Java: The Most Popular Programming Language

Forget the headline-grabbing revelations of new security flaws, the dogged dissing from Apple and the dire warnings from the U.S. Department of Homeland Security: Java is the world's most popular programming language. That's according to TIOBE Software's latest Programming Community Index.

TIOBE is a Netherlands-based provider of software quality assessment services based on the ISO/IEC 9126 standard. The company ranks the popularity of software languages based on "the number of skilled engineers world-wide, courses, and third-party vendors." The purpose of the Index, the company says, is to provide coders with a kind of contextual yardstick with which to measure their own language skills against current demand.

Ten months after being spanked by C, Java has risen to the top largely because of the popularity of Android mobile devices, the indexers concluded. Java accounted for 18.387 of market share in February, as measured by TIOBE, while C held onto a solid 17.080 percent, followed by Objective-C with 9.803 percent and C++ with 8.758 percent.

The Index also indicated that the popularity of Python is on the rise (4.949 percent, up 1.07 percent over the last half year), with PHP holding steady at 5.074 percent.

Altogether, TIOBE ranks 50 programming languages, though it follows many more. The company emphasizes that the Index measures only the popularity of a language, not its actual quality (no "bests") nor the number of lines of code written in it.

Java also made it to the top of a rival language popularity index: the latest PYPL (PopularitY of Programming Language) Index. This popularity indicator is published by pyDatalog, a provider of a pure-Python implementation of a declarative subset of Prolog, called Datalog. Java topped the PYPL Index in February with a 29 percent market share. PHP came in second with 14.6 percent. C# followed with 10.5 percent, Python with 10.3 percent and C with 9.6 percent (down .9 percent).

The goals of the PYPL indexers are the same as TIOBE's: "If you believe in collective wisdom," the Web site states, "the... index can help you decide which language to study, or which one to use in a new software project."

TIOBE, which has been around a while, tracks the popularity of languages by counting related Web pages; pyDatalog, the new kid on the popularity indexing block, counts how often language tutorials are searched on Google. One tracks availability; one tracks demand. I'm not sure which is the better methodology, but it's useful to be reminded that Java isn't merely a popular target.


Posted by John K. Waters on 02/13/2013 at 10:53 AM1 comments

2013 Challenges for Developers, Part III: Future Challenges

A number of insightful industry watchers got back to me right after the holidays with their thoughts on the challenges facing developers in 2013. (Most of them didn't even seem that hung over.) It was just too much wisdom to cram into two blog posts, so we're going with a Part III.

John R. Rymer, principal analyst at Forrester Research Inc., covers application development and delivery (and writes a killer blog). He agreed with his colleagues that mobile will continue to vex developers, as will the need to learn and employ multiple languages. However, he was surprised (as was I) that the arrival of Windows 8 didn't top more lists.

"[Windows 8] got off to a slow start, by all accounts, but Microsoft is all in on this one," he told me. "It's fair to say that one Microsoft platform era is ending and another is starting. What Microsoft is calling 'the new Windows platform' includes Windows 8 clients, the Windows Runtime API, and the Windows Azure cloud. .NET isn't going away, but it's a server environment, and the relationship among these technologies is really complicated. There's a lot to master there. And then there's the question of when to make the jump to that platform."

Rymer and fellow Forrester analyst Jeffrey S. Hammond published a report in August entitled "The Future of Microsoft: New Options, New Choices, New Risks" that's well worth reading.

Ovum principal analyst Michael Azoff foresees a "big headache" on the horizon for developers caused by fragmentation in app dev precipitated by their struggles with mobile development.

"Mobile of course is the issue," he said. "HTML5 is supposed to be the answer, but it's a bunch of technologies, continually evolving, and part of a spectrum of options when deciding to go native, hybrid or open."

For ZapThink President Jason Bloomberg, the mobile piece is all part of the broad-based trend toward new ways of thinking about distributed computing.

"From the enterprise perspective, mobile -- as well as the browser -- has always been thought of as the user interface endpoint," Bloomberg said. "The thinking goes: All the hardcore work of enterprise development is in the middle tier, and then you do the application tier and let the hippies do the coding on the interface, which you slap on for the end users. That's shifting as our devices become more and more sophisticated. A smartphone is more powerful than a supercomputer from 20 years ago. We have these supercomputers in our pockets, so they can be much more than just interface endpoints. They can actually be a provisionable cloud resource as well."

Another challenge ahead for developers in 2013, Bloomberg said, is sorting out cloudwashed products and services from the real thing. "Cloudwashing" refers to the practice of adding the word "cloud" to existing, essentially unchanged products or services.

"The 2013 cloud computing story is one of maturation," he said, "but also one of the vendors striking back with an increasing effort to cloudwash, as they realize that cloud computing done right would undermine their revenue streams and licensing models. What developers need to understand is that virtualization alone is not the same thing as cloud. That's the seed of confusion that's getting sewn right now. Vendors are saying, we're offering cloud, but they're really offering virtualization. The missing pieces are the automated provisioning configuration and the elastic nature of the cloud, where you can scale up and scale down in an automated fashion. Virtualization alone doesn't offer those parts of the story, and developers need to be aware of that."

Bloomberg has a book coming out later this year, "The Agile Architecture Revolution," from Wiley, John & Sons Inc. Given the quality of his coverage of service-oriented architecture (SOA) and cloud computing over the years, it should probably be on your reading list.

Unsurprisingly, security was on the mind of my favorite fiddle-playing security expert, Gary McGraw, CTO of Cigital Inc., and author/coauthor of many books, including the classic, "Software Security: Building Security In" (Addison-Wesley, 2006).

The top of McGraw's list of challenges for developers in the coming year: secure use of well-known frameworks.

"This is a big question for developers," McGraw said. "From a coding perspective, if you're used to using static analysis tools, they fail when it comes to frameworks, because the control flow goes right down this hole. And the tool goes, 'Oh well, the control flow is gone, so I quit.' Using frameworks securely should be a big issue for developers in 2013. And they should be asking exactly what the guys who are building frameworks are doing to make them secure."

McGraw also pointed to ongoing security issues around Java, which was plagued by exploited vulnerabilities last year.

"Watching all that, it felt like déjà vu all over again," McGraw said. "I looked at my watch and said, holy crap, it's 1997! What's going on is, various people who are in control of Java at a company whose name might start with Ora and end with cle, just haven't been paying attention. They pay a lot of lip service to security at that company, but when push comes to shove, they're not delivering. And when companies that, generally speaking, try to play nice like Apple (emphasis on generally) say they're going to ban Java from their platform, that ought to be a wake-up call."

McGraw will be presenting at this year's RSA security conference. The title of his talk: "The Bug Parade, Zombies, and the BSIMM." (The BSIMM, of course, refers to the Building Security in Maturity Model, the latest incarnation of which I covered back in November.)

Security was also on tech industry watcher Rob Enderle's mind (The Enderle Group), particularly when it comes to the use of open source in the mobile space. So much work is now "pointed at mobile devices," he said, and so many malware writers are employing the strategy of altering good applications, that app builders should reexamine their open source practices in 2013, and "take other measures to ensure someone doesn't hijack your product for illegal purposes."

Enderle also cited analytics as an increasingly critical industry focus and developer opportunity.

"Analytics is one of the big technology advancements this decade," he said, "and using this tool to better understand your existing and potential customer needs and frustrations --and your competitors' weaknesses -- should help assure more successful products and greater customer loyalty. This is also a huge opportunity to think about incorporating these analytics into software products and providing a feedback loop to customers that use them to help you better enhance the products you're creating."

For RedMonk's James Governor, the good news for developers in 2013 -- a wealth of choices -- is also the daunting news.

"Dealing with the abundance of tooling is increasingly an issue," Governor said in an e-mail. "Developers have more choices than ever to make -- whether in data stores, programming languages, management and monitoring, agile methods, approaches to DevOps -- there's innovative stuff happening everywhere."

To support his point, Governor quoted author Clay Shirky's book, "Here Comes Everybody" (Penguin Books, 2009): "We are living in the middle of the largest increase in expressive capability in the history of the human race ... The barrier between producers and consumers, professionals and amateurs, has been -- if not eliminated -- so drastically lowered that it is revolutionizing our society just as the printing press revolutionized medieval Europe."

"That's the world we find ourselves in," Governor said, "and what's particularly interesting is that developers are both the Catholic Church and the Protestants, the High Priests and the upstarts."

In another good news/bad news observation, Governor included software patents on his list of developer challenges for the coming year.

"Software patents continue to be disastrous for software developers," he said, "with trolling from both mega corps like Apple, and a motley band of ambulance chasing IP lawyers, being a huge problem. That said, recent U.S. court cases indicate a willingness of the judiciary to stop the madness. Weirdly, patent law may even be a bright spot in 2013."

Governor is another blogger who should be on your list.

Posted by John K. Waters on 02/06/2013 at 10:53 AM0 comments

Mozilla Unveils Firefox OS Developer Preview Phones

Earlier this month Mozilla announced the first developer preview phones specifically designed for its Firefox OS.

The phones -- two of them -- are being developed by a Spanish startup called GeeksPhone in partnership with Spanish telecom Telefónica. Mozilla says the phones will be available sometime in February.

The devices are the "Keon," a basic smartphone that comes with a 1GHz Qualcomm Snapdragon S1 processor, 4GB of ROM, 512MB of RAM, a 3.5-inch HVGA display, a 3-megapixel camera, MicroSD support, a 1580 mAh battery, and support for 2G and 3G networks; and the "Peak," a more powerful device with a dual-core 1.2GHz Snapdragon S4 processor, a 4.3-inch qHD IPS display, an 8-megapixel rear-facing camera (2-megapixel front), 4GB of ROM, 512MB of RAM and a 1800 mAh battery.

Stormy Peters, director of Web sites and developer engagement at Mozilla, made the announcement on her blog on the Mozilla Hacks Web site. "Developers are critical to the Web and to Mozilla's mission to make the web accessible to everyone," Peters wrote. "Hundreds of millions of people worldwide use Firefox to discover, experience and connect to the Web. A Web based on open standards and open technologies. We couldn't have done this without Web developers. Now we are working on bringing the power of the Web to mobile, through Firefox OS, along with all the power of open standards and an open community, and once again, we'd like to invite web developers to join us."

Mozilla announced plans to develop an open-source, Web-based mobile operating system in 2012. The OS is set for release later this year.

GeeksPhone website welcomes developers to "Say hola to the future," and declares, "Our developer preview devices have been designed to enlighten the Firefox OS experience, giving developers the chance to tap the future of mobile."

But how much of an impact on current approaches to mobile application development will a web-only Firefox OS have? Not much, says Ovum senior analyst Nick Dillon. He sees the Firefox OS as "an interesting academic exercise" comparable in this regard to Google's Chrome OS. The advent of the new mobile operating system is unlikely to facilitate a dramatic change, Dillon writes in an Ovum comment. One reason: There's already plenty of support for HTML5 on the leading smartphone platforms, which means there's no real need for another one to drive adoption of the technology.

"Another significant barrier to the success of Firefox OS," Dillon wrote, "will be cost. The Firefox OS devices will be targeted at emerging markets, where they will be competing with low to mid-tier Android devices. From a consumer perspective, the Firefox OS devices will offer less functionality than comparable Android devices, without access to embedded Google services and the hundreds of thousands of third-party applications available on Android devices."

Developers who don't want to buy the dedicated hardware will still be able to test their applications using the Firefox OS simulator, the company said.

Posted by John K. Waters on 01/31/2013 at 10:53 AM0 comments

Oracle Promises To 'Fix' Java

An Oracle executive has promised to "fix" problems with Java that have left Web sites running the Java plugin vulnerable to malicious hackers and resulted in some high-profile security breaches. Speaking with Java User Group (JUG) leaders during a conference call last week, Oracle's senior product security manager, Milton Smith, said that his company cares about Java security, and has been working on the problem and will continue to do so.

"The plan for Java security is really simple," Smith said. "It's to get Java fixed up -- number one -- and then, number two, to communicate our efforts widely. We really can't have one without the other. No amount of talking or smoothing over is going to make anybody happy or do anything for us. We have got to fix Java..."

Oracle has been working to improve Java security, Smith said, though much of that work has not been publicized. He pointed to new security features, such as a slider on the Java control panel that allows users to effectively disable Java on the browser.

And it is the browser -- or rather, browser plugins, which run applets -- that is the focus of Oracle's security efforts, Smith said.

"The area of concern is the plugin -- so that's applets," he said. "A lot of the attacks that we've seen, and the security fixes that apply to them, have been [about] Java in the browser. It's the biggest target now. We haven't had those sorts of problems or challenges on the servers or embedded devices."

One caller complained that the media are "very loose when they talk about Java security...when most of the trouble has been in a very specific use case for Java [the browser]."

Smith emphasized the need for better communication about Oracle's efforts to secure Java. He argued that many people "don't understand the features that are out there," and the role the end users play in securing their own computers. He said the company plans to reach out to engineers, IT professionals who run data centers and user groups, such as the one addressed in the call.

Donald Smith, Oracle's director of product management in the OpenJDK group, talked about the possibility of using this year's JavaOne conference to communicate more fully with the community about Oracle's security plans and the community's needs. He asked those in attendance for feedback about the idea of a stand-alone Java security track at the conference.

Milton Smith added that Oracle company doesn't know yet precisely what it wants to communicate, but that calls like this one with the JUG leaders was "laying the ground work" for improved communications in the future.

Oracle has been criticized for its handling of Java security, and questions have arisen about the future of client-side Java. Forrester Research analyst told ADTmag in an earlier interview that the steady surfacing of Java security vulnerabilities could kill any chance that Java will play a bigger role on the desktop or mobile devices in the future. IDC analyst Al Hilwa pointed out that any add-on to a browser is going to increase the surface area for security attacks. But he also pointed out that Oracle complicates things by bundling the Java browser extension with the Java runtime environment (JRE).

"Browsers are powerful gateways, and when they're used as platforms for extensions from other vendors (e.g. Java from Oracle or Flash from Adobe) the picture of management and accountability for security becomes complicated," he said. "This is why the industry is shifting to HTML 5 for browser applications, so that the browser vendors own the security of the platform end-to-end."

The Oracle/JUG conference call can be found here.

Posted by John K. Waters on 01/30/2013 at 10:53 AM2 comments

Could Security Woes Eventually Kill Client-Side Java? Analysts Weigh In...

More on this topic:

Client-side Java has a big, bright bull's eye painted on it, and black hats just can't seem to resist shooting at it. Oracle was relatively quick to response to news of the latest critical vulnerability in Java 7 (revealed last Thursday; fixed by Sunday), but many security mavens have been unwilling to tell users that it's safe to enable Java in their browsers again. It didn't help that the U.S. Computer Emergency Readiness Team (US-CERT), which is part of the U.S. Department of Homeland Security (DHS), has issued a warning to Average Joe computer users to disable Java.

After more than a year of headline-grabbing revelations of new security flaws, is it fair to ask whether client-side Java is living on borrowed time? Some industry watchers think so.

Although Java will remain alive and well on the server, says Mike Gualtieri, principal analyst at Forrester Research, the steady surfacing of security vulnerabilities we're seeing today on the client side is likely to kill any chance that Java will play a bigger role on the desktop or mobile devices in the future.

"It's like all Java developers were just diagnosed with a devastating, incurable disease," Gualtieri said. "What are you going to do? Bite your tongue, keep your head down, and keep writing code."

Al Hilwa, program director at industry analyst firm IDC, points out that any add-on to a browser is going to increase the surface area for security attacks. And Oracle complicates things by bundling the Java browser extension with the Java runtime environment (JRE).

"Browsers are powerful gateways, and when they're used as platforms for extensions from other vendors (e.g. Java from Oracle or Flash from Adobe) the picture of management and accountability for security becomes complicated," he said. "This is why the industry is shifting to HTML5 for browser applications, so that the browser vendors own the security of the platform end-to-end."

Java has been gaining popularity as a target for a few years now, observes Jerome Segura, senior security researcher at anti-malware solutions provider Malwarebytes. It surpassed the Adobe Reader about a year ago, which had been the leading target, in part because of changes Adobe made to its sandbox, but largely because Java is now so widely deployed across so many devices and platforms.

It's also Java's inherent complexity that invites exploitation, Segura said, because that quality increases the number of possible bugs in the code, and thus, the number of potential vulnerabilities. Another problem is Oracle's tendency to leave the end users in charge of updates. Oracle's remedy for the current problem, for example, was to fix one of the two bugs behind it directly, and leave the users to update the default security settings to fix the second bug.

Sorin Mustaca, product manager and IT security expert at German security solutions provider Avira, applauds Oracle for acting quickly to fix the latest zero-day vulnerability, but says there's a downside to such fast action.

"When you fix such an important bug in such a short time under high pressure, the result is that you will see even more bugs like that in the future," Mustaca said. "But also, our feeling is that Oracle has gotten into the habit of reacting to a crisis -- to putting out fires -- instead of mitigating. And so this is why we have mixed feelings about this."

Mustaca agrees that Java's widespread deployment lies at the root of its recent appeal as an exploitation target.

"The number of devices has exploded in the past two to three years," he said. "And Java runs on almost all devices. Oracle says that it's on more than three billion of them -- everything from your computer to your car to your frig. And it's an accepted technology, even by Apple. So of course it's going to be a target, and of course we are going to react strongly when it is exploited. It has a much bigger impact."

Hilwa points out that Java has attracted the attention of the "malware industrial complex," which is evolving into a "fast moving, well capitalized underworld of software-for-hire available to anyone willing to pay." Automated kits that are now available to exploit any security hole within days, if not hours, after they become known.

"The ante is regularly upped by the malware industry," he said, "and companies who want to be in the plug-in business are essentially engaged in an arms race. And it's relatively difficult for end-users to verify the safety of all the different browsers they use. This puts the onus on Enterprise IT to create awareness for their users. So Oracle needs to step up their investment. No doubt the company understands this now."

Posted by John K. Waters on 01/16/2013 at 10:53 AM4 comments

2013 Challenges for Developers, Part II: Demand for Multiple Language Skills

By this time last year, the term "polyglot programmer" had entered the IT lexicon, and there was plenty of talk about the strategic advantage of learning to use a wider variety of programming languages, frameworks, databases, interface technologies and other development tools. Last year's strategic advantage may be evolving into this year's survival strategy.

"I would argue that developers need to be fluent in multiple languages now," said Forrester analyst Jeffrey S. Hammond. "I see that in my data: I've talked about the multilingual developer who programs in no single language more than 50 percent of the time, and that's definitely on the rise. I don't see how you get away with just being a C++ developer or a C# developer or a Java developer anymore."

Hammond is a leading expert on open-source software, next-generation mobile, open Web and client architectures, and software development productivity. He writes regularly on those topics for Forrester's application development and delivery blog. He believes that the need for multiple language skills may be one of the biggest challenges facing some developers in 2013.

"There's just a tremendous amount of stuff that developers have to learn if they want to keep their skills up to what the market is going to be demanding of them in 2013 and beyond," he said. "Think about all the things you've got to understand now to build modern applications. You have to be able to use either a cross platform tool or you have to pick up Objective C or Android Java or C#. You have to learn how to consume and use all these RESTful Web services. You've got to understand the ins and outs of Amazon Web Services and how to build a scale-out system that runs in the cloud. It's a hell of a lot of homework, but necessary if you want to limit the constraints on your career opportunities in the long term."

What additional language skills are codederos likely to seek in 2013? 

"I'm seeing the re-emergence for JavaScript," Hammond said. "I'm seeing lots of demand in the mobile space for Node.js skills, and a lot of these JavaScript frameworks. And I'm seeing more and more HTML5 development being done. But in some ways, this may be the year for developers who don't know JavaScript to learn it—and to really understand that it's not just for making things pretty on the client side."

Jay Lyman, a senior analyst at 451 Research who covers open-source software in the enterprise, application development, systems management and cloud computing, sees the polyglot programming trend "unfolding in parallel to DevOps," as more software developers and system administrators leverage more tools and languages for different advantages.

"For example," Lyman said in an e-mail, "while Java and .NET still dominate enterprise applications, we see more use of PHP, Ruby, Python and other languages for Web, mobile and enterprise applications; Erlang or Scala for concurrency on the back end; node.js for greater performance; HTML5 and JavaScript for user interfaces, etc. We also see use of a greater number and variety of database technologies, including NoSQL databases, Cassandra and Hadoop for 'big data,' and also use of a variety of infrastructures to develop, deploy and support applications, including traditional datacenters [and] public and private clouds."

Mike Gualtieri, principal analyst at Forrester, agrees that the demand for multi-language skills is likely to put more pressure on developers in 2013: "A polyglot programming norm means more homework," he said in an e-mail. "The trend towards using multiple programming languages including scripting languages is a constant challenge for developers. It means that they have more homework to do to keep up with all the new languages and programming languages."

He added: "Is this God's programming Tower of Babel to punish Sun for screwing up Java and Oracle for acquiring Sun?"

Posted by John K. Waters on 01/11/2013 at 10:53 AM0 comments

2013 Challenges for Developers, Part I: Mobile and Cloud

In 2013, life for developers is going to get interesting, say industry watchers -- which sounds great until you remember that old (purportedly) Chinese curse. Living in "interesting times" is likely to prove challenging to hard-working codederos.

Dana Gardner, president and principal analyst for Interarbor Solutions (and a must-read blogger) sees 2013 as the time for developers to make strategic bets on both mobile and cloud, but he also advises caution.

"Sorting out the Web-vs-native development equation (and how to best target the most devices) gets trickier in 2013," he said. "Selling software as native apps is costly and high-stakes. Web-only is lower in costs and may get better adoption, but with really low margins, usually. The bottom line is that developers need to be better at forward-looking business development and micro-economics, no matter how good they are at their coding crafts."

If you want to see where this particular debate is headed, Gardner said, keep your eyes on current trends in game development. He points to cross-platform PC-based virtual environments with cloud services, such as Steam, vs. proprietary consoles, or more pure SaaS games, such as Minecraft.

While you're sorting out "Web-vs-native," you're also going to have to think carefully about picking cloud partners, both in terms of the technology and the relationship, Gardner said. Start by asking yourself a lot of questions.

"PaaS strategies and making the right choices about them have huge implications for next five years," Gardner said. "Losing control to a PaaS may be advantageous in economic and risk terms, but it's still a big bet. Are there ways to hedge? Should a multi-PaaS approach hold for the near term? If tools and IDEs are nearly the same, what not chose a multi-PaaS approach? Write once, PaaS anywhere? Will enterprises also go for multiple sources on PaaS or pick one? Developers should have a say in these decisions, as ISVs and as enterprise dev players."

"The good news," Gardner added, "is that CIOs and enterprise strategists are sorting this out too, and a developer with strong insights can rise quickly by reducing uncertainty and bringing clarity to the planning process. So developers should raise their hands and be heard, not sit back and wait for the dictates from above at this dynamic stage in the business."

Randy Heffner, vice president and principal analyst at Forrester Research, is a leading expert on architectures and design approaches to building enterprise applications (and another blogger worth reading). He agrees that 2013 will a big year for developers defining their mobile strategies, but he argues that those decisions need to be made within the context of "cross-channel interaction."

"It is easy to be all about getting a mobile app out there and to forget that what your customers and employees really need is to be effective across mobile, Web, voice, e-mail, social, and other channels," Heffner said. "Even if today's challenge is focused on mobile, if you don't consider how today's mobile app will, in the future, grow to be cross-channel, you're building in significant rework."

Heffner goes into this point in detail in his November 2012 report, "Use a Reference Architecture to Speed Cross-Channel Digital Experience Delivery."

Heffner also believes that finding a new way to think about integration is going to be a critical developer challenge in 2013.

"The old mindset for integration is that its purpose is to connect and reconcile among siloed applications," he said. "When you add to this the proliferation of integration technologies and patterns (SOA, BPM, CEP, business rules, etc.), you start adding technology silos on top of the application silos. What we need is an integrated view that focuses on the real goal of business technology: building an effective, agile business. Rather than putting siloed applications at the center of the design model, we need to put the design of our business at the center.

Heffner calls this idea "digital business design," and he blogs on the topic here.

Al Hilwa, program director for IDC's application development software research, believes that the biggest challenge facing developers in 2013 boils down to effective navigation of their platform choices.

"The world is quickly shifting to one where applications, both on the client and the server, have many choices of platforms competing for developer affectations," Hilwa said. "For applications targeting consumers, and even for those targeting enterprises in the age of BYOD, choices have to be made about which platforms to support and which to leave behind or defer until a later time. For each of the major platforms, like iOS or Android, the developers are aware that their potential users are making selections between ecosystems of content and services, and so they must make choices that are similar to target those users. Once a platform is chosen, then decisions have to be made about whether to approach the application development with native tools or with Web tools targeting mobile browsers, where much of the code can be leveraged for supporting other platforms."

"However, targeting HTML5 involves compromises in functionality and performance that also require careful navigation," he added. "On back-end platforms, developers have to choose cloud services, whether to operate on IaaS and spin their own machines or whether to use more curated models which support certain programming languages in a more intimate fashion. Fundamentally, 2013 is a year of developer choices to an even greater degree than any other which preceded it, and with these choices come a lot of anguish and agonizing."

Hilwa's latest research reports are available on the IDC Web site.

Mike Gualtieri, principal analyst at Forrester Research (and no-nonsense blogger), offers a succinct New Year's recommendation for developers:

"Write a mobile app already," he said. "You gotta have mobile app development on your resume. Even if it just means you downloaded the Android SDK or Apple Xcode and hacked out a test app. Carve out a Saturday afternoon and just do it. That's all the time it will take if you are already a pro Java, C# or C++ developer. Now you can talk with some authority about mobile app development because your next job will probably depend on it."



Posted by John K. Waters on 01/07/2013 at 10:53 AM1 comments

Developers Create Mobile Facebook App with HTML 5

I should probably send Facebook CEO Mark Zuckerberg a thank-you note. Ever since he told reporters that the biggest mistake his company had made so far was "betting too much on HTML 5 rather than native" in its mobile software development strategy, I've heard from a lot of interesting and creative HTML 5 users with, as you might guess, a slightly different view of the latest incarnation of the venerable markup language. Last week I sat down with two developers who took Mr. Zuckerberg's comment as a challenge.

"We don't want to dis the Facebook team," Jacky Nguyen told me. "The Facebook app is hard, and there are a lot of things about it that make it difficult to build an awesome app that these guys grappled with. But they threw HTML 5 under the bus instead of facing the fact that this was a difficult programming problem that's just as hard to do on native."

Nguyen is lead architect for a Redwood City, Calif.-based company called Sencha, which makes standards-based Web development products, including some HTML 5-based frameworks. He and Jamie Avins, who leads the company's graphics team, were "irked" (their word) by the fear, uncertainty, and doubt Zuckerberg's comment seemed to spread about HTML 5. And they set out, in their spare time, to prove him wrong.

"We got a little mad," Avins admits. "There are a lot of us who believe in this technology, and we don't like it when people say it sucks. We actually saw [Zuckerberg's comment] as a real problem. I went to Jacky and I said, OK, what's it going to take to do this thing? We spent some time researching exactly what they were doing [at Facebook] and what the challenges would be, and Jacky went at it head on."

The two looked under the hood of the FB mobile application, where they say they discovered that most of the so-called native iOS app actually used Web technologies. But the news feed -- the hardest part from a technical standpoint -- was definitely native. That's the part Nguyen rebuilt in HTML 5. He used his company's mobile app framework, Sencha Touch, which is the cornerstone of the Sencha HTML 5 platform. Nguyen matched the look and feel of the FB app, though he didn't build in every feature. In addition to the news feed, he built a multi-touch photo viewer (including pinch, pan, zoom, etc.); the user profile page; the overlays for notifications, friend requests, and messages; and sliding menus.

On Monday, Sencha unveiled the fruits of Nguyen and Avins' labors: "Fastbook," an HTML 5 app for iOS and Android, built entirely in HTML 5, which mimics Facebook's native app, including real FB data access via Facebook's API. A video demo of the app is available on Video. Nguyen and Avins also blogged on the release.

I got to see a demo of the new app on a basket of Apple and Android phones -- including my own iPhone 4S. It performed as advertised.

One of the problems with the public perception of HTML 5 in general, says Paul Kopacki, Sencha's VP of marketing, is that many people think it's just a markup language that's little better than HTML 4.01. But HTML 5 introduced new elements and attributes, full CSS3 support, new audio and video support, 2-D and 3-D graphics, local storage, a local SQL database, Web applications and APIs that can be used with JavaScript.

"When people go wrong with HTML 5, nine times out of ten, they're thinking of it as Web-dev technology," he said. "But it's really a set of app-dev technologies designed to make the browser a legitimate app runtime."

Kopacki also reminded me that there was a bit more to Zuckerberg's now infamous comment than typically gets talked about. He went on to say that "…it's not that HTML 5 is bad. I'm actually, on long-term, really excited about it."

"HTML 5 doesn't have a marketing department," Kopacki added. "Just folks like us, who don't own it, but who love it and believe in it. And we think 2013 is going to be a big year for HTML 5."

On Monday, the standards-setting Worldwide Web Consortium (W3C) announced that HTML 5 and the Canvas 2D specification are now feature complete.

"The broader the reach of Web technology, the more our stakeholders demand a stable standard," W3C CEO Jeff Jaffe said in a statement. "As of today, businesses know what they can rely on for HTML 5 in the coming years, and what their customers will demand. Likewise, developers will know what skills to cultivate to reach smart phones, cars, televisions, ebooks, digital signs and devices not yet known."

About 63 percent of Web and application developers are actively using HTML 5, the W3C said in the announcement.

Sencha also announced the "HTML 5 is Ready App Contest," which invites Sencha developers to build their own apps that "prove the power of HTML 5." The company is offering $20,000 in cash and "cutting edge devices" as prizes. The contest is open now. Details are available here.

Posted by John K. Waters on 12/20/2012 at 10:53 AM2 comments

JVM Language Kotlin Hits Milestone 4

Kotlin, the JVM-targeted programming language developed by software development toolmaker JetBrains, passed its fourth milestone this week. The big upgrades in Kotlin M4 (besides the 128 "closed issues") are its improved compatibility with JDK 7 and the introduction of KAnnotator, a tool for automatically annotating developer libraries.

Kotlin project lead Andrey Breslav announced the latest milestone release on the Project Kotlin blog post. Breslav, who is also serves in a Java Community Process expert group for JSR-335 (Project Lambda), said the milestone was released from "under snow," with a link to photos of the Prague street where the company is headquartered buried under the white stuff.

This milestone release improves on the type argument inference (its faster), tweaks the code completion feature, and makes it possible to copy and instance of a data class (data classes were introduced in Kotlin M3) and selectively change some of its properties while keeping the object immutable.

Breslav waxed poetic about the addition of the KAnnotator tool in this release: "A programmer is a lazy creature, and by virtue of our laziness, we want to automate as much as we can," he wrote. "And today, along with Kotlin M4, we roll out KAnnotator: a tool that annotates your libraries automatically (the tool is written in Kotlin, of course)."

Developers simply tell KAnnotator to infer annotations from their jar files, and it then writes them to XML. Breslav shows an example of annotations for methods and fields that can be added to projects and are visible to both the Java IDE and the Kotlin compiler. He adds that this new tool "will grow much smarter" in future versions.

The Czech maker of the code-centric Java IDE, IntelliJ IDEA, began developing Kotlin in 2010 and released it in July 2011 for distribution under Apache 2 Open Source License. Kotlin is a statically typed language similar to Scala, Gosu, Ceylon, and Fantom. It compiles to both JVM byte code and JavaScript. The company has claimed that the language will be more stable at runtime than Java, because it can statically check weak points and it supports things like variable type interface, closures, extension functions, and mix-ins.

"We know that Java is going to stand long, but we believe that the community can benefit from a new statically typed JVM-targeted language free of the legacy trouble and having the features so desperately wanted by the developers," Breslav said at the time.

The company released the first Kotlin milestone (M1) in April 2012 with a plugin for the JetBrains IntelliJ IDEA dev tool suite. The second milestone release, Kotlin M2, was released in June with the added ability to compile Kotlin code to JavaScript within the IDE. The Kotlin plug-in requires the IntelliJ IDEA. Running Kotlin on Android requires the Android SDK.

According to Wikipedia, Kotlin is the name of a Russian island located near the head of the Gulf of Finland, 20 miles west of Saint Petersburg in the Baltic Sea. One of JetBrains’ development offices is located in Saint Petersburg.

Kotlin is currently under active development, More information is available on the Kotlin Web site, and the Kotlin issue tracker. The source code is also available on GitHub.

Posted by John K. Waters on 12/12/2012 at 10:53 AM1 comments

Upcoming Events


Sign up for our newsletter.

I agree to this site's Privacy Policy.