Metro AP security problem


  • You can get the data or source code based on the following methods.

    If I would like access the data of Piano.
    step1: run regedit and select HKEY_CURRENT_USER/Sofware/Classes/Extensions/ContractId/Windows.Launch/PackageId/

    You can find the folder of Piano.

    Open the folder and get all of files.

    The source code could not be hidden when using JavaScript to make our Metro AP. 

    The other question is that someone gain all files and copy them.
    For example, I gain the Piano AP all files, using VC2011 to re-create new project adding all files from the Piano AP.
    It will happen in using JavaScript development program, but not in C++ or C#.
    So Microsoft must be hidden files from MS App Store, otherwise there will be Pirates of the copy problems.


    Saturday, October 1, 2011 8:28 PM

All replies

  • Thank you for posting your feedback, we want to make sure we get the right info including your log files. Can you also submit feedback using the Windows Feedback Tool from the Connect Site associated with your Windows Developer Preview program? If you’re an MSDN subscriber, the information on how to join the Connect program is included on the download page where you installed Windows Developer Preview. There’s a link to the Connect site and an invitation code that you can click on to join using a Windows Live ID account. If you’re not an MSDN subscriber follow this limited use linkto join the Connect program and then follow the steps here.


    In case the link above gets messed up, the URL is below:




    The last link goes to: How do I install the Windows Feedback Tool and file a bug


    If there are any questions let us know.



    Saturday, October 1, 2011 8:33 PM
  • Hi Chris,

    is there response regarding Metro App security problem?

    I am also interesting in this topic.

    Thank you

    - Slash
    Thursday, December 15, 2011 1:18 AM
  • One general suggestion that you could always encrypt your code. Even if your could is not find using the method that you said, it is possible to find location of metro apps using other methods. So it is better to encrypt your code if you want to keep it secure.
    Friday, December 16, 2011 11:17 AM