Win32 is the only official way to "side-load" applications to a Windows box (ie. not through their store). That's reason enough for me to reject Windows systems that don't have an open Win32 environment.
Every recent architecture change was used to lock down Windows:
Windows on x86-64 enforces driver signing harder than Windows on x86.
Windows 8 enforces Microsoft signed Modern UI apps.
Windows on ARM enforces full lock down (drivers, Win32 apps, Modern UI apps, bootloader).
It also prevents those signed Modern UI apps to run their own JIT. While one could argue that this is for security (inability to mark data as executable code after the fact, and so on), it's not even possible to use the CLR JIT on your own dynamically generated byte code, which might be a crude workaround for other VMs (JS, Java, ...): add a CLR target.
If the CLR JIT is considered unsafe, Microsoft should disable it altogether (but that would slow down the platform even more), but if it's safe they should make it available to developers.
This isn't about security, it's about their competition.
Open Win32 is what keeps Microsoft somewhat honest (since they can't simply lock it down that way, as long as they keep caring about compatibility). The only redeeming part of the Windows on ARM story is that it doesn't matter commercially. May it stay that way.
Every recent architecture change was used to lock down Windows: Windows on x86-64 enforces driver signing harder than Windows on x86. Windows 8 enforces Microsoft signed Modern UI apps.
Windows on ARM enforces full lock down (drivers, Win32 apps, Modern UI apps, bootloader). It also prevents those signed Modern UI apps to run their own JIT. While one could argue that this is for security (inability to mark data as executable code after the fact, and so on), it's not even possible to use the CLR JIT on your own dynamically generated byte code, which might be a crude workaround for other VMs (JS, Java, ...): add a CLR target.
If the CLR JIT is considered unsafe, Microsoft should disable it altogether (but that would slow down the platform even more), but if it's safe they should make it available to developers. This isn't about security, it's about their competition.
Open Win32 is what keeps Microsoft somewhat honest (since they can't simply lock it down that way, as long as they keep caring about compatibility). The only redeeming part of the Windows on ARM story is that it doesn't matter commercially. May it stay that way.