Category Archives: software development

adobe, agile, flash, software development

Adobe’s chameleon Flash shows its enterprise colours

4 Comments

Duane Nickull is Senior Technical Evangelist at Adobe and co-author of Web 2.0 Architectures which I reviewed recently. He is also Duane Chaos of grunge band 22nd Century and entertained us at the Adobe MAX party last night in Los Angeles.

Duane Chaos at Adobe MAX bash in LA

It’s appropriate that he works for Adobe, whose Flash runtime has parallel chameleon characteristics. Most of the time it is delivering annoying ads, games or silly videos; but it also turns up as a flexible cross-platform client runtime for Enterprise applications.

We saw this demonstrated yesterday in an excellent session on scaling Flex for a large trading application, given by the developers of Morgan Stanley’s Matrix application about which I have written before. This session was far more informative than the earlier online briefing, and a fascinating case study in how to create Enterprise-grade software.

Matrix was built by a team of around 30 Flex developers, over a period of between 18 months and two years. It uses a REST-based service layer which talks to a variety of Java and .NET back-end servers – we didn’t hear much about these – and delivering XML to the Flex client. The team did not use the Flash-optimised AMF protocol because the app uses Lightstreamer which did not support it at the time, though we were told that AMF would be advantageous and may be used in future. LiveCycle Data Services were ruled out because of lack of support for edge server deployment; again, this has apparently been fixed in the latest LiveCycle so migrating in that direction is possible.

Matrix uses the Cairngorm 3 architecture, which specifies best-practice design patterns for Flex, implemented using the Parsley Application Framework. The application is modular, and we heard a lot about how rigorous module encapsulation makes a large application like this – 600,000 lines of Flex code – manageable, reliable, flexible and testable. One module cannot access the implementation details of another, and a message bus handles communication.

I was also impressed by the attention given to performance. Another advantage of using modules is that they are loaded on demand, reducing the load time and memory footprint. Each module is profiled separately. The team also found that a big factor in Flex performance is efficiency in managing redraw regions – apparently Flash can easily be sloppy about this and redraw regions that have not actually changed. The team patched the UIMovieClip component to overcome problems in this area.

A model-view-controller architecture is used for the user interface, and this enables better testability. The team uses continuous integration to maintain quality.

According to the session presenters, the result is an application that has the high performance required of a financial trading application, and can run for extended periods without issues.

Although I had the impression that developing Matrix has been bleeding edge at times, with the team using beta software to get access to new features, there was also evidence that Adobe was responding to issues and using this as an opportunity to improve its platform.

This makes a great case study for those sceptical about whether the Flash runtime is really capable of powering Enterprise clients, or for any Flex developer.

adobe, software development, Uncategorized, web authoring

Book review: Web 2.0 Architectures

This is an excellent read, though it was not what I expected from the title. It is written by three people who are always forthright, sharp and insightful, and who live on the Web: James Governor, Dion Hinchcliffe and Duane Nickull. Nickull works for Adobe, and the book labelled as part of the Adobe Developer Library, but don’t let that put you off if you are a Java guy, or a PHP developer, or a Microsoft Platform person: this is about concepts and patterns, not specific products.

So why was it not what I expected? Well, I thought it might focus on the challenge of developing highly distributed applications, looking at what it takes to make such applications reliable, performant and scalable. I know even from my own dabblings that decisions about where to locate different pieces of logic and handling things such as authentication, transactions and security are tough problems with which many of us need help. However, this title rarely descends to that level of detail – though it is a little unpredictable in that respect. The authors do find space, for example, for several pages on common mistakes in designing web forms, reflecting I imagine their level of frustration at how often they encounter them. Inconsistent, yes; but forgivable.

What you do find is detailed and often brilliant attention to the definition of terms. What is architecture? What is a model? What is a pattern? What is a Mashup? What is a Rich Internet Application? What is Service Oriented Architecture? What is a Reference Architecture? And of course, What is Web 2.0? These discussions are pithy, illustrated with real-world examples, and convey the authors’ enthusiasm for the new era which is now upon us.

As you read the early chapters you feel that this is all leading up to something big. That’s correct, but again it might not be what you expect. In fact, this feels like an introduction to a much longer book that is yet to be written, a fault which can only be excused by the idea that it is you, not they, that have the task of writing it.

Here’s a short extract from a section called The Timeless Way of Building Software: Inspiration for the next generation of Web Software:

Take a look at some of the great web software, such as Google’s search page, Flickr, or Delicious. They all have that unique yet unhurried grace that comes from perfect ease and natural balance. But what do they have in common exactly? They are beautiful, ordered and harmonious. But especially, and what strikes to the heart, is that they live. They are the perfect blend of logic and emotion, of the machine and the human experience, intrinsically intertwined and symbiotically embracing each other.

If you find this excessively rhapsodic you will probably not like this book. Note the title though: this is a Web 2.0 book as well as an architecture book; and a couple of pages on from the above quote we learn the significance of that:

…this timeless way of software architecture represents a more complete reconceptualization of what we thought we knew. We can give this place, where common sense and logic collide with humanity and society, a name.

We call that place Web 2.0.

And that is pretty much how it ends.

Overall it’s a great read, written I suspect in haste, accounting for the odd sloppy phrase or two, but always fluent and enjoyable. Recommended for those who are thoughtful about what it means to do software today.

View on Amazon.com: Web 2.0 Architectures: What entrepreneurs and information architects need to know

View on Amazon.co.uk: Web 2.0 Architectures: What entrepreneurs and information architects need to know

.net, adobe, cloud computing, facebook, flash, javascript, microsoft, open source, ruby, software development, twitter, visual studio, web authoring

Future of Web Apps cheers the independent Web

3 Comments

The Future of Web Applications conference in London is always a thought-provoking event, thanks to its diversity, independence and character. That said, it is a frustrating creature at times. The frustration on day 1 was the barely functional wi-fi, which ruined a promising interactive application called HelloApp, built with ASP.NET MVC. HelloApp would have told us who we were sitting next to, what their interests were, their twitter ID and so on. Microsoft must be disappointed since the developers, some of them more used to technologies like PHP and Ruby, said how impressed they were with the framework and Visual Studio. The poor connectivity was a shame, and a bad slip-up for a web application conference. Even the speakers had to work mostly offline – cloud devotees beware.

Ryan Carson at the Future of Web Apps London, 2009

FOWA has been at London Excel recently, but this event was back to its earlier venue of Kensington Town Hall, more crowded but a better atmosphere and easier to get to. I suspect a little downsizing, but much prefer it. Organizer Ryan Carson has his heart set on enabling start-ups, proffering business advice and uniting developers, designers and money folk, though many attendees are not in the start-up category at all. When revealing the results of a survey showing that many web app hopefuls had less then 1000 site visitors a month he shook his head despairingly “you’re never gonna build a business on that kind of traffic”.

Carson has excellent contacts and the day kicked off with Digg’s Kevin Rose on how to get those visitor numbers up – he should know if anyone does. Rose exceeded my expectations with tips on massaging your visitor egos, avoiding analysis paralysis, hanging round event parties to meet influencers even when you can’t afford to attend the event, and even how to hack the press.

After that the day was disappointingly low-key, at least until midday. Then we got Francisco Tolmasky from 280 North and it all changed. Tolmasky’s line is that we should use pure web technology but with the richness of desktop applications, and to enable this he’s put forward cappuccino, a JavaScript framework inspired by Apple’s Objective C and Cocoa – Cappuccino uses Objective-J. This now has a visual development tool (web-based of course) called Atlas, and in Tolmasky’s demo it looked superb. See here for more details.

The surprising twist is that after developers told Tolmasky that they (or their companies) were not willing to trust code to the web, 280 North came up with a desktop version of Atlas with the added ability to create desktop applications as well. I am not clear about all the runtime details, though it no doubt involves webkit, but Tolmasky’s differentiator versus alternatives like Java or Adobe AIR is that Atlas uses only web APIs.

We heard a lot at FOWA about social media, how to use it for marketing, and how to integrate it into applications. Cat Lee from Facebook gave us a breathless presentation on how simple it is to hook into Facebook Connect. It was OK but it was a sales pitch, and that never goes down well at FOWA. 

The later afternoon sessions were excellent. Bruce Lawson of Opera gave us an entertaining overview of how HTML 5 would make life easier for developers. There was nothing new here, but nevertheless a revealing moment. He showed some rich media working in HTML 5 and made the comment, jabbing at Adobe Flash and Microsoft Silverlight, that the web was too important to place control in the hands of any one vendor. A loud and spontaneous cheer went up.

This was echoed later when Aza Raskin of Mozilla gave us a browser-centric view of social media, suggesting that the browser could broker our “social graph” by integrating with multiple identity providers. Raskin’s line: social media is too important to be in the hands of any one vendor.

The Guardian’s Chris Thorpe gave a bold presentation about how the Guardian wants to embed itself in the web through its open platform. Like most print media, the Guardian has many challenges around its future business model (disclaimer: I write for the Guardian from time to time); but Thorpe’s presentation shows that his newspaper is coming up with an intelligent response, promoting interaction and building out into the wider web rather than erecting paywalls. Having said that, maybe the Guardian will try other business models too; it is a journey into the unknown.

Overall a day for social media and the open web, and a good antidote to the more vendor-centric conferences at which I often find myself. Next week, for example, it is the Flash-centric Adobe MAX; and having heard very little about Flash at FOWA that will make an interesting contrast.

.net, adobe, flash, silverlight, software development, web authoring

Flash spell check developer upset by competition from Adobe Squiggly

3 Comments

Grant Skinner is the developer of Spelling Plus Library, a spell checking engine for Flex, Flash and AIR. He is displeased that Adobe has now released Squiggly on Adobe Labs – a free component that does the same kind of thing. Skinner refers to the general lack of commercial Flash components:

One of the things that the Flash world really lacks is a strong commercial component marketplace. We have a thriving OSS culture, which is awesome, but while it is very prolific it rarely creates highly reliable, documented, and well-supported libraries. It’s a weakness of the platform, especially when you look at the hundreds or thousands of enterprise class commercial components available for languages like Java or C#.

It is an interesting point. I have always found it intriguing that the commercial component market is so much dominated by Microsoft, thanks perhaps to its early success with VBX and then ActiveX controls for Visual Basic. Despite the maturity of Flash and its popularity among developers, I can more easily name companies with commercial Silverlight components than Flash equivalents – companies like Devexpress, Infragistics, ComponentOne, and Telerik.

Skinner is therefore upset that Adobe has picked a spell checker for its free offering:

When Adobe spends a large amount of resources building a spelling component that directly competes with one of the few successful commercial components in the Flash world, it frustrates me.

though I imagine the impact on his sales is a large factor in his reaction.

The truth is that component vendors always have to play this game of trying to stay ahead of what developers can get for free, either from open source or from what is bundled into the core SDK.

Note that Intel’s just-announced AppDeveloper program for Atom netbooks includes a component marketplace for AIR. I am not sure how significant it will be, but it is another outlet for Flash component vendors.

.net, microsoft, open source, silverlight, software development, Uncategorized

Microsoft, Moonlight and open source

3 Comments

I was surprised by the announcement that Silverlight is being ported to Intel’s Moblin Linux, which I’ve already reported both here and on The Register. It feels like a u-turn from Microsoft, which had previously stated that while it would build Silverlight for both Windows and Mac, Linux support was to be done by Novell. This is from the 2007 press release:

Microsoft will work with Novell Inc. to deliver Silverlight support for Linux, called Moonlight, and based on the project started on mono-project.com … Microsoft is committed to ensuring that organizations have the best tools and resources to begin building Silverlight-based solutions with the broadest possible reach. The decision to work with Novell to offer Silverlight support for the Linux platform is in direct response to customer feedback, and both companies are optimistic about the impact this extended partnership will have in the industry.

Now, given that Microsoft has long expressed an intention to bring Silverlight to mobile devices, and that many mobile devices run some variety of Linux, you can argue that the Moblin announcement is merely in line with that strategy. This is what Brian Goldfarb told me – that the Intel deal is in the “mobile device” category, and therefore distinct from the work with Mono.

That said, if you look at the specs for something like Dell’s Mini 10v with Moblin – 1.6Ghz Atom CPU, 160GB hard drive, 1GB RAM, 10.1" 1024×600 display – it really has more in common with a traditional laptop than with, say, a mobile phone. Further, I’m getting the impression that this will be a full Silverlight 3.0 implementation, not a cut-down version like Flash Lite, complete with the Silverlight version of the .NET Framework.

If Microsoft had announced this kind of deal in the early days of Silverlight, it would have have been encouraging for open source advocates. Even though this Silverlight for Moblin is not an open source project, it extends support for a key Microsoft technology to Linux users. Silverlight developers may well prefer that the same code will be running on Moblin as on Windows or Mac, subject to whatever has to be done to make the port work.

Unfortunately at this point the announcement is having an opposite effect, casting doubt on Microsoft’s ability to work with open source partners. The impression is that Mono was a useful means of ticking the Linux box for Silverlight’s launch – though the version which includes .NET is still not complete – but that when it really wants to support a Linux OS, Microsoft is quick to find another route.

It is stating the obvious to say that the open source community is wary of Microsoft. Everything the company does is eyed with suspicion. Microsoft’s official support for Moonlight, along with great work from people like John Lam who works on IronRuby, was beginning to soften some of that hostility. Miguel de Icaza, leader of the Mono project, has been a great bridgebuilder between Microsoft and the open source community – so much so, that Richard Stallman recently called him “basically a traitor to the free software community”. Stallman has done his cause no credit with this remark. “I think we officially hit a new low here”, says OS news.

A terrible moment then for Microsoft to snub Moonlight by doing its own thing with Intel for Silverlight on Linux. What was even more striking is that the company seemingly had no idea of the impact of its announcement, and that it might be a sensitive matter, and apparently did nothing to prepare the Mono team in advance for the obvious questions that would be asked.

What is more important – that Silverlight works smoothly on Moblin, or Microsoft’s relationship with the open source community?

.net, microsoft, mono, silverlight, software development, web authoring

Microsoft brings Silverlight – not Mono – to Linux via Intel

Yesterday I speculated about what was meant by the inclusion of Silverlight among supported runtimes for Intel’s Moblin Linux, which is being used on netbooks using the Atom processor. I had assumed it was some new development of Moonlight, Mono’s Silverlight implementation, but apparently this is not the case. Here’s what Microsoft’s Brian Goldfarb, director of the Developer Platform Group at Microsoft, said:

Microsoft and Intel announced today that the two companies have agreed to work together to bring support for Silverlight 3 to Intel’s Atom-based Mobile Internet Devices (MID). These Atom-based devices run on Windows and Moblin, an open source, Linux-based operating system targeted at Atom-based devices. In order to help bring Silverlight content to these devices, Microsoft has provided Intel with Silverlight source code and test suites, and Intel will provide Microsoft with an optimized version of Silverlight for Moblin devices that Microsoft can then redistribute to OEMs.

There are a couple of curious aspects to this. One is why Microsoft would not simply feed optimisations into the Moonlight project, which would benefit Silverlight/Moonlight on all Linux systems. Goldfarb did add:

The Silverlight for Moblin announcement is independent from Microsoft’s work with Novell on Moonlight. The Intel/Moblin effort is specifically about building great out-of-box experiences for consumers on Atom-based devices. Microsoft’s efforts with Novell remain critical as they build an open-source, compatible, and broadly available Silverlight solution for Linux.

Another is whether Intel/Microsoft are devising some way for Silverlight to run as a desktop application, rather than just as a browser plug-in. I’m hopping to clarify these points soon.

Intel has a press release here.

software development

Software development trends in emerging markets

1 Comment

I’ve just attended a webinar given by Evans Data on software development trends in emerging markets such as India, China and Brazil. Not many surprises, but still interesting. Here’s a quick summary:

  • The emerging market developers are much younger – a median age of 29 versus 41 in the rest of the world (ROW).
  • The developer population is growing faster in emerging markets – 25% per annum versus 9%.
  • Educational attainment is similar in emerging markets vs ROW – developers tend to be highly educated.
  • Developing for cloud computing and SOA is somewhat stronger in emerging markets than ROW

There are mixed signals when it comes to use of Microsoft technologies. On the one hand, we were told that Microsoft is strong, and a sign of that is that more emerging market developers are signed up to a paid developer program (presumably MSDN) than in the ROW. On the other hand, there’s more open source adoption in emerging markets: 74% vs 65% ROW.

Programming language trends are hard to nail, because emerging market developers tend to have multi-language skills. 60% of emerging market developers use Java, for example, vs 45% in ROW; but 48% use C#, vs 38% in ROW. The emerging market developers are ahead in every category here, despite (or because of) their younger age.

When it comes to host operating systems, Windows XP predominates in both groups. There’s less Mac in emerging markets: the number 5 OS is Windows 7, whereas it is OS X in ROW. The others are Vista, Linux, and Windows 2003.

What I’m not sure about (but would like to know) is how many of the developers surveyed in emerging markets were working for their own market, and how many for international customers.

My own observation is that aside from the remarkable age difference, the two groups are more similar than I would have guessed.

adobe, eclipse, flash, microsoft, silverlight, software development, web authoring

The desktop versus web application debate

8 Comments

I posted a piece entitled Desktop applications are dead which attracted the following comment:

Web apps have plenty of cons too. You seem to only be looking to the Pros.

There’s something in it; though the article is a little more nuanced than its title. There’s also another debate to be had around the question of what a web application really is. If thousands of lines of JavaScript are executing on the client, is it a web app? If it is running in Flash or Silverlight is it a web app? If it is running out of browser (Adobe AIR, Silverlight, JavaFX) has it crossed the border to become a desktop app? This last case is particularly interesting, since although something like AIR should probably be categorised as desktop, its programming model is normally that of a web application with an offline cache.

The semantic discussion can distract from the real issues. The ascendancy of web applications has a lot to teach software developers. The enforced simplicity, even crudeness, in the user interface of early web applications brought some surprising benefits: users generally liked the minimalist approach and ease of navigation. The page model, intended for documents, turns out to work for applications as well.

Another big lesson: users value zero-install extremely highly. The routine of go to the web page – run the app is easy to understand. Some find it easier than finding an application shortcut in the Windows Start menu, and that is after the potentially painful business of running setup.

Still, I am slipping into reiterating the advantages of web apps. What about their cons? What about the pros of desktop applications?

I still use desktop applications a great deal: Microsoft Office, Live Writer, Foobar, Visual Studio, Eclipse, all the things I listed in 10 Mac alternatives to Windows utilities. Doesn’t that prove that desktop applications are still important?

It does; but there is an important qualification. None of these are line of business applications of the type which occupy so much of the time of corporate software developers and contractors.

The real point: if there is a discussion about whether a particular project should be implemented as a desktop or web application, it is not the web application advocates who need to make their case. Rather, it is the desktop advocates who need to show the particular reasons (which may be good ones) why only a traditional local install will do.

It is also important to follow the curve on the graph. The list of things that can only be done by desktop applications gets shorter with every upgrade to the web platform – whether you think of that as HTML/AJAX, Adobe Flash, Microsoft Silverlight, or [insert your favourite web technology].

Ten years ago, a web version of Photoshop seemed an unlikely prospect. Today, here it is. Office and email is going the same way, even if it is not quite ready for all of us; Microsoft will have to accept that or lose its business.

I don’t follow Rich Internet Applications with such interest because they are cool, but because they are the future of the client – and increasingly the present as well.

delphi, embarcadero, software development, windows 7

Delphi and C++ Builder 2010 are out

18 Comments

I’ve installed the new Delphi from Embarcadero. I want to enthuse about this product, as a long-time Delphi enthusiast, but a few things have dampened my zeal:

1. The install on Windows 7 64-bit was not totally smooth. First Avira Antivir claimed that a file installed during setup, called convert.exe, contained a virus (not the fashionable new one, something else called DR/Delphi.Gen dropper). I thought this was most likely a false positive. I tested the file with with Kaspersky which declared it clean, and I’ve emailed Avira about the problem.

I’m not sure why I bother at all with running anti-virus software. It is very little use. After all, what is the point of having it, if when it claims to find something you ignore it? On the other hand, what is the chance that this is a real virus on Embarcadero’s new CD, that Kaspersky does not detect?

None of this is Embarcadero’s fault, of course, unless it has shipped a virus, which I doubt.

2. Next, on running and quitting Delphi 2010 for the first time, the Windows Program Compatibility Assistant was triggered. See this earlier post for what this guy looks like and what it does. This one made the same change, ELEVATECREATEPROCESS.

A minor niggle perhaps, but it looks bad. At this stage, the Delphi team should have come to terms with UAC and made RAD Studio properly UAC-aware. I’m guessing most of the team run with UAC disabled.

3. Another UAC issue. When the IDE starts up, you get a message:

Error executing ‘C:\ProgramData\{BBD31133-40F8-4B57-9BA6-DB76C03D153B}\Setup.exe’: The parameter is incorrect

This does not occur if you run as administrator.

4. I ran up the IDE and noticed there is a new documentation wiki with user contributions. I think this is a great idea. It seems to be built with mediawiki. Unfortunately it failed with “A database query syntax error has occurred”. Update: it’s working now.

5. I’d understood that Delphi 2010 is somewhat Windows 7 ready. It has great support for multi-touch and gestures. That’s fine, but I was interested to see how to support the Windows 7 Jump Lists. A Jump List is the menu that pops up when you right-click a taskbar icon.

Well, if support for this is there I can’t find it. There is support for the Windows 7 Direct 2D Canvas, and as I mentioned for multi-touch, but that’s about all I can find.

It’s a shame because only a few people will be using multi-touch in the near future, and Direct 2D is not a feature visible to users, but the new Windows 7 taskbar and its features – there’s also the ability to add controls to taskbar preview windows – is the thing that every Windows 7 user will notice.

Of course you can easily call the Windows API from Delphi, and the community will figure out how to support these features before long; there’s already an alpha “Windows 7 controls for Delphi” that Daniel Wischnewski has come up with. But I’d like to have seen it in the box, and it would have been a nice selling point.

Don’t let me put you off. There are other new features – including Firebird support, integrated code formatter, better thread debugging -  and no doubt the core of Delphi is as good as ever (no 64-bit yet, but it will come eventually).

Still, my impression is that Embarcadero still has to work a bit on that last degree of polish. One final gripe: why is the discussion forum so darn slow? It has also been in beta forever.

More information here.

delphi, embarcadero, software development

Delphi developer virus exposes weakness in anti-virus defences

13 Comments

I found a real live instance of the Delphi-attacking virus W32/Induc-A yesterday. It was in the executable for FinalBurner Free from ProtectedSoft (ironic name in the circumstances), a decent freeware CD burning application. The file is burner.exe and I suspect the company has been shipping it for some time. I do not know if it affects the paid-for versions.

This malware was highlighted by Sophos though one thing Sophos does not make clear (as it is in the scaremongering business) is that the virus has only a mild affect. It only affects machines with ancient versions of Delphi installed – versions 5, 6 and 7 according to Marco Cantu – and its activity appears to be limited to replication. In other words, a successfully infected machine modifies Delphi’s runtime library so that it compiles infected executables, but does nothing else that I know of.

The implication is that the anti-virus companies, far from doing a great job at protecting us, have only just spotted a problem that has been around for months or possibly years. The burner.exe I found was dated 16 June 2009. If anyone has an older example, I would be interested to know; I’ve seen one report of an August 2008 infection.

Thus, when Delphi Product Manager Mike Rozlog comments to the Register’s report:

The best ways to combat these types of issues are to establish a deployment protocol that checks for viruses and trojans before shipping any applications

you have to ask: how? Clearly scanning with an anti-virus product would not have helped ProtectedSoft. Note that Sophos admits in its database that protection has been available only since 18 August 2009.

Despite the mild impact of W32/Induc-A (as far as we know so far) it is not something to take lightly. The attack looks like a proof-of-concept, to be followed by similar code with more serious impact, or possibly just an experiment that escaped into the wild. Maybe there are other more serious variants that the vigilant anti-virus folk will find in a month or two’s time.

How then can developers protect their machines? Another Reg reader says:

Instead, people should try to ensure the integrity of their development systems. Don’t connect them to the ‘net and don’t play games on them (duh!). Don’t have any foreign executables on them besides the OS and the compiler, transfer the sources there and compile them there. Run some kind of integrity checker to make sure that your compiler distribution hasn’t been tampered with. That sort of stuff.

Good advice, though not trivial to implement. A suggestion for Embarcardero: how about giving some thought to the problem and coming up with an easy means for developers to check the integrity of their runtime library files?

The disturbing aspect of this story is how malware can end up in shipping software from reputable companies; it could even be signed code. How long before something like this ends up in an executable shipped with an operating system itself, maybe with a timed payload so it lies dormant until well distributed?