by: Cliff Tan
Introduction
Notwithstanding the fact that the topic of HTML 5 has been discussed as part of the course, I hope this blog post will introduce some new features of the improved markup language, offer new perspectives on future developments, and educate everyone on the security issues involved.
The official completion date for HTML5 specification set by W3C is July 2014. But as web developers (or publishers of the web), the completion date does not really matter much since many browser vendors have already begun implementing parts of it. Users of the various browsers tend to update frequently. Plus, even after July 2014, there will still be a need for code that caters to browser incompatibility issues (such as those by Internet Explorer). Since the HTML standard constantly evolves, the best advice for developers is to get in the game early on.
New Features
The new markup language has gotten smarter in terms of syntax. Developers will enjoy these following conveniences.
No longer required to use self-closing tags:
<img src=”sample.jpeg”/>
<img src=”sample.jpeg”>
No longer required to use quotation marks for attributes:
<img src=”sample.jpeg”>
<img src=sample.jpeg>
Markup is now case insensitive:
<img src=sample.jpeg>
<ImG SrC=sample.jpeg>
There are also new changes for semantic elements as shown in the following images. Sections and parts of a web page layout will more easily and clearly defined.
The Google supported html5rocks.com website features multiple demos and example codes for the features of HTML 5. Here is a list of demos which I personally feel will be most impactful and garner most popularity amongst developers.
- Audio & Video demo: http://slides.html5rocks.com/#video-audio
- Canvas 3D(WebGL) demo: http://slides.html5rocks.com/#canvas-3d
- SVG demo: http://slides.html5rocks.com/#svg-example-slide
- Web Font support demo: http://slides.html5rocks.com/#web-fonts
- Speech Input: http://slides.html5rocks.com/#speech-input
- File Drag In and Out: http://slides.html5rocks.com/#drag-in
- Web Storage: http://slides.html5rocks.com/#web-storage
- Application Cache: http://slides.html5rocks.com/#app-cache
How HTML5 might influence future developments
How HTML5 might influence future developments
Flash versus HTML5
Since its early 2010 iterations of phone and tablet devices, Apple has begun omitting support for Adobe Flash for its mobile devices and opted to use HTML 5, CSS and Javascript instead.The late Steve Jobs published a page on Apple's website stating his reasons for doing so. Although Adobe initially maintained its support for flash, it eventually ceased development of its Flash player for mobile devices and instead became focused on creating developer tools for HTML 5.
Although video playback on Youtube requires the Adobe Flash Player plugin to be installed on the user’s browsers, Youtube has begun supporting HTML5 video playback as an experimental feature since 2010. Users can opt-in to join the trial and videos can then be viewed without requirement of the Adobe Flash Player or other plug-in to be installed.
Although it might take many years for Flash to be gradually phased out and for HTML5 developer tools to mature, it is fair to say that HTML5 will be the next standard for developing and delivering interactive and multimedia content.
Native Mobile Applications versus HTML5
My thoughts are that as web developers get familiarised with HTML 5 based technologies, they will shift away from native mobile application development platforms towards building HTML 5 based interactive mobile web applications. Let me explain why is this so.
In August 2011, the Financial Times(FT) withdrew their IOS applications for IPhones and IPads from the IOS App Store after disputes with Apple over ownership of customer data and revenue sharing. Apple insisted that sales (such as subscription fees collected from users from FT) must occur over its App Store - an arrangement that would give Apple ownership of the customer data and a 30% cut of the revenues. For FT, the withdrawal meant a loss of 10% of its digital subscriptions which was generated by its IPad application. In place of IOS applications, FT launched a HTML5 based web application in June 2011 to serve content to their subscribers using IOS devices.
Within ten months of its release, the new web application had attracted more than two million users. This traffic is significantly greater than what the previous native IOS apps had. Managing Director of FT, Rob Grimshaw commented that the key strength of the web app is that it can be rapidly tweaked and launched for new devices when they are brought to market. Through the success of FT’s HTML 5 based web application working as a substitute to its IOS app, it can be seen that HTML5 will continue to significantly have an impact on the future of mobile applications by being an attractive alternative platform.
However at its current level of browser support, HTML 5 is not a bed of roses. Take Facebook for example, one industry analyst from BusinessInsider.com have commented that Facebook’s one billion dollar purchase of Instagram was to undo its bet on HTML 5 - a bet that saw Facebook lose millions of users to the popular photo sharing application due to the poor performance of HTML 5 on which Facebook’s mobile web app was coded with.
Facebook has called for improvements to be made on HTML 5 support on mobile browsers and formed the W3C Community Group. But Apple and Google have refused to join. The reason is simple, if mobile browser support for HTML 5 on the IOS and Android platform lags, end users would have a better consumer experience through native applications available on the respective app stores - which are channels that both vendors use to monetize payments and earn revenue.
Despite Apple and Google’s open commitment to HTML 5, they have a vested interest in seeing HTML 5 lag behind. It still remains to be seen on how the mobile application space will play out in the future.
Windows 8 and HTML5
The next major release of the popular Windows operating system will be Windows 8 which is set to be released by the end of 2012. With the Consumer Preview already released on Feb 29 2012 and another Release Preview slated for early June 2012, early adopters and application developers are already experimenting with the new Metro User Interface - a finger friendly, full screen tablet like operating system.
This all ties back to our topic because Microsoft has built a new development platform based on HTML 5 and Javascript. Developers can now leverage their experience of building for the web to develop new Windows 8 Metro applications. The code for a native Windows 8 Metro "hello world" application is simply:
Over the years, Microsoft developers have invested time, effort and money into the platform. There is a myriad of developer tools and frameworks available. Some of these include Win32 (Windows API), COM (Component Object Model), MFC (Microsoft Foundation Class), ATL (Active Template Library), Visual Basic 6, .NET, WinForms, WPF (Windows Presentation Foundation) and Silverlight. With the new support for HTML 5 in Windows 8, it will be interesting to see whether Microsoft will still support some of these developer tools and framework.
Take Silverlight for example, with all the HTML 5 evangelism that Microsoft is doing, it is likely that they are trying to wean developers off Silverlight and get more HTML 5 based applications into its Metro app store. The most likely outcome would be for Microsoft to continue supporting Silverlight through new versions of Visual Studios; at least until developer tools for HTML 5 has reached sufficient maturity.
Security Aspects of HTML 5
HTML 5 is powerful as it provides for new functions to web designers that were previously possible only with Adobe Flash or complicated JavaScripts. As it allows web designers to better exercise their creativity in developing interactive content, it will similarly allow malicious users to get creative with their attacks. Proponents of HTML 5 have highlights how it could potentially boost web security. Since if it is known that the number of plugins installation required is zero, users will be less likely duped into downloading malicious ones. However, other analysts say more needs to be done.
Robert McArdle, a senior threat researcher at Trend Micro, outlined various new attacks made possible by features in HTML 5. With the new markup language, browser-based botnets and other attacks could be performed by malicious users. When an attack is browser based, multiple platforms ranging from a Windows OS machine to an Apple IOS smartphone will be susceptible to the platform neutral code. Hence, we can expect malware to be much more devastating than it is today.
With web notifications being fully customisable using HTML code in the new standard, new interaction possibilities can give way to enhanced social engineering techniques and attacks. Phishing attacks can also get more sophisticated. Below is an example of how such an attack may be carried out.
Of the many new features associated with HTML 5, a new set of Geolocation APIs are also released. With mobile device technologies underpinning smartphones and tablets being continuously updated, there are no signs of mobile penetration rates slowing. With more people surfing the web from their mobile devices, Geolocation allows web designers to better personalise content which users can match to their surroundings. However this new feature also presents new opportunities for malicious hackers. Since it is browser based, traditional checks and approval mechanisms applied in mobile application stores such as IOS Appstore and Android Marketplace will be futile. Security settings will need to be user based and this rarely works out well. Once permission is granted, a malicious site will not only be able to locate the victim, but also perform real time tracking as the victim moves about throughout the day.
The growing market share of the Apple Mac computer has translated into more malware on the platform. The recent 2012 Flashback malware has infected hundreds of thousands of Macs and has led Eugene Kaspersky - CEO of the Kaspersky security firm, to comment that Apple is ten years behind Microsoft in terms of security. Drawing a parallel to HTML 5, the security challenges will only increase in the future. With HTML 5 being platform agnostic, a security issue might require the joint efforts of different browser vendors to resolve. The scenario of each browser vendor promoting security features as they try to grow their respective user base/market share in the future is also not a far fetched one.
Sources
FT pulls app over customer data dispute with Apple
Retrieved on April 26 2012 from http://www.bbc.co.uk/news/business-14734911
Financial Times iOS web app tops 350k users since launch
Retrieved on April 26 2012 from http://www.guardian.co.uk/technology/appsblog/2011/aug/05/financial-times-ipad-mobile-apps
Financial Times passes 2m users for its HTML5 web app
Retrieved on April 26 2012 from http://www.guardian.co.uk/media/appsblog/2012/apr/24/financial-times-web-app-2m?newsfeed=true
Financial Times app pulled from iOS after compliance dispute
Retrieved on April 26 2012 from http://www.zdnet.com/blog/btl/financial-times-app-pulled-from-ios-after-compliance-dispute/56849
Betting $1 Billion On Instagram, Facebook Backs Away From HTML5
Retrieved on April 29 2012 from http://articles.businessinsider.com/2012-04-09/tech/31311341_1_android-new-apps-iso
Facebook Says “Yo Google and Apple, HTML5 Apps Will Suck Until Your Mobile Browsers Improve” Retrieved on April 29 2012 from http://techcrunch.com/2012/04/20/facebook-google-apple-html5/
Introducing the Mobile W3C Community Group
Retrieved on April 29 2012 from https://developers.facebook.com/html5/blog/post/2012/02/27/introducing-the-mobile-w3c-community-group/
The Web is Reborn
Retrieved on April 20 2012 from http://www.technologyreview.com/printer_friendly_article.aspx?id=26565
Microsoft slates Windows 8 'release preview' for early June
Retrieved on April 21 2012 from http://www.computerworld.com/s/article/9226514/Microsoft_slates_Windows_8_release_preview_for_early_June
Programming Windows 8: The Sublime To The Strange
Retrieved on April 22 2012 from http://odetocode.com/blogs/scott/archive/2011/11/29/programming-windows-8-the-sublime-to-the-strange.aspx
Windows 8 HTML5/JS Comment Causes Panic Among Developers
Retrieved on April 23 2012 from http://www.osnews.com/story/24846/Windows_8_HTML5_JS_Comment_Causes_Panci_Among_Developers
Why Microsoft has made developers horrified about coding for Windows 8
Retrieved on April 23 2012 from http://arstechnica.com/microsoft/news/2011/06/html5-centric-windows-8-leaves-microsoft-developers-horrified.ars
Ghost of HTML5 future: Web browser botnets
Retrieved on April 19 2012 from http://www.theregister.co.uk/2012/04/27/html5/
HTML5 - The Bad
Retrieved on April 19 2012 from http://blog.trendmicro.com/html5-the-bad
Security Aspects of HTML 5
HTML 5 is powerful as it provides for new functions to web designers that were previously possible only with Adobe Flash or complicated JavaScripts. As it allows web designers to better exercise their creativity in developing interactive content, it will similarly allow malicious users to get creative with their attacks. Proponents of HTML 5 have highlights how it could potentially boost web security. Since if it is known that the number of plugins installation required is zero, users will be less likely duped into downloading malicious ones. However, other analysts say more needs to be done.
Robert McArdle, a senior threat researcher at Trend Micro, outlined various new attacks made possible by features in HTML 5. With the new markup language, browser-based botnets and other attacks could be performed by malicious users. When an attack is browser based, multiple platforms ranging from a Windows OS machine to an Apple IOS smartphone will be susceptible to the platform neutral code. Hence, we can expect malware to be much more devastating than it is today.
Financial Times iOS web app tops 350k users since launch
Retrieved on April 26 2012 from http://www.guardian.co.uk/technology/appsblog/2011/aug/05/financial-times-ipad-mobile-apps
Financial Times passes 2m users for its HTML5 web app
Retrieved on April 26 2012 from http://www.guardian.co.uk/media/appsblog/2012/apr/24/financial-times-web-app-2m?newsfeed=true
Financial Times app pulled from iOS after compliance dispute
Retrieved on April 26 2012 from http://www.zdnet.com/blog/btl/financial-times-app-pulled-from-ios-after-compliance-dispute/56849
Betting $1 Billion On Instagram, Facebook Backs Away From HTML5
Retrieved on April 29 2012 from http://articles.businessinsider.com/2012-04-09/tech/31311341_1_android-new-apps-iso
Facebook Says “Yo Google and Apple, HTML5 Apps Will Suck Until Your Mobile Browsers Improve” Retrieved on April 29 2012 from http://techcrunch.com/2012/04/20/facebook-google-apple-html5/
Introducing the Mobile W3C Community Group
Retrieved on April 29 2012 from https://developers.facebook.com/html5/blog/post/2012/02/27/introducing-the-mobile-w3c-community-group/
The Web is Reborn
Retrieved on April 20 2012 from http://www.technologyreview.com/printer_friendly_article.aspx?id=26565
Microsoft slates Windows 8 'release preview' for early June
Retrieved on April 21 2012 from http://www.computerworld.com/s/article/9226514/Microsoft_slates_Windows_8_release_preview_for_early_June
Programming Windows 8: The Sublime To The Strange
Retrieved on April 22 2012 from http://odetocode.com/blogs/scott/archive/2011/11/29/programming-windows-8-the-sublime-to-the-strange.aspx
Windows 8 HTML5/JS Comment Causes Panic Among Developers
Retrieved on April 23 2012 from http://www.osnews.com/story/24846/Windows_8_HTML5_JS_Comment_Causes_Panci_Among_Developers
Why Microsoft has made developers horrified about coding for Windows 8
Retrieved on April 23 2012 from http://arstechnica.com/microsoft/news/2011/06/html5-centric-windows-8-leaves-microsoft-developers-horrified.ars
Ghost of HTML5 future: Web browser botnets
Retrieved on April 19 2012 from http://www.theregister.co.uk/2012/04/27/html5/
HTML5 - The Bad
Retrieved on April 19 2012 from http://blog.trendmicro.com/html5-the-bad
No comments:
Post a Comment