What might surprise you about Windows 8 store apps?

Sunday, March 03, 2013 gc 0 Comments

The surprise: plain JavaScript source code can be viewed easily. The JavaScript codebase is available as one or more text files. No DLL. Just code sitting in the app directory. As shown previously, you can browse the Windows App directory and view assets for any store app.

36% of Windows Store apps are written using HTML5/JavaScript (WinJS). These apps are not just news reading apps, but more serious apps. One example is the Bank of America app.

Having worked on some other serious financial applications (www.bmwusa.com and a fully-automated trading system), I am certain that the Bank of America app is well analyzed and protected with extra security features across the service layer. Communication that crosses the service layer also crosses a security boundary. When a security boundary is crossed, you must assume that every call is a  potentially intrusion attempt. A zone where real security comes into play. Here are some actions to take and decisions to make when writing service apps that I wrote for the Microsoft Developer Network (MSDN) back in 2011: http://www.pursuitofgreatdesign.com/2011/08/why-use-decision-framework.html. When security is paramount, you should consider taking multiple countermeasures for each threat so that if one of the countermeasures is compromised or misconfigured, others are still in place to protect against the threat.

As for the JavaScript files (codebase) in plain text files, you can take extra steps to strip comments, minimize, and obfuscate the code — likely a good idea. This is a common technique for JavaScript producers since their source code can be viewed online as it is downloaded to browsers to run. Even C#/C++ apps can be decompiled, but with JavaScript there is no need.

Whatever you decide, make sure that you protect the service boundary. The service protector pattern could also help. Another option: use a message processing layer that can immediately deny and log offending messages; that is, where each message is analyzed before it is allowed to pass through to application code. This way, every message is guaranteed to be analyzed.


You Might Also Like