Martin Fowler has a post on Cross Platform Mobile. One of the main challenges for Mobile development is dealing with different Mobile OS versions. Back in the day, OS version was a big deal for developers. We got away from this in large part with the Web (yes I know that a tremendous amount of code get written to support different browsers, but OS and particularly Mobile OS drag in a lot of other dependencies).
The Cross Platform dream has been around a long time, the most famous example of this sword being pulled from the stone was Java. And its worked out reasonably well, but can we expect anything like this in Mobile especially given the fierce (dare I say 80 & 90s esque) competition?
Martin Fowler's advice on Cross Platform Mobile is summed up as - "don't do it" due UI, usability and other issues. There is an additional challenge to Cross Platform Mobile which is that the security models are not alike. iOs, Android, and others each contain unique access control models, ways of dealing with sensitive data, attack surface, exception handling, network security, distribution code signing and so on. The flavors of these are very much OS dependent. This requires OS specific policies and security mechanisms. These are deployed and managed separately for each OS and so from a security perspective there is not a Cross Platform model that is available at all. iOs keychain is useless in Android, Android's permissions model is useless in iOs. No one anywhere can hablo security Esperanto.
I would expect and hope that we'll some more standardization in Mobile web services like Salesforce.com demonstrated with their oauth Android implementation, but I am not optimistic on the Mobile OS.
**
Secure Coding Training Class: Mobile AppSec Triathlon
Do you have what it takes to complete a triathlon on three vital topics in the mobile world: Mobile application security, web services security, and mobile identity management?
Come join two leading experts, Gunnar Peterson and Ken van Wyk, for the first Mobile App Security Triathlon, in San Jose, California, on November 2-4, 2011.
I cannot agree with this. PhoneGap as well as other frameworks have provided a bridge to solve these issues, though it is still not fully in control of the phone at a hardware level, it is capable of providing advance network features as such. jQuery Mobile has provided a great framework for the development of mobile applications for the web and native platforms.
With the development of a native bridge, such as phonegap for android in java, or phonegap for iphone in objective-c, web technologies and their native languages are slowly gaining a presence in the application market. This process is now allowing for rapid development of bleeding edge apps and should not be disregarded or looked down upon. This is a revolution in software development and it will continue to prosper with a population of developers giving it huge support.
Posted by: joseph werle | May 12, 2011 at 07:35 PM