Yesterday, Microsoft revealed that the Windows Store is now open
to all developers in a wide range of countries and locations. For the people who think "wtf is the 'Windows Store'?", it's the central place where Windows 8 users will be able
to find, download and purchase applications (or as we now have
to say
to not look like a computer illiterate: <accent style="Kentucky">aaaaappss</accent>) for Windows 8. As this is the store which is integrated into Windows 8, it's an interesting place for ISVs, as potential customers might very well look there first. This of course isn't true for all kinds of software, and developer tools in general aren't the kind of applications most users will download from the Windows store, but a presence there can't hurt. Now, this Windows Store hosts two kinds of applications: 'Metro-style' applications and 'Desktop' applications. The 'Metro-style' applications are applications created for the new 'Metro' UI which is present on Windows 8 desktop and Windows RT (the single color/big font fingerpaint-oriented UI). 'Desktop' applications are the applications we all run and use on Windows today. Our software are desktop applications. The Windows Store hosts all Metro-style applications locally in the store and handles the payment for these applications. This means you upload your application (sorry, 'app')
to the store, jump through a lot of hoops, Microsoft verifies that your application is not violating a tremendous long list of rules and after everything is OK, it's published and hopefully you get customers and thus earn money. Money which Microsoft will pay you on a regular basis after customers buy your application. Desktop applications are not following this path however. Desktop applications aren't hosted by the Windows Store. Instead, the Windows Store more or less hosts a page with the application's information and where
to get the goods. I.o.w.: it's nothing more than a product's Facebook page. Microsoft will simply redirect a visitor of the Windows Store
to your website and the visitor will then use your site's system
to purchase and download the application. This last bit of information is very important. So, this morning I started with fresh energy
to register our company 'Solutions Design bv' at the Windows Store and our two applications, LLBLGen Pro and ORM Profiler. First I went
to the Windows Store dashboard page. If you don't have an account, you have
to log in or sign up if you don't have a live account. I signed in with my live account. After that, it greeted me with a page where I had
to fill in a code which was mailed
to me. My local mail server polls every several minutes for email so I had
to kick it
to get it immediately. I grabbed the code from the email and I was presented with a multi-step process
to register myself as a company or as an individual. In red I was warned that this choice was permanent and not changeable. I chuckled: Microsoft apparently stores its data on paper, not in digital form. I chose 'company' and was presented with a lengthy form
to fill out. On the form there were two strange remarks: Per company there can just be 1 (one, uno, not zero, not two or more) registered developer, and only that developer is able
to upload stuff
to the store. I have no idea how this works with large companies, oh the overhead nightmares... "Sorry, but John, our registered developer with the Windows Store is on holiday for 3 months, backpacking through Australia, no, he's not reachable at this point. M'yeah, sorry bud. Hey, did you fill in those TPS reports yesterday?" A separate Approver has
to be specified, which has
to be a different person than the registered developer. Apparently
to Microsoft a company with just 1 person is not a company. Luckily we're with two people! *pfew*, dodged that
one, otherwise I would be stuck forever: the choice I already made was not reversible! After I had filled out the form and it was all well and good and accepted by the Microsoft lackey who had
to write it all down in some paper notebook ("Hey, be warned! It's a permanent choice! Written down in ink, can't be changed!"), I was presented with the question how I wanted
to pay for all this. "Pay for what?" I wondered. Must be the paper they were scribbling the information on, I concluded. After all, there's a financial crisis going on! How could I forget! Silly me. "Ok fair enough". The price was 75 Euros, not the end of the world. I could only pay by credit card, so it was accepted quickly. Or so I thought. You see, Microsoft has a different idea about CC payments. In the normal world, you type in your CC number, some date, a name and a security code and that's it. But Microsoft wants
to verify this even more. They want
to make a verification purchase of a very small amount and are doing that with a special code in the description. You then have
to type in that code in a special form in the Windows Store dashboard and after that you're verified. Of course they'll refund the small amount they pull from your card. Sounds simple, right? Well... no. The problem starts with the fact that I can't see the CC activity on some website: I have a bank issued CC card. I get the CC activity once a month on a piece of paper sent
to me. The bank's online website doesn't show them. So it's possible I have
to wait for this code till October 12th.
One month. "So what, I'm not going
to use it anyway, Desktop applications don't use the payment system", I thought. "Haha, you're so naive, dear developer!" Microsoft won't allow you
to publish any applications till this verification is done. So no application publishing for a month. Wouldn't it be nice if things were, you know, digital, so things got done instantly? But of course, that lackey who scribbled everything in the Big Windows Store Registration Book isn't that quick. Can't blame him though. He's just doing his job. Now, after the payment was done, I was presented with a page which tells me Microsoft is going
to use a third party company called 'Symantec', which will verify my identity again. The page explains
to me that this could be done through email or phone and that they'll contact the Approver
to verify my identity. "Phone?", I thought... that's a little drastic for a developer account
to publish a single page of information about an external hosted software product, isn't it? On Facebook I just added a page, done. And paying you, Microsoft, took less information: you were happy
to take my money before my identity was even 'verified' by this 3rd party's minions! "Double standards!", I roared. No-one cared. But it's the thought of getting it off your chest, you know. Luckily for me, everyone at Symantec was asleep when I was registering so they went for the fallback option in case phone calls were not possible: my Approver received an email. Imagine you have
to explain the idiot web of security theater I was caught in
to someone else who then has
to reply a random person over the internet that I indeed was who I said I was. As she's a true sweetheart, she gave me the benefit of the doubt and assured that for now, I was who I said I was. Remember, this is for a desktop application, which is only a link
to a website, some pictures and a piece of text. No file hosting, no payment processing, nothing, just a single page. Yeah, I also thought I was crazy. But we're not at the end of this quest yet. I clicked around in the confusing menus of the Windows Store dashboard and found the 'Desktop' section. I get a helpful screen with a warning in red that it can't find any certified 'apps'. True, I'm just getting started, buddy. I see a link: "Check the Windows apps you submitted for certification". Well, I haven't submitted anything, but let's see where it brings me. Oh the thrill of adventure! I click the link and I end up on this site: the hardware/desktop dashboard account registration. "Erm... but I just registered...", I mumbled
to no-one in particular. Apparently for desktop registration / verification I have
to register again, it tells me. But not only that, the desktop application has
to be signed with a certificate. And not just some random el-cheapo certificate you can get at any mall's discount store. No, this certificate is special. It's precious. This certificate, the 'Microsoft Authenticode' Digital Certificate, is the only certificate that's acceptable, and jolly, it can be purchased from VeriSign for the price of only ... $99.-, but be quick, because this is a limited time offer! After that it's, I kid you not, $499.-. 500 dollars for a certificate
to sign an executable. But, I do feel special, I got a special price. Only for me! I'm glowing. Not for long though. Here I started
to wonder, what the benefit of it all was. I now again had
to pay money for a shiny certificate which will add 'Solutions Design bv'
to our installer as the publisher instead of 'unknown', while our customers download the file from our website. Not only that, but this was all about a Desktop application, which wasn't hosted by Microsoft. They only link
to it. And make no mistake. These prices aren't single payments. Every year these have
to be renewed. Like a membership of an exclusive club: you're special and privileged, but only if you cough up the dough.
To give you an example how silly this all is: I added LLBLGen Pro and ORM Profiler
to the Visual Studio Gallery some time ago. It's the same thing: it's a central place where
one can find software which adds
to / extends / works with Visual Studio. I could simply create the pages, add the information and they show up inside Visual Studio. No files are hosted at Microsoft, they're downloaded from our website. Exactly the same system. As I have
to wait for the CC transcripts
to arrive anyway, I can't proceed with publishing in this new shiny store. After the verification is complete I have
to wait for verification of my software by Microsoft. Even Desktop applications need
to be verified using a long list of rules which are mainly focused on Metro-style applications. Even while they're not hosted by Microsoft. I wonder what they'll find. "Your application wasn't approved. It violates rule 14 X sub D: it provides more value than our own competing framework". While I was writing this post, I tried
to check something in the Windows Store Dashboard,
to see whether I remembered it correctly. I was presented again with the question, after logging in with my live account,
to enter the code that was just mailed
to me. Not the previous code, a brand new
one. Again I had
to kick my mail server
to pull the email
to proceed. This was it. This 'experience' is so beyond miserable, I'm afraid I have
to say goodbye for now
to the 'Windows Store'. It's simply not worth my time. Now, about live accounts. You might know this: live accounts are tied
to everything you do with Microsoft. So if you have an MSDN subscription, e.g. the
one which costs over $5000.-, it's tied
to this same live account. But the fun thing is, you can login with your live account
to the MSDN subscriptions with just the account id and password. No additional code is mailed
to you. While it gives you access
to all Microsoft software available, including your licenses. Why the draconian security theater with this Windows Store, while all I want is
to publish some desktop applications while on other Microsoft sites it's OK
to simply sign in with your live account: no codes needed, no verification and no certificates? Microsoft,
one thing you need with this store and that's: apps. Apps, apps, apps, apps, aaaaaaaaapps. Sorry, my bad, got carried away. I just can't stand the word 'app'. This store's shelves have
to be filled
to the brim with goods. But instead of being welcomed into the store with open arms, I have
to fight an uphill battle with an endless list of rules and bullshit
to earn the privilege
to publish in this shiny store. As if I have
to be thrilled
to be
one of the exclusive club called 'Windows Store Publishers'. As if Microsoft doesn't want it
to succeed. Craig Stuntz sent me a link
to an old blog post of his regarding code signing and uploading
to Microsoft's old mobile store from back in the WinMo5 days: http://blogs.teamb.com/craigstuntz/2006/10/11/28357/. Good read and good background info about how little things changed over the years. I hope this helps Microsoft make things more clearer and smoother and also helps ISVs with their decision whether
to go with the Windows Store scheme or ignore it. For now, I don't see the advantage of publishing there, especially not with the nonsense rules Microsoft cooked up. Perhaps it changes in the future, who knows.
