Is there any prevention methods for removing `IsTrial` and trivially cracking WinRT applications?

Question

I read an article about reverse engineering windows 8 applications. One of the most concerning things is how easily they are modified, yet how Microsoft also includes licensing in them.

Of particular note is Javsscript(though C# is also vulnerable with IL-rebuilding). They provide the function LicenseInformation.IsTrial(). However, as stated in the article, if you change a few permissions, you can directly edit the javascript and just replace IsTrial with false.

This article was made in a very early(first) public release of Windows 8 though. What measures have they done to prevent modifications from happening in the current release version? Should Javascript applications be regarded as impossible to monetize?

Answer 1

App packages are signed and are periodically checked for tampering. Windows will not start a packaged app that has been flagged as having been tampered with (modifying files in the package is a form of tampering).

The "App packages and deployment" documentation page states:

All packages must be signed with a trusted signature. This enables Windows to confirm the identity of the signer and verify that the contents of the package haven't been tampered with. Windows won't deploy an unsigned package.

The "Signing an app package" documentation page states:

If any files in an installed package are modified, signing verification might prevent the app from launching.

That said, there's no technical restriction preventing someone from cracking open the app package and building a new, modified package. To do this, a developer license is required. At this point, though, it's no different from any other program that a user can download and install.