Google has petitioned the U.S. Supreme Court to hear its argument against Oracle's now four-year-old claim that 37 Java APIs used in the Android OS violated copyright (details in this report). It's an important question, and in my opinion, one worthy of the high court.
Google's decision wasn't a surprise to Forrester analyst John R. Rymer, who told me he expected the search engine giant to take its case all the way to the Supreme Court if it received an unfavorable ruling at the appellate level. He added that he has noticed "zero impact" on the Java community over the past four years from this "vendor drama."
"If Google wins, the status quo prevails; if Oracle wins, then Google will either have to strip out Oracle-patented IP or pay Oracle for the right to use its IP," he said. "In the latter case, Google will 'own a piece of Android,' a nice position given that Java ME is a nonstarter among smartphone and tablet OSs."
Martijn Verburg, CEO of jClarity, a startup focused on automating optimization for Java and JVM-related technologies, and co-leader of the London Java Users' Group, is also sanguine about the effect of the rulings on the Java community so far.
"I don't think the current ruling was all that bad for the industry," he said in an e-mail. "Although there's a fair amount of FUD about the decision, you can still copy or use appropriately OSS-licensed APIs, which constitute the vast majority of the Java ecosystem, and there's still a strong argument that most folks will be okay under the Fair Use clause (for example, Mono) or the lesser-known 'It's such a small portion of the API, which is okay as well' clause, which would cover a lot of individual developers who are just copying a handful of APIs here and there."
Verburg also believes that there's a general consensus in the Java community that Oracle should come out on top in this dispute. "Java developers in general are (grudgingly in some cases) pretty happy with the way Oracle is treating Java," he said, "even if they've mistreated other OSS communities that they took over from Sun."
The last time I talked with Wayne Citrin, CTO of NetBridge, about this lawsuit, he argued that it would be best for Java -- and Oracle -- if Google wins. He hasn't changed his opinion. "The more people with the opportunity to use Java, in more contexts, can only be good for Java (and, by extension, good for Oracle)," he said. "I can see Oracle's interest in protecting Java from undesirable branching, but I really don't see that as a problem here. If Oracle wins, I see something of the opposite happening. Restricting the breadth of use of Java can't be good for the Java community (and, by extension, for Oracle)."
Citrin added that, although the stakes are highest for the Android community in this case, the wider Java community isn't likely to feel much of an impact, whatever the decision. He said he hasn't noticed any negative effects from the rulings so far. "Maybe that's because most of the Java runtimes that are being used either come from Oracle or come from companies who have gotten their ducks in a row and are okay with Oracle," he said.
A final ruling in Oracle's favor would trouble Miko Matsumura. Now vice president of Developer Relations at Hazelcast, Matsumura has been watching the Java space since he served as chief Java evangelist at Sun Microsystems in the late '90s. He agrees that there might be value in protecting some APIs with explicit licensing terms, but he sees merit in Google's argument about stifled innovation.
"The software industry today has been a thriving wellspring of innovation and competition based on [Bill Gates'] 'embrace and extend' and [Sun CEO Scott McNealy's] 'open interfaces, compete on implementation.' The inherent danger in siding with Oracle on this is that it creates a huge liability on existing software that would stifle creativity and innovation and shift billions of dollars away from software engineering towards software IP litigation."
IDC analyst Al Hilwa believes that copyright protection of 95 years (which was established by Congress for corporate authorship in 1998) is far too long. But he's not so sure about the argument that copyrights stifle technology innovation. "I think there is always a tension between unadorned innovation and breaking the rules," he said, "and we are always navigating this tension. If we could share everything without patents or copyrights, no doubt things would move faster, but there has to be a balance, and the sheer velocity of innovation is not always an absolute value held by everyone. It is up to the courts to navigate this balance."
Given the times we live in, the long "vendor drama" has seemed a strange affair to Dana Gardner, principal analyst at Interarbor Solutions.
"At a time when there's clamor for the removal, or at least reform, of patents on software, it's ironic and archaic that copyright is being invoked to keep open source software code under long-term commercial control," Gardner said. "Seeing as Java was touted as 'open source' under Sun's last gasps, and Oracle could not thwart Google's clean-room implementation of a Java runtime for Android -- it's apparent true goal -- copyright always seemed like a Hail Mary affair in the Java case."
Gardner believes the Supreme Court should hear this case, because of the opportunity it presents to settle some important questions. "The U.S. Supreme Court could now use this case to make some bold and needed determinations about real-world software use, and modernize and bring clarity to its common sense rights and extension," he said. "That would bring long-needed improvement to the software intellectual property morass, and could quickly jump-start software innovation and remove the cloud of uncertainty over software ownership and rights in general."
As I said, I believe that the question of whether foundational code can be copyrighted is worthy of consideration by the high court -- or rather, a high court. I'm not so sure about this one. Our judiciary, in general, isn't tech savvy enough. The striking exception of U.S. District Judge William Alsup, who felt that it was so important to understand the technologies involved in the Oracle v. Google case that he actually learned to write Java, makes his peers look like Luddites. And most of the members of our current high court are decades behind the times. According to the AP, a relatively tech-savvy Supreme Court Justice Elena Kagan has said her fellow justices don't even use e-mail.
Posted by John K. Waters on 10/17/2014 at 1:05 PM0 comments
Oracle and the Java community made relatively few new announcements at the annual JavaOne conference last week, but a number of Java vendors did. Three announcements from local companies stood out for me at this year's show:.
Hazelcast, the Palo Alto, Calif.-based provider of an open-source, In-Memory Data Grid (IMDG) solution by the same name, made big news at the show with the launch of its JCache implementation. Hazelcast 3.3.1 JCache, which is the JCache-compatible version of Hazelcast, is now drop-in "pin compatible" with Oracle's Coherence IMDG and Ehcache. Hazelcast CEO Greg Luck wrote the latter, which is one of the most widely used open-source Java caching solutions. Luck is also a co-author of the JCache spec, along with Brian Oliver, who architected Oracle Coherence. Coherence, Ehcache, and Hazelcast are the only JCache implementations currently available.
The JCache project was the longest running Java specification request (JSR) in the history of Java and the Java Community Process (JCP) until it earned approval in March. JSR-107, the spec request for Java Temporary Caching API, specified the semantics for the temporary, in-memory caching of Java objects. The JSR languished for years until Terracotta and Oracle began funding it recently. Terracotta is probably best known for its commercial development of Ehcache.
Mountain View, Calif.-based Coverity launched the free beta of its new cloud-based service for Java developers at the show. The new Code Spotter service, which is built on Coverity's static code analysis platform, is designed to help developers find difficult-to-detect defects in Java code. The service allows Java devs to upload their source code to the cloud, where it is analyzed for known issues in Java code bases, such as resource leaks, race conditions, concurrency issues, and null pointer dereferences. With this new service, the company is "democratizing access" to its testing solution, the company said.
Coverity, which is a subsidiary of Synopsys, launched a "developer-first security" effort last year, during which it began promoting the idea of putting security into the hands of developers. In January, the company released a new version of its dev/test platform that provides Java developers with expanded coverage for the Open Web Application Security Project's (OWASP) Top 10 and Common Weakness Enumeration (CWE) security vulnerabilities in Java apps. The open-source OWASP identifies 10 of the most critical Web app security risks each year. The CWE is a community project sponsored by the Mitre Corporation to create a catalog of software security vulnerabilities.
Software build and distribution company JFrog launched a new commercial version of its Bintray open-source distro platform at this year's show: Bintray Premium. Bintray, which won a Duke's Choice Award last year, is a cloud platform for developers who want to store, publish, download, promote, and share software. (In other words, all of them.) The San Francicso-based company's commercial version supports "premium repositories," with unlimited storage and downloads, full download stats, access control, and download tracking, among other features.
BTW: The company won a Duke's Choice in 2011 for its Artifactory binary repository manager.
Posted by John K. Waters on 10/07/2014 at 11:45 AM0 comments
Is it possible that Larry Ellison's decision to step down as CEO of Oracle will mean we actually see more of him? He has made two appearances so far at the annual Oracle OpenWorld conference in San Francisco this week under his new titles of Executive Chairman and Chief Technology Officer. Last year he bailed on his conference keynote to focus on the America's Cup, during which Oracle Team USA was staging an admittedly thrilling comeback. Attendees who traveled from...well, everywhere....and paid to see the guy were not sympathetic.
Ellison started his afternoon appearance yesterday with what amounted to an apology for his absence last year, and then launched into his familiar get-through-this-and-kill-'em-with-numbers pace. But then he slowed down, joked with the crowd, and worked his way amiably through a couple of demos.
"Because of my new job as CTO, I gotta do my demos by myself," he said. "Almost nobody works for me anymore." He hastily added, "I love my new job, by the way."
Maybe it was the V-neck sweater and slacks, but Ellison seemed to relax into his promised drill down on Oracle's platform-as-a-service (PaaS) offering. During his demo, he showed how users could migrate an on-premises Java application to Oracle's cloud database and WebLogic server. It took a bit more than the "push of a button" he'd talked about during his Sunday keynote opener, but not much.
Oracle continues to bet big (if a bit behind the competition) on the cloud. On Sunday, Ellison touted his company's upgraded cloud platform as an all-in-one environment for running apps and data, and for building out new apps as customers move to the cloud. The Oracle offering includes a "massively upgraded" PaaS featuring Oracle Database 12c; infrastructure-as-a-service (IaaS); and rapidly growing software-as-a-service (SaaS). The company claims to have picked up more than 2,100 new SaaS customers over the past year. "We have by far the largest portfolio of cloud applications of anybody," Ellison declared. "We built a lot more in 2014. We bought a lot more in 2014. We definitely had a build-and-buy strategy."
Ellison sounded like his old trash-talking self on Sunday as he took swipes at the competition, including SAP, Amazon, Workday, and Salesforce.com. He singled out SAP, which recently bought Concur Technologies, a travel and expense software provider, in a deal worth $8.3 billion. He focused on the company's Hana in-memory computing platform.
"I'm going to try to be nice," Ellison said. "But it's so hard. I have no idea what runs on Hana. It's rude but it's the truth. And it's kinda funny. What cloud? Let's just talk about Earth."
He also took a shot at Salesforce.com. Oracle is the only cloud vendor that "lets you use the same platform it builds on to extend cloud apps," he said, while Salesforce.com uses the Oracle platform to build its apps, and then relegates its customers to extending apps with its proprietary Force.com and Salesforce1 platforms. Still, he allowed that Salesforce "is the best of the rest, because at least they have a platform. The other guys… they don't even have a platform. It's missing in action."
Hard to believe Ellison is now 70 years old, and even harder to imagine the hyper-competitive exec slowing down. Forbes just published its annual list of the 400 Wealthiest Americans, and Ellison came in third, behind Warren Buffett (second) and Bill Gates (first), and just ahead of the Koch brothers. What do retirees do when they're worth $47.6 billion?
Of course, Ellison isn't retiring, is he? There's a reason we're not hearing much "end of an era" talk around his move. He's not actually leaving the company he co-founded. He's not even stepping away from day-to-day involvement in the company's operations. He'll be free of some responsibilities; Safra Catz will continue to look after manufacturing, finance, and legal operations, and Mark Hurd will continue managing the company's sales, service, and global business units. But Ellison is now head of engineering and product development, so he'll still be working with Hurd and Catz -- my guess is, closely.
I asked OpenWorld attendees what they thought about Ellison's decision to step down from the big chair. Several said they thought it was a smart move that freed Ellison from some responsibilities without reducing his influence. "Let's face it, how would a person who is both the CTO and Chairman of the Board of a tech company not tell the CEOs where the company is going or should go?" said attendee Keith Gapol, IT associate at Agilent Technologies. "He will still be driving the development direction of the company."
I also heard comments like this one from an attendee from the UK: "Oof! I've had enough of that man!"
Most of the people I talked to were unphazed by the Oracle executive shuffle. A developer who flew in for the event from Boston summed up what I found in my unscientific survey to be the prevailing opinion: "I don't think it'll make that much of a difference," he said. "I mean, he's not really going anywhere, is he?"
Posted by John K. Waters on 10/01/2014 at 2:08 PM0 comments
It's time again for the annual JavaOne gathering of Java jocks in San Francisco for a week of drink…I mean, learning and networking. I kid, but that's because the anxiety over how well this touchstone event would weather its assimilation by Oracle OpenWorld has largely dissipated. For all intents and purposes, JavaOne continues to survive with its identity intact.
The primary venues for this year's event, which runs from Sept. 28 through Oct. 2, are the Hilton San Francisco Union Square and the Parc 55 Wyndam, but some related events are scheduled for the Nikko Hotel. (My feet ache already.) The annual Strategy Keynote is set for Sunday afternoon at the north hall of the Moscone Center, the event's former home. The usual suspects will be on hand: Georges Saab, Peter Utzschneider, Cameron Purdy, and John Duimovich. Mark Reinhold will again give the Technical Keynote. The Community Keynote is set for Thursday morning.
I'm especially excited about the NetBeans Community Day 2014 (Sunday, September 28), which throws a spotlight on one of the least talked about and yet most popular Java IDEs. Rather than individual presenters, the NetBeans Day sessions will take the form of moderated panels of experts, including some genuine Java rockstars. The father of Java himself, James Gosling, will be there, moderating a panel focused on how they use the editors, debuggers, and profilers from NetBeans (which Gosling has called his favorite IDE) to program and interact with devices. (Expect some insights into Gosling's recent passion: sea-going robots.)
NetBeans Community Day has a lineup of six panel sessions offering real-world stories and demos of NetBeans new features in action, presentations about developing Java EE apps with Maven, talks about working with free Java tools, and a discussion about teaching with free Java tools. Session presenters include speakers from Jelastic, ZeroTurnaround, Codename One, VMware, QAware, Boeing, Kodewerk and JClarity, among others.
Among the rumored announcements I'm the most curious about is some news expected from the Eclipse Foundation about an Open IoT Stack for Java. The Foundation has been working for a couple of years now on its Internet of Things initiative, first focusing on M2M, and then expanding to include the broader IoT. The Foundation will have a booth at this year's show, where reps will be demoing some of the projects from that initiative, Ian Skerrett promised in a recent blog post. He also listed a number of Eclipse-related talks scheduled for this year's show. Lots of IoT stuff in there, but also Java 8, JavaFX, Eclipse Luna, the cloud and Java EE.
If you needed proof that IoT has graduated from buzzword to serious software category, look no further than all the sessions in the JavaOne IoT track. It's a long list, covering topics ranging from OSGi-based architectures to Gosling's robots. Need more? IoT will figure prominently in James Weaver's community keynote on Thursday, he said in a short conference page Q&A. Weaver is a Java developer, author, and consulting member of Oracle's Technical Staff. He has, the post observed, "a passion for Java, rich-client applications, and the Internet of Things (IoT)."
I'm also interested in what I think is a new addition to the conference floor: a Meet the Experts area, which was mentioned in a recent post on the Glassfish blog: The Aquarium. It's described as "a designated space in the JavaHub where most of the Specification Leads will be present at a dedicated time." Could be a mob scene; could be a golden opportunity to get some face time. Oracle's Java EE Evangelists and Heather VanCura from the JCP will also be there.
One obvious advantage of the Oracle connection is the "attendee appreciation" events, which this year include geezer rockers Aerosmith, millennials fav Macklemore and Ryan Lewis, and the Brit band Spacehog.
Remember: learning and networking.
Posted by John K. Waters on 09/24/2014 at 9:21 AM0 comments
Ian Skerrett is probably best known for his role at the Eclipse Foundation as vice president of marketing, but for the past two-plus years he's also been leading the Eclipse effort to foster an open-source community around the Internet of Things (IoT).
"If you look at the Internet today, it's run on open source," Skerrett told me. "Linux, Apache and open standards like HTTP are the building blocks. If we're really going to get an Internet of Things, we need a set of core building blocks that anyone can use to develop commercial or internal solutions."
Eclipse IoT now includes 15 projects collectively aiming to reduce the complexity of developing IoT/M2M solutions. Most of the Eclipse literature on this initiative uses that "IoT/M2M" label, because machine-to-machine communication is where it all started, and because it continues to be an essential part of IoT. But is IoT more all encompassing, which, Skerrett says, is what makes developing IoT solutions so challenging.
"To put together an IoT solution today, you need people who understand gateways and networks, but also enterprise systems, data analytics, integration with ERP or CRM systems," he said. "There's some daunting complexity here, but we know that when you create frameworks and abstraction levels in software, it becomes much easier to put together these types of solutions."
The mission of the Eclipse IoT initiative is to establish an open IoT/M2M platform that comprises a set of services and frameworks, open-source implementations of standard protocols, and an Eclipse-based IDE for simplifying IoT/M2M development. The current list of projects likely to become part of that platform includes the Paho Project, which provides scalable open-source client implementations of open and standard messaging protocols for IoT/M2M apps. That list also includes several frameworks: Kura, which is a set of Java and OSGi services commonly required for IoT gateways (I/O services, data services, cloud services, networking, etc.); Mihini, which is an open-source framework written in the Lua scripting language; OM2M, an open-source implementation of the ETSI M2M standard; and the Wakaama Project, which will provide a C portable framework for building LWM2M clients and/or servers.
There's also SmartHome (named by Captain Obvious), which is a framework for building smart home solutions; Eclipse SCADA, which the Foundation describes as "a way to connect different industrial devices to a common communication system and post-process, as well as visualize the data to operating personnel;" and the Sandbox LWM2M Server, which provides a Web UI and a REST API to enable interaction with the registered clients. Koneki is an M2M developer tools project that's using Lua as its primarily programming language.
Eclipse IoT's protocol efforts are focused on providing open-source implementations of Message Queuing Telemetry Transport (MQTT), which is designed to connect "physical world devices" and networks with applications and middleware; CoAP (Constrained Application Protocol), which is a protocol specialized for use with constrained nodes and networks; and OMA LightweightM2M (LWM2M), which is an industry standard for device management of M2M/IoT devices.
A complete list of Eclipse IoT projects is available on the Foundation Web site here.
Even better, Skerrett will give attendees of our upcoming App Dev Trends 2014 Conference in December an in-depth look at the Eclipse IoT initiative and discuss the and the role of open source in the evolution of the Internet of Things.
Posted by John K. Waters on 09/17/2014 at 10:11 AM0 comments
There's a difference between a bug and a flaw, and an impressive group of software security mavens thinks it's time to pay more attention to the latter. To shift some of the industry's focus away from finding implementation bugs and toward identifying common design flaws -- "the Achilles' heel" of security engineering -- the IEEE Computer Society has formed the Center for Secure Design (CSD).
The CSD grew out of a foundational workshop, held in April, which brought together software security experts from industry, academia and government to talk about the problem of secure software design. Among the 10 workshop participants were representatives from Twitter, Google, RSA, Intel and Harvard University.
Gary McGraw, CTO of Cigital, hosted a soirée at the Cantina art bar in San Francisco to launch the CSD and to generate interest in its mission. McGraw was among the original workshop members. "The price of admission was a bag of flaws -- a real bag of flaws -- from your practice," McGraw told attendees. "We dumped them all on the table and picked the tallest 10 piles."
That mission, by the way, is to "gather software security expertise from industry, academia and government" to provide guidance on "recognizing software system designs that are likely vulnerable to compromise" and "designing and building software systems with strong, identifiable security properties." And those 10 piles led to the publication of an inaugural CSD report, "Avoiding the Top 10 Software Security Design Flaws."
McGraw, who is author of numerous books about building secure software, called finding and fixing design flaws "the hardest problem that nobody has solved."
"Software security has grown into a $7 or $8 billion industry, and it's continuing to grow very fast," he told me. "But the field seems to be myopically focused on bugs and hackers. And yet, from a technical perspective, half of the problem is a design problem. We're hoping to shepherd the field in the right direction."
The CSD is part of a larger IEEE cybersecurity initiative launched this year "with the aim of expanding its ongoing involvement in cybersecurity." Jim DelGrosso, principal consultant at Cigital, will serve as the CSD's executive director. One of the problems the group will address, DelGrosso said, is the relative opaqueness of the work being done on design flaws.
"We've known about these things for a decade or three," he told attendees, "and yet the problems persist. We also know that this work is being done, but much of it is being done internally, so it's not available to the public. One of the goals of the CSD is to change that. We want people to stop making these mistakes."
Google information engineer Christoph Kern shared an example of such internal work from his own company, where he has been developing Web application frameworks that make it hard for developers to introduce cross-site scripting bugs. One team that adopted the frameworks saw a marked reduction in their bug-tracker stats. "There's a real connection between bugs and design-level considerations," he said.
Here's the list of initial participants in the Center for Secure Design:
- Iván Arce, Sadosky Foundation
- Neil Daswani, Twitter
- Jim DelGrosso, Cigital
- Danny Dhillon, RSA
- Christoph Kern, Google
- Tadayoshi Kohno, University of Washington
- Carl Landwehr, George Washington University
- Gary McGraw, Cigital
- Brook Schoenfield, Intel/McAfee
- Margo Seltzer, Harvard
- Diomidis Spinellis Athens University of Economics and Business
- Izar Tarandach, EMC
- Jacob West, HP
Here are those top 10 security design flaws; each one is fleshed out considerably in the CSD report:
- Earn or give, but never assume, trust
- Use an authentication mechanism that cannot be bypassed or tampered with
- Authorize after you authenticate
- Strictly separate data and control instructions, and never process control instructions received from untrusted sources
- Define an approach that ensures all data are explicitly validated
- Use cryptography correctly
- Identify sensitive data and how they should be handled
- Always consider the users
- Understand how integrating external components changes your attack surface
- Be flexible when considering future changes to objects and actors
Posted by John K. Waters on 09/02/2014 at 6:43 AM0 comments
There's nothing like seeing the final agenda go up on a Web site to drive home the reality that you're chairing your first technology conference.
Fortunately for me, that agenda -- the one for our first ever App Dev Trends conference coming in December in Las Vegas -- is filled with workshops and sessions led by some of my favorite enterprise software experts, industry mavens, market watchers and serious codederos. I might be as nervous as a nerd at the prom about stepping onstage in my chairing duties (man, that simile brought up some bad memories), but I couldn't be more relaxed about our kick-ass presenter lineup.
I'm very excited, for example, to have David Intersimone (better known as "David I.") speaking at the show. Intersimone is vice president of developer relations and chief evangelist for toolmaker Embarcadero Technologies, and he's a programmer's programmer. He worked for more than two decades at Borland, the company that invented the IDE, then at CodeGear, the company that emerged from Borland's decision to shed its tools business. David will be presenting two sessions: "Integrating Devices and Gadgets into Your Enterprise" and "Clouds: The Final Frontier – Integrating BaaS into your Enterprise Apps."
We also have one of my all-time favorite conference keynoters, Miko Matsumura, leading a session. He's now vice president of developer relations at Hazelcast, the open source in-memory data grid company, but I first saw Miko when he served as chief Java evangelist at Sun Microsystems in the late '90s. (Back when he had shoulder-length hair!) He was one of the most visible spokespeople for Java back then, and a member of the team that popularized the Java platform among developers. In his session, "Elastic Application Performance Market View," Miko will examine the dizzying array of options available today for architecting scalability into applications from Day 1.
When Dr. James McCaffrey, a popular veteran of 1105 Media's Visual Studio Live! conferences and Visual Studio Magazine columnist, responded to my e-mail pestering by saying that he might have a totally new tool to present at our show, and that this tool was designed for developers interested in neural networks, I swallowed my gum! You've probably heard about Microsoft's new cloud-based machine-learning tool, Machine Learning Studio, the beta of which was unveiled in July. His presentation is titled: "Understanding Neural Networks Using Python." McCaffrey, who works at Microsoft Research, promises that attendees will come away from his session with an in-depth understanding of neural networks -- and to include one of the first public demos of the new Machine Learning Studio.
I am also very excited about Ian Skerrett's session, "Introducing Eclipse IoT: Accelerating IoT Development." Over the past two years, the Eclipse Foundation has been developing a community of open source projects for Internet of Things developers. That community now comprises 15 different projects, and includes implementations of popular IoT standards, such as CoAP, MQTT, and Lightweight M2M. Ian is the man who has been leading the effort to build that community. He will be talking about the project itself and how to use the technologies it encompasses to get started building IoT solutions.
One of my favorite tech industry watchers, Theresa Lanowitz, founder of voke inc., is also presenting at our show. Her official bio says that she's widely recognized as "a strategic thinker and influencer in the application life cycle, virtualization, cloud computing, and convergence markets." I usually hate to use PR-speak, but that line is right on the money. Cool tidbit from that bio: She worked on the original JBuilder IDE. I've interviewed Theresa many times, and I'm looking forward to both of her sessions: "Extreme Automation: Software Quality for the Next-Generation Enterprise," and "Software Quality in the Sound Bite Era."
And our own Agile Architect, Dr. Mark Balbes, will be among the speakers kicking off the show with his session, "The State of Agile." Mark will be talking about the evolution of Agile -- what works, what doesn't and where the Agile movement might be heading in the future. He'll also be there to wrap things up with our closing panel, "Agile Techniques and Best Practices," which will feature Mark, Matt Philip and Jason Tice, the Three Agilistos from our popular summer webcast. I'll be moderating this panel, so it'll be worth attending for my embarrassing gaffes alone.
It's no exaggeration to say that this is just the tip of the iceberg. This is our first-ever ADT-branded event, and we went all out to put together what I believe is a killer agenda with sessions focused on the enterprise developer. App Dev Trends 2014 runs Dec. 8-11 at the Mandalay Bay Resort and Casino in Las Vegas. Hope to see you there!
Posted by John K. Waters on 08/20/2014 at 3:25 PM0 comments
Java toolmaker ZeroTurnaround's software release automation tool, LiveRebel, is a little less live than it was a week ago. The company pulled the plug on the three-year-old sibling of its JRebel JVM plug-in (and newly birthed XRebel Java profiler). Company founder and CEO Jevgeni Kabanov, delivered the news in a blog post, though he says customers were contacted before he posted.
I caught up with Kabanov via Skype in Estonia, where his company is headquartered, to ask him about it. He said there just wasn't enough of a mid-range release management market to sustain the product.
"LiveRebel was aimed at the mid-market," he said. "That's a few dozen up to a couple hundred servers. But most of our competitors were going after customers with hundreds to thousands of servers. We just felt that there was a significant opportunity cost for going after that market."
Another problem, Kabanov said he believes, is that there is no agreement currently on exactly what a "release management" product should do -- especially within the context of a rapidly evolving of DevOps and continuous delivery movements. But perhaps more important, whatever release management is, it doesn't currently seem to be at the top of ZT's customers' to do lists. In his blog post, he put it this way: "Release management provides little value if you don't have automated builds, provisioning, and a well-defined release process, and unfortunately most potential customers would have none of those."
"It was a tough decision emotionally, but from a business perspective, it was quite straight forward," he said. "For now, we're continuing to focus on the developer tools market, which is our strength. But we're not closing any doors on what we might do in the future."
LiveRebel 1.0 was released in May 2011 after about three years of development "in the far northern country of Estonia as an attempt to re-invent product updates." The final version, 3.1, was released last month. Kabanov said active customers would be getting refunds and support and help migrate off LiveRebel until August 2015.
The Tartu, Estonia-based company is probably best known for its JRebel plug-in, which integrates with the Java Virtual Machine (JVM) and app servers on the class loader level, and allows developers to make on-the-fly code changes in Java class files. In June, the company released an interactive Java profiler called XRebel. The company also operates a research and content organization, Rebel Labs, which publishes free, vendor-neutral technical resources.
Posted by John K. Waters on 08/13/2014 at 4:34 PM0 comments
Enterprise developers struggling with the challenges associated with mobile application development may not be settling on a single, one-size-fits-all tool or platform just yet, but they are approaching those challenges more strategically. That, according to IDC analyst Al Hilwa, writing in a recently published report: "Negotiating the Mobile Disruption: Approaches for Multiplatform Application Development."
Hilwa, who is a research director in IDC's Application Development Software group, told me that he's trying to be the voice of reason in this report, offering "concrete, realistic advice to enterprises."
He first states the obvious, that "the central problem in mobile application development is addressing the variety of platforms and devices that employees can bring into the enterprise in a productive and agile manner…"
What's not so obvious, he reminds us, is that until recently, enterprises have been side-stepping the so-called mobile revolution "engaging the consumers of their products with B2C apps, often developed by outside agencies or contractors." But the no-end-in-sight proliferation of mobile devices in the hands of employees -- and the promise of a more productive and mobile workforce -- has forced enterprises to address mobile more strategically and in-house.
"Since 2012," Hilwa writes, "enterprises have begun to tackle mobility more strategically by tagging their internal custom application development teams to skill up on mobile application development and take a more systematic approach to developing suites of applications that overhaul how certain internal business divisions, especially mobile sales and field forces, operate."
And there's another problem: The big three platforms—iOS, Android, and Windows—have focused on consumers, and haven't paid much attention to enterprise software licensing requirements. "For enterprises, tightly controlled application platforms with vendor-anointed tools and programming languages mean limitations in choice, an inability to leverage existing developer skills and, most importantly, an inability to easily develop code for multiple platforms," Hilwa writes.
In the midst of this "mobile disruption," four general approaches have emerged or enterprise mobile app developers: native, Web, hybrid, and third-party. Developing native apps for particular platforms requires platform owner–supplied/approved programming languages, runtimes, frameworks, and tool chains. Developing Web apps that use the browser as a runtime and app platform are typically sandboxed, so they can't access native platform features. Hybrid apps use Web apps with a thin wrapper that allows them to be distributed via app stores, which means they can access to some native platform features. And third-party-supplied runtimes or app platforms, which can come with their own programming languages, frameworks, and developer tool chains, produce full "native" apps that can be delivered through device platform owner–supplied app stores.
In the end, most enterprises will follow more than one mobile app development approach, Hilwa predicts, though he expects most to deliver as hybrids or as third-party cross-platform apps.
Now for some of that concrete advice: Because app dev tools, frameworks, and middleware aimed at enterprises are increasingly integrating HTML5 support, it will be in the best interest of enterprise developers to "embrace the Web ecosystem of skills and set up Web developer teams along with existing Java and Microsoft ecosystem developer teams."
Here's another one: Enterprises moving from a tactical to a strategic approach to mobile app development will want to "embrace an API architecture for back-end systems." In fact, "such enterprises should begin re-architecting their back-end systems and data assets into API services before embarking on extensive mobile application building."
There's a lot more in this report, and it's well worth reading in its entirety. Also, in case you missed it, my colleague David Ramel's most recent Dev Watch column ("Doubts About Cross-Platform Mobile Development") cites a number of studies on or related to this topic.
Posted by John K. Waters on 08/07/2014 at 4:32 PM0 comments