extrait : "The next on-premises/hybrid version of Windows Server, called Windows Server 2022, is now available in preview. It introduces advanced multilayer security, hybrid capabilities with Azure, and a flexible application platform, Microsoft says, and “secured-core capabilities” based on Windows Defender System Guard and virtualization security models to minimize the risk from firmware vulnerabilities and new forms of malware."

Year after year, I wonder if behind this security push is hidden the fact that this is now virtually impossible for an ISV to get their products downloaded and installed from the web. I mean aside Microsoft business partners, who probably get a pass.

You can believe this is a free market. It isn't. If you're an ISV shipping software for Windows, the most used PC OS on earth, Microsoft is putting you out of business by not letting you in in the first place.
Actually, it's not just Microsoft that is blocking you. Before you can even install software, it's quite possible actually that Google Chrome, the most used web browser right now out there, may block it for some reason, either because "it's not known enough" (I kid you not), or because whatever arbitrary rules it has in place after each and every release (the cadence of release is now increased to one every 4 months). Saying I don't use Chrome so I don't care is not valid, because your customers do use Chrome. And if they use Microsoft's default web browser, Edge, it's now based on Chrome. So you are screwed regardless.

If you think that stops here, you are being innocent. Of course if you ship software, at some point, you sell it, so you need a payment system. Turns out that payment systems are being more coerced these days, adding rules and breaking things apart every year or so. At some point, those changes made it impossible for me to both sell new software and get money for existing sales. Those problems have been solved last year, but to make it perfectly clear, I expect more coercion more road blocks at any time, and no way out. To say that this is not a stable environment to begin with is an understatement.

If you think this isn't enough, you are being delusional. It gets even worse. Your software is download from your website. Your website is hosted by a web hosting company, right ? Now why wouldn't you expect this hosting company to put road blocks every now and then in the name of security (i.e. bullshit most of the time), or else. Let's only take this example of SSL certificates made invalid over night and forcing you and your customers to use whatever SSL protocol the hosting company chose, like TLS 1.3 or even TLS 2.0, and by doing so making it impossible for a customer using a 5-year old PC to even connect to your website? There are many ways to screw you : force a PHP upgrade and it breaks your website overnight ; force OpenSSL off and connections do not work anymore, not even your emails ; make you responsible for email spams even though you are in the receiving end ; force you to rewrite MySQL code ; ... the list is endless.



And if you say it's not a problem because there are at least as many customers outside in the mobile world, putting aside that these are not the same customers, you are screwed as well because Apple and Google have a say in what you are trying to ship, in addition to hundreds of coercion rules from app stores.

All that means is that if you're an ISV these days, you are actually better off just giving up and becoming a plumber.