Yesterday, Microsoft revealed that
the Windows Store is now open to all developers in a wide range of countries and locations. For
the people who think "wtf is
the 'Windows Store'?", it's
the central place where Windows 8 users will be able to find, download and purchase applications (or as we now have to say to not look like a computer illiterate: <accent style="Kentucky">aaaaappss</accent>) for Windows 8. As this is
the store which is integrated into Windows 8, it's an interesting place for ISVs, as potential customers might very well look there first. This of course isn't true for all kinds of software, and developer tools in general aren't
the kind of applications most users will download from
the Windows store, but a presence there can't hurt. Now, this Windows Store hosts two kinds of applications: 'Metro-style' applications and 'Desktop' applications.
The 'Metro-style' applications are applications created for
the new 'Metro' UI which is present on Windows 8 desktop and Windows RT (the single color/big font fingerpaint-oriented UI). 'Desktop' applications are
the applications we all run and use on Windows today. Our software are desktop applications.
The Windows Store hosts all Metro-style applications locally in
the store and handles
the payment for these applications. This means you upload your application (sorry, 'app') to
the store, jump through a lot of hoops, Microsoft verifies that your application is not violating a tremendous long list of rules and after everything is OK, it's published and hopefully you get customers and thus earn money. Money which Microsoft will pay you on a regular basis after customers buy your application. Desktop applications are not following this path however. Desktop applications aren't hosted by
the Windows Store. Instead,
the Windows Store more or less hosts a page with
the application's information and where to get
the goods. I.o.w.: it's nothing more than a product's Facebook page. Microsoft will simply redirect a visitor of
the Windows Store to your website and
the visitor will then use your site's system to purchase and download
the application. This last bit of information is very important. So, this morning I started with fresh energy to register our company 'Solutions Design bv' at
the Windows Store and our two applications, LLBLGen Pro and ORM Profiler. First I went to
the Windows Store dashboard page. If you don't have an account, you have to log in or sign up if you don't have a live account. I signed in with my live account. After that, it greeted me with a page where I had to fill in a code which was mailed to me. My local mail server polls every several minutes for email so I had to kick it to get it immediately. I grabbed
the code from
the email and I was presented with a multi-step process to register myself as a company or as an individual. In red I was warned that this choice was permanent and not changeable. I chuckled: Microsoft apparently stores its data on paper, not in digital form. I chose 'company' and was presented with a lengthy form to fill out. On
the form there were two strange remarks: Per company there can just be 1 (one, uno, not zero, not two or more) registered developer, and only that developer is able to upload stuff to
the store. I have no idea how this works with large companies, oh
the overhead nightmares... "Sorry, but John, our registered developer with
the Windows Store is on holiday for 3 months, backpacking through Australia, no, he's not reachable at this point. M'yeah, sorry bud. Hey, did you fill in those TPS reports yesterday?" A separate Approver has to be specified, which has to be a different person than
the registered developer. Apparently to Microsoft a company with just 1 person is not a company. Luckily we're with two people! *pfew*, dodged that one, otherwise I would be stuck forever:
the choice I already made was not reversible! After I had filled out
the form and it was all well and
good and accepted by
the Microsoft lackey who had to write it all down in some paper notebook ("Hey, be warned! It's a permanent choice! Written down in ink, can't be changed!"), I was presented with
the question how I wanted to pay for all this. "Pay for what?" I wondered. Must be
the paper they were scribbling
the information on, I concluded. After all, there's a financial crisis going on! How could I forget! Silly me. "Ok fair enough".
The price was 75 Euros, not
the end of
the world. I could only pay by credit card, so it was accepted quickly. Or so I thought. You see, Microsoft has a different idea about CC payments. In
the normal world, you type in your CC number, some date, a name and a security code and that's it. But Microsoft wants to verify this even more. They want to make a verification purchase of a very small amount and are doing that with a special code in
the description. You then have to type in that code in a special form in
the Windows Store dashboard and after that you're verified. Of course they'll refund
the small amount they pull from your card. Sounds simple, right? Well... no.
The problem starts with
the fact that I can't see
the CC activity on some website: I have a bank issued CC card. I get
the CC activity once a month on a piece of paper sent to me.
The bank's online website doesn't show them. So it's possible I have to wait for this code till October 12th. One month. "So what, I'm not going to use it anyway, Desktop applications don't use
the payment system", I thought. "Haha, you're so naive, dear developer!" Microsoft won't allow you to publish any applications till this verification is done. So no application publishing for a month. Wouldn't it be nice if things were, you know, digital, so things got done instantly? But of course, that lackey who scribbled everything in
the Big Windows Store Registration Book isn't that quick. Can't blame him though. He's just doing his job. Now, after
the payment was done, I was presented with a page which tells me Microsoft is going to use a third party company called 'Symantec', which will verify my identity again.
The page explains to me that this could be done through email or phone and that they'll contact
the Approver to verify my identity. "Phone?", I thought... that's a little drastic for a developer account to publish a single page of information about an external hosted software product, isn't it? On Facebook I just added a page, done. And paying you, Microsoft, took less information: you were happy to take my money before my identity was even 'verified' by this 3rd party's minions! "Double standards!", I roared. No-one cared. But it's
the thought of getting it off your chest, you know. Luckily for me, everyone at Symantec was asleep when I was registering so they went for
the fallback option in case phone calls were not possible: my Approver received an email. Imagine you have to explain
the idiot web of security theater I was caught in to someone else who then has to reply a random person over
the internet that I indeed was who I said I was. As she's a true sweetheart, she gave me
the benefit of
the doubt and assured that for now, I was who I said I was. Remember, this is for a desktop application, which is only a link to a website, some pictures and a piece of text. No file hosting, no payment processing, nothing, just a single page. Yeah, I also thought I was crazy. But we're not at
the end of this quest yet. I clicked around in
the confusing menus of
the Windows Store dashboard and found
the 'Desktop' section. I get a helpful screen with a warning in red that it can't find any certified 'apps'. True, I'm just getting started, buddy. I see a link: "Check
the Windows apps you submitted for certification". Well, I haven't submitted anything, but let's see where it brings me. Oh
the thrill of adventure! I click
the link and I end up on this site:
the hardware/desktop dashboard account registration. "Erm... but I just registered...", I mumbled to no-one in particular. Apparently for desktop registration / verification I have to register again, it tells me. But not only that,
the desktop application has to be signed with a certificate. And not just some random el-cheapo certificate you can get at any mall's discount store. No, this certificate is special. It's precious. This certificate,
the 'Microsoft Authenticode' Digital Certificate, is
the only certificate that's acceptable, and jolly, it can be purchased from VeriSign for
the price of only ... $99.-, but be quick, because this is a limited time offer! After that it's, I kid you not, $499.-. 500 dollars for a certificate to sign an executable. But, I do feel special, I got a special price. Only for me! I'm glowing. Not for long though. Here I started to wonder, what
the benefit of it all was. I now again had to pay money for a shiny certificate which will add 'Solutions Design bv' to our installer as
the publisher instead of 'unknown', while our customers download
the file from our website. Not only that, but this was all about a Desktop application, which wasn't hosted by Microsoft. They only link to it. And make no mistake. These prices aren't single payments. Every year these have to be renewed. Like a membership of an exclusive club: you're special and privileged, but only if you cough up
the dough. To give you an example how silly this all is: I added LLBLGen Pro and ORM Profiler to
the Visual Studio Gallery some time ago. It's
the same thing: it's a central place where one can find software which adds to / extends / works with Visual Studio. I could simply create
the pages, add
the information and they show up inside Visual Studio. No files are hosted at Microsoft, they're downloaded from our website. Exactly
the same system. As I have to wait for
the CC transcripts to arrive anyway, I can't proceed with publishing in this new shiny store. After
the verification is complete I have to wait for verification of my software by Microsoft. Even Desktop applications need to be verified using a long list of rules which are mainly focused on Metro-style applications. Even while they're not hosted by Microsoft. I wonder what they'll find. "Your application wasn't approved. It violates rule 14 X sub D: it provides more value than our own competing framework". While I was writing this post, I tried to check something in
the Windows Store Dashboard, to see whether I remembered it correctly. I was presented again with
the question, after logging in with my live account, to enter
the code that was just mailed to me. Not
the previous code, a brand new one. Again I had to kick my mail server to pull
the email to proceed. This was it. This 'experience' is so beyond miserable, I'm afraid I have to say goodbye for now to
the 'Windows Store'. It's simply not worth my time. Now, about live accounts. You might know this: live accounts are tied to everything you do with Microsoft. So if you have an MSDN subscription, e.g.
the one which costs over $5000.-, it's tied to this same live account. But
the fun thing is, you can login with your live account to
the MSDN subscriptions with just
the account id and password. No additional code is mailed to you. While it gives you access to all Microsoft software available, including your licenses. Why
the draconian security theater with this Windows Store, while all I want is to publish some desktop applications while on other Microsoft sites it's OK to simply sign in with your live account: no codes needed, no verification and no certificates? Microsoft, one thing you need with this store and that's: apps. Apps, apps, apps, apps, aaaaaaaaapps. Sorry, my bad, got carried away. I just can't stand
the word 'app'. This store's shelves have to be filled to
the brim with goods. But instead of being welcomed into
the store with open arms, I have to fight an uphill battle with an endless list of rules and bullshit to earn
the privilege to publish in this shiny store. As if I have to be thrilled to be one of
the exclusive club called 'Windows Store Publishers'. As if Microsoft doesn't want it to succeed. Craig Stuntz sent me a link to an old blog post of his regarding code signing and uploading to Microsoft's old mobile store from back in
the WinMo5 days: http://blogs.teamb.com/craigstuntz/2006/10/11/28357/.
Good read and
good background info about how little things changed over
the years. I hope this helps Microsoft make things more clearer and smoother and also helps ISVs with their decision whether to go with
the Windows Store scheme or ignore it. For now, I don't see
the advantage of publishing there, especially not with
the nonsense rules Microsoft cooked up. Perhaps it changes in
the future, who knows.
