I have to get it and then jump a few hoops to get what I already had with Win7?

            Because Windows operating systems have a finite life cycle [microsoft.com]. Mainstream support will end three years earlier for Windows 7 than for Windows 8, as will extended support.

            • Re: (Score:3, Insightful)

              by Opportunist (166417)

              My hope is that by then either Windows 10 is out or a replacement OS is available to escape the upgrade hell altogether.

            • That answer was just as bland and useless as the form letters most tech support sites give you. You said the official policy but didn't answer the question. To answer his question, the answer is a simple "You shouldn't." I have plenty of PC's running old versions of Windows and they chug along just fine even though they officially EOL'd decades ago. My first industrial control system (Wonderware HMI, Modicon PLC) is chugging along fine on a 486 running Win 95 and I built it in 1994 while I was still in
              • The whole EOL thing is laughed at by us out in the real world building things. If it ain't broke, don't fix it, and if it is broken, it still won't get fixed until it costs the company less money than the amount they're losing.

                I agree with you so long as a device is not connected to the Internet. I still run a game console made in the late 1980s, for instance. Devices connected to the Internet, on the other hand, are subject to attacks that were not foreseen prior to EOL.

          • by exomondo (1725132)

            But why should I get Win8 when I have to get it and then jump a few hoops to get what I already had with Win7?

            Because most new PCs come with it installed. I don't see any reason to upgrade an existing Windows 7 PC to Windows 8 but it's hardly the end of the world if you buy a new PC with Win8 already installed.

  • Clickbait (Score:5, Informative)

    by Anonymous Coward on Monday August 18, 2014 @03:08PM (#47697523)

    This is a pretty bad example of clickbait. The linked bog basically says "There is junkware. Microsoft's Trademarks are protected but others, like iTunes and Firefox, get scammed by repackagers, same as any search engine.

    • All this means is that companies like Apple and Mozilla happen not to have notified Microsoft of the infringement yet. So if you're worried about it, go tell Apple's legal department [apple.com] and Mozilla's [mozilla.org].
      • Re: (Score:3, Insightful)

        by Rosyna (80334)

        All this means is that companies like Apple and Mozilla happen not to have notified Microsoft of the infringement yet. So if you're worried about it, go tell Apple's legal department [apple.com] and Mozilla's [mozilla.org].

        Why should they have to? The store is supposed to be curated and given these examples, it's obvious it is not curated at all.

        • The monopoly app store of an operating system with the market share of Windows cannot be curated as tightly without raising red flags to regulators that Microsoft is abusing its monopoly. True, the US gave Microsoft a slap on the wrist after George W. Bush took office, but at least Europe's competition regulators still have some testicular fortitude. Apple and the major video game console makers get away with it because their market share is not necessarily large enough to produce what economists call "mark
          • Does anybody actually buy apps for Metro?

          • by countach (534280)

            Possibly, but cutting out obvious spam-ware would hardly be criticised by anyone.

        • by ArhcAngel (247594)
          Currently Microsoft needs more apps than it does quality. When they approach a customer they can tell them they have a gazillion apps in their store to deflect the "but the iPhone/Android has so many more apps.". Rest assured once it blows up in their faces they will clamp down hard. They are famous for reactionary overcompensation.
      • Why should Apple care? Actually, if I was Apple, I'd enjoy seeing my opponent's store being cluttered with crap which makes mine all the better looking.

        • Why should Apple care?

          Apple should care about the misuse of its own trademarks because of the threat that they'll become no longer distinctive.

    • by omnichad (1198475)

      More like the Microsoft App Store is a bad example of clickbait.

  • by man_ls (248470) on Monday August 18, 2014 @03:09PM (#47697525)

    Lacking evidence to the contrary, it seems Microsoft actively approves this state of things. They have a human performing certification and content compliance, which involves actually installing and verifying these applications:

    "Content compliance: Our certification testers install and review your app to test it for content compliance. The amount of time this takes varies depending on how complex your app is, how much visual content it has, and how many apps have been submitted recently."

    With that statement, they must be 100% complicit in these scams, because it makes them money when someone bites, and because it keeps the number of apps in the app store up.

    • So that raises a question then: is "not spying on/advertising at your users" a requirement?

      What other possible criteria could there be?

      Are they more concerned with, say, pornography, than actual user experience?
      What are they worried about stopping?

    • Microsoft also lies (Score:4, Interesting)

      by s.petry (762400) on Monday August 18, 2014 @03:43PM (#47697805)

      I think we have plenty of evidence to the contrary. Microsoft has, and does, willfully provide false information. They do this deliberately and indiscriminately, even to judges while under oath. Maybe you forgot about the claims to a judge that "If you remove Internet Explorer the Operating system stops functioning.". Even though a judge was smart enough to remove IE and show they were lying, nobody went to jail. So the trend continued.

      Now what possible motivation would MS have for lying about approving apps? Easy, it's a numbers game. If Apple has half a billion applications how can MS fudge numbers to look relevant and not appear to be deliberate liars? Easy! Let people dump all kinds of crap into their app store so they can claim "look how many applications we have!' and "Look at our growth rate, thousands of new apps every day!". Both are technically true, though based on a lie about monitoring.

      MS further can easily blow off the lie about approving content. Expect something along the lines of "Our people were not trained properly" with some bogus "we were hacked" charges sprinkled in for FUD and sympathy.

    • by Darinbob (1142669)

      This is no different from the Apple store or Google's Play Store. All app stores, by their very concept, are full of scamware.

  • "Well that's what you get for buying non-Microsoft products. Maybe you should have tried something from a reputable company, like say Microsoft."

    The same thing however, killed a videogame company or two. It's not the maker that suffers, it's the market.

  • by tepples (727027) <tepples@gmaiBLUEl.com minus berry> on Monday August 18, 2014 @03:15PM (#47697579) Homepage Journal

    but many open-source apps can be found at the store from unofficial sources that have a cost

    FSF says it's perfectly fine to distribute free software for a fee [gnu.org], so long as the license is followed.

    But platforms relying on a single app store have in the past made copyleft license compliance difficult or impossible. The GNU General Public License, for example, defines "source code" to include what GPLv3 calls "Installation Information" and GPLv2 calls "scripts used to control compilation and installation". When a platform requires all code to be digitally signed, a signing key is part of this "Information" or these "scripts". And the terms for obtaining a code signing certificate tend to forbid developers from sharing the private key with the public. This is why GPL software like VLC can't be on Apple's App Store [slashdot.org], nor can ScummVM be on the Wii console [slashdot.org].

    • For your amusement: https://itunes.apple.com/ca/ap... [apple.com]
      • by tepples (727027)
        That can happen if all GPL code gets relicensed or rewritten. VideoLAN's page about VLC for iOS [videolan.org] states that it was relicensed under the Mozilla Public License, and presumably that wouldn't include any contributions from a contributor who declined to relicense his contributions. I wasn't party to the relicensing negotiations, and I lack my own iOS device on which to evaluate this app. Are any significant codecs or containers missing?
      • by Himmy32 (650060)
        Yeah, the problem before was that Apple was selling a license on behalf of a third party, which runs a foul with the GPL. If Apple charge for the software and not for a license then they would be able to sell it. Since this is "Free", they aren't selling a license so it doesn't have issues with the GPL.
    • I must have missed where the OP said that this behavior was illegal, or that the FSF said it was wrong to profit from software. The point was that Microsoft endorses the behavior of scamming the unsuspecting noob into thinking they have to buy a product, when it is available for free.
      • And I missed the point where OP said someone had already made the open-source stuff available for free - in the windows app store.
        Just because its open source doesn't automatically mean you can "apt-get install" it on Windows.

    • by Himmy32 (650060) on Monday August 18, 2014 @03:52PM (#47697897)
      If I remember correctly, the issue with VLC on the Apple store was that the GPL allows charging for the software but does not allow charging for the license. Since Apple doesn't charge for the software but instead charges for a license to the software on behalf of a third party. So you can put free GPL on the Apple store but not pay for, even though GPL allows for it.

      I actually had to read about the Wii store issue. The issue there seems to be that a subcontractor used both ScummVM and Nintendo's SDK. Nintendo explictly prohibits use of open source software together with their Wii SDK. Again nothing have to do with keys. Use of the Wii SDK forbids Open Source, so it doesn't what the terms of the GPL are, no GPL at all on the Wii Store.
      • by tepples (727027)

        If I remember correctly, the issue with VLC on the Apple store was that the GPL allows charging for the software but does not allow charging for the license.

        I thought it involved ensuring that anybody possessing a usable copy can make and distribute usable and modifiable copies to other users, and Apple doesn't let app developers ensure this.

        Use of the Wii SDK forbids Open Source

        There's plenty of non-copylefted open source software in the Wii Menu, Internet Channel, and Wii Shop Channel. Nintendo's SDK license appears to just forbid use of copylefted software. If you want, I can hook up my Wii console and find exactly how to open the list of copyright notices for the non-copylefted open source libr

    • by Darinbob (1142669)

      But nothing forbids getting the unsigned code via a side channel. So get ScummVM on your console and it includes a note about how to get the unsigned version along with an HMAC or MD5 sum to verify it is secure.

      • by tepples (727027)
        If this "side channel" does not allow the user to install a modified version of the work on at least some device, then it does not include "scripts used to control [...] installation of the executable" and is thus not "complete source code".
    • Actually, you don't need to provide signing keys for GPLv2. Tivo used GPLv2 code without a signing key, and the only thing the FSF could do was come out with GPLv3 that explicitly prevents that. That was one of the driving forces behind GPLv3 (although they did a lot of other things as well).

      • by tepples (727027)

        Tivo used GPLv2 code without a signing key

        Did a court ever decide whether TiVo failed to provide "scripts to control [...] installation"?

  • by chaosdivine69 (1456649) on Monday August 18, 2014 @03:16PM (#47697587)
    I don't know about other users but I've had an ASUS Windows 8.1 desktop for almost a year now and have never downloaded or installed ANY apps from the Microsoft "store" and have only once clicked on the App Store tile itself once by mistake. I avoid their "store" like the plague on a desktop environment. I don't have the need or want to Skype or play Angry Birds on the desktop I guess...who uses the Microsoft App Store and for what purposes? I'm genuinely curious...
    • by tepples (727027) <tepples@gmaiBLUEl.com minus berry> on Monday August 18, 2014 @03:22PM (#47697649) Homepage Journal
      Apparently Microsoft is putting major service packs for Windows on the Windows Store now. For example, the upgrade from Windows 8 to Windows 8.1 is offered without charge through the Windows Store application. But if you waited until Windows 8.1 to buy your laptop, this upgrade was already done for you.
      • I see. Thanks. It makes me wonder then why they don't remove the Windows Update separate program altogether and have all OS updates done through their store if they're wanting more customer awareness and compulsive drive-buys for apps/media.
        • I imagine that Microsoft didn't offer Windows 8.1 to Windows 8 users through the normal Windows Update mechanism because Windows 8.1 introduced additional hardware requirements. For example, unlike Windows 8, Windows 8.1 requires NX and SSE2 support in the CPU.
        • That's exactly what Apple is doing. The OS and assorted upgrades and patches are delivered through the app store.

          One store to rule them ...

    • I use the Citrix receiver, since the Windows App Store version doesn't start up stuff (like the Citrix Connection center) when you log into your PC that disables window effects/themes. It also doesn't throw annoying icons in your start menu and on your desktop for remote apps. Great for the PC you only occasionally connect to Citrix with. I also use a cool Kanji lookup app on my convertible ultrabook. I have a few games I've bought through it, but it's pretty minimal.
    • I use it quite a bit. I like the metro Skype better, since I want it more full screen. I like it for email and chat too since I can have metro snapped to the side with desktop full screen. I also use a metro calculator for similar reasons.

  • Nope. (Score:3, Interesting)

    by Anonymous Coward on Monday August 18, 2014 @03:18PM (#47697613)

    , but many open-source apps can be found at the store from unofficial sources that have a cost,

    Not quite, Mr. Summary. There's nothing legally wrong with selling open-source apps if the license is followed. And ethically? Consider this:

    Why would anybody find this useful? If there's a particularly obscure but useful open-source app that updates irregularly, or it's difficult or cumbersome to install, or maybe Grandma just doesn't want to mess around with MSI and EXE installers, then the new publisher would be adding value and providing a service in providing the open-source across the Store interface; reducing the fuss needed to get the software working, updated and safe.

    There's nothing stopping the original developer / copyright holder / copyright assignment entity, or indeed any other legally allowed entity, from putting up the software on the Store for gratis (assuming the Store allows that) alongside New Publisher's paid for version, but if they haven't or don't want to that is their own problem. If the New Publisher has monitised the service they provide in packaging the OSS app, then bully for them.

    This is all in a fantasy land where said 'good' publishers existed and actually worked to keep the software updated regularly, I know.

    • The trouble is trademark. If you use the trademark of the software you recompiled then you are violating trademark law and using the official branch's trademark for personal gain.

  • So in Google Play (Score:5, Informative)

    by CptChipJew (301983) <michaelmiller@gm ... m minus language> on Monday August 18, 2014 @03:25PM (#47697673) Homepage Journal
    But you don't see the Android marketshare suffering do you?
    • by The Raven (30575)
      The difference is in the prevalance. Scamware in iOS and Android exists on the fringes; some % of all software will always be illegitimate. But Microsoft has so little legit content that the scamware rises to the top way more often than occurs for the other stores.
  • Isn't this a trend with all app stores now? There's little incentive for any developer to create something only to have it cloned the next day, and have your original app downvoted by the army of the "competition", e.g., http://www.reddit.com/r/gamede... [reddit.com]. I'm starting to think there are more "rogue" apps than legit ones.

    Many apps use Adware anyway, which is just a backdoor waiting to happen. Do you trust the developer not to sell you to the highest bidder? The information you hold might be more valuable th

  • by Overzeetop (214511) on Monday August 18, 2014 @03:52PM (#47697899) Journal

    Worse that pay-to-play software of dubious quality is the entire lack of support for major applications, and a complete lack of serious productivity and mainstream apps. Many of the apps are poor stepchildren of their Android and iOS counterparts if they even exist at all. A useful, app-style browser is woefully missing (for those who have convertible tablet/laptops, you can't have Chrome, IE or FF act as an app/finger centric if you use them in desktop mode.)

    The iOS and Android app stores are full of shit, too, but at least there's some good stuff out there. For MS, all they have is the shit.

  • ....to the table. Some of it might even be good, but hiding it under a steaming pile of UI was not the smoothest of moves. As for their store, color me shocked that MS of all people copied a competitor's product with a half-assed implementation.
  • Hell, I noticed it almost a month after the Store Debuted.

    As I said in the AV is Dead Article, I tell our customers "Don't download or install anything" and I mean it. The windows store is like the wild west. They do no QA on the content and refuse to remove obvious scam acts. Hell, MS in many cases doesn't even host the files, they post a button that says "Get App From Publisher" that leads to a third party site where you can "download" the file. That's just stupid.

    The other thing that really needs to get

  • App stores attract scammers like **** attracts flies. Any app store is an ideal means to get scam- and malware to a gigantic group of, on average, not really tech-savvy people. An app store is basically a mark store for scammers.

APL hackers do it in the quad.

Working...