Microsoft "applauds" the hacker that jailbroke Windows RT
Yesterday, we brought you the news that a hacker named Clrokr had jailbroken Windows RT and enabled unsigned apps to run, rather than only the apps from the Windows Store signed by Microsoft. We contacted Microsoft about the matter, and especially the claim by Clrokr that Windows 8 is essentially the same as Windows RT, except for an artificial security barrier. Microsoft just responded to the matter, saying that it "applauds" Clrokr's efforts.
The full response from the Microsoft spokesperson was:
The scenario outlined is not a security vulnerability and does not pose a threat to Windows RT users. The mechanism described is not something the average user could, or reasonably would, leverage as it requires local access to a system, local administration rights and a debugger in order to work. In addition, the Windows Store is the only supported method for customers to install applications for Windows RT. There are mechanisms in place to scan for security threats and help ensure that apps from the Store are legitimate and can be acquired and used with confidence.
We applaud the ingenuity of the folks who worked this out and the hard work they did to document it. We’ll not guarantee these approaches will be there in future releases.
Microsoft didn't even bother to comment on the claims that Windows 8 and Windows RT are the same. We pressed the matter, but Microsoft didn't even make the excuse that the two systems are essentially the same, but compiled for different processors. All we got was more PR speak about security and such (which we never actually asked about).
The most important part of the statement is that last sentence of course, because it is essentially a promise that Microsoft will patch any holes that hackers use to exploit the system. So, we may well see Microsoft enter the same cat-and-mouse game that we've seen between Apple and iOS jailbreakers for years now.