[CyberDildonics]

I don't know why this is buried, it is absolutely true. What windows users need are some sort of sandbox / container / jail where registry / file system / system calls are isolated. Then you could package up a program into one file and delete it to uninstall it like one file. This could have been done decades ago and now microsoft is banking off of the fact that they never did.

[diego_moita]

> I don't know why this is buried

Because it is the typical anti-M$ conspiracy theory. It blames on "evil" what it can't understand.

Win32 is not insecure because they wanted to sell security. It is what it is because that's what made sense at the time, before Internet and viruses appeared, memory was restrained and virtualization and sandboxing were obscure techniques and processing power and memory were severely constrained.

The "could have been done decades ago" is not that simple. One way or the other it should imply in limiting direct access to resources by programmers. And, giving how big the Win32 ecosystem became, that's more political than technical.

[emodendroket]

Well, yeah, a lot of the decisions that people question have to do with not breaking existing software.

[walterbell]

Doesn't App-V / Desktop Bridge provide exactly this sandbox?

If the resulting file can be distributed outside the Windows app store, the developer can avoid the appstore tax and retain access to a direct customer billing relationship. If signing of the sandboxed-app-installer is required, $100/year (or other tolerable fixed cost) is still better than a 30% tax on every sale.