"Web apps should be able to do anything native apps can"
8O
Only if they are served by Google, one assumes.
Google's Chrome 81 is now in beta, bringing Web NFC support to the browser and extensions to the WebXR implementation to enable Augmented Reality (AR). The purpose of NFC (near-field communication) is to transmit small amounts of data wirelessly, usually by tapping a mobile device against an NFC tag. Web NFC enables browser …
Exactly. There are going to be no problems at all with fake bank and TfL (or other transport) websites because, er, I'll get back to you on that after I tap on this link in this very important email message from my bank to open the bank website and tap my bank card to get my account access back.
Resource hog? None of the TWELVE Chrome processes on my PC is using more than 100MB! That's for 5 tabs.
That said, Firefox has 7 tabs open but needs 'just' 10 processes. However, one of those is using 1.5GB RAM.
New Edge is doing something similar 7 tabs, 15 processes (but that is Chrome based).
A plague on all their houses.
> web apps should be able to do anything native apps can
...So people don't need to click on dodgy attachments anymore, all the malware goodness will be dripping straight out of their browser through compromised sites or tainted ads... Yup, any black hat's wet dream.
Are they really that stupid and conceited to think they will be able to build something which won't be a nightmarish security sieve making look Adobe Flash look like safety incarnate?
It seems to be related to this rise of JavaScript-based 'web apps' and its degenerate offspring: Electron 'apps'. Real developers who can program C or C++ cost money, so instead there's this nice ready supply of 'JS devs' who are cheap as chips and if you just provide them with some JS runtime APIs, they'll whip up an 'app' that'll violate every single native UI & UX behaviour rule and look, but by golly, one can save so much money by developing this way.
But what about 'security' and other good software development practices? Didn't need those for websites with a lifespan of 2 months, so don't need them for desktop apps. Same thing, after all.
I once joked about 'NodeOS', as in an entire OS based around JavaScript soon becoming a thing, before someone pointed out to me that NodeOS has been a real thing for a while now: https://node-os.com/
Welcome to the future :)
Firstly nearly all the security problems I read about, on the web or otherwise, are related to buffer overflows from C or C++ developers so where you get the idea that JS is the source of all the insecurity I don't know.
Secondly all the criticisms you're making about bad developement practice are language agnostic. There are bad developers working in C just like any other language. Competent JS/TS development uses CI with linting tools, unit tests, integration tests, staged environments and more. Those tools prove that what's delivered does what it's supposed to.
A real developer doesn't claim that other developers aren't "proper" because of the language they work in. Real developers know that what's important is patterns and working practices, not clinging to the past and bemoaning change.
> where you get the idea that JS is the source of all the insecurity I don't know
So please allow me to explain: It's not the language that is the problem here (I'm no developer), it's about the privileges: Usually, till now, I did vet any executable running on my computers (and tablets/phones), as best as I could. But here we're speaking about something which anybody can set up somewhere on the web and which will run on my device like it owns it, with me unable to vet it before it's too late. Don't you see the potential for mischief here?
Much like you don't like to give your house keys to any stranger in the street, I don't want unknown and (most of the time) unwanted programs running on my computer, doing whatever they want (which will be rarely to my own benefit). Don't you understand that?
I understand programmers paid to violate peoples' intimacy for profit will be thrilled at this ultimate weapon of mass pwnage in their arsenal, but from the victims' point of view (where I stand) it's just evil, period.
"problems I read about, on the web or otherwise, are related to buffer overflows from C or C++"
The buffer overflows come from the largest problem in all of programming... the lack of type validation. Simple to do, simple to forget. It could be pointed out that supporting a language that really doesn't have validation (JS in browser) in a language that does (C++ in the browser itself) isn't exactly smooth.
Don't worry, WASM brings a new horizon and the jettison of massive JS libraries. For better or worse it is going to happen (Typescript was too little too late).
Thing is, he's justified.
Although skeuomorphic interfaces can't scale to higher DPIs and are (arguably) limited to the real-world objects they are based on, the in-vogue whites and usability issues (where the hell is the scroll bar, is this button disabled or not, unprofessional wild and fugly colors which are also à la mode as well) are a nightmare.
In many ways I agree. There is no excuse for some things and there is no reason that it can't be done better. (UI is my forte). For example I am constantly battling against the trend for grey text on web pages! Terrible to read for some people and if functionality isn't immediately obvious from design then that design has failed. For example on the Reg I can see the Most read section to my right. 3 of the 5 are teal in colour and two black. The teal looks more highlighted. Is that meant to draw my attention to them or to show I've clicked on them? (the latter is the case). In the "My posts" area there are 5 options. Only one of them makes any pretence of being a button (Log out) - why? You could argue that "Edit my details" is just as change making. And if it's to do with Log out leaving the page then why are the "Preview" and "Submit" buttons the same?
Sigh - I'll stop there before I get cross.....