Microsoft has set Windows RT so that it can only run special apps approved by Microsoft itself. A hacker has found a way around this restriction.
The hacker, who goes by clrokr, says that changing a single value in the Windows RT kernel removes the limitation. Once it has been changed, the system will run unsigned apps that don’t come from the Windows Store..
In theory, this could open tablets running Windows RT up to a much wider range of third-party software, but in reality it’s not very practical at this point.
A Limited Accomplishment?
There are several reasons why this hack isn’t a game changer. First off, the modification can’t be made permanent. So every time the Windows RT device restarts, it has to be altered to allow desktop apps. And it’s not a change the average user could easily make.
The second reason is the most important. Windows RT runs on ARM-based processors, and any desktop software it runs also has to be compiled to run on ARM chips. Software created for the regular version of Windows 8 has been compiled for x86 processors and simply won’t run on a Windows RT tablet. Apps would have to be compiled for ARM chips.
Windows RT = Windows 8
In his blog post documenting his discovery, clrokr says “Windows RT is a clean port of Windows 8. They are the same thing.” The main difference between the two is that they have been compiled to run on two different types of processors.
clrokr then urges Microsoft to remove the restriction so that only signed apps can run on Windows RT. “The decision to ban traditional desktop applications was not a technical one, but a bad marketing decision. Windows RT needs the Win32 ecosystem to strengthen its position as a productivity tool. There are enough ‘consumption’ tablets already.”
After news of clrokr’s discovery went around, a Microsoft representative said:
The scenario outlined is not a security vulnerability and does not pose a threat to Windows RT users. The mechanism described is not something the average user could, or reasonably would, leverage as it requires local access to a system, local administration rights and a debugger in order to work. In addition, the Windows Store is the only supported method for customers to install applications for Windows RT. There are mechanisms in place to scan for security threats and help ensure that apps from the Store are legitimate and can be acquired and used with confidence. We applaud the ingenuity of the folks who worked this out and the hard work they did to document it. We’ll not guarantee these approaches will be there in future releases.