Slashdot Mirror


Firefox - The Platform

Strudelkugel writes "Business 2.0 reports Firefox is becoming a problem for Microsoft. But FF is not just a problem as a browser; its potential as a platform is significant. From the article: 'It all adds up to a business opportunity for startups, established software companies, and Web giants alike. Though Ross and the nonprofit Mozilla Foundation don't stand to make money, Firefox's open platform gives it enormous potential to hatch a new class of applications that live on the desktop but do business on the Web.'"

25 of 589 comments (clear)

  1. Google? by sh1ftay · · Score: 4, Interesting

    Though Ross and the nonprofit Mozilla Foundation don't stand to make money, Firefox's open platform gives it enormous potential to hatch a new class of applications that live on the desktop but do business on the Web.

    Can you say google?

  2. Security of Online Apps a Hurdle? by spin2cool · · Score: 4, Interesting

    Online applications clearly have many benefits, especially with the recent surge in broadband, but adoption and support has been slow in coming. Why is this?

    Well, I think many companies are hesitant to move to online platforms, though, because they feel that it's a security risk. Putting sensitive data on a closed intranet seems safer in many ways, especially to those unfamiliar with encrpytion and other modern security measures.

    1. Re:Security of Online Apps a Hurdle? by Erik+Hollensbe · · Score: 4, Interesting

      I really think you missed the point.

      The tool for the job does not really leave room for an all encompassing smorgasborg of half-assed features.

      The tool for the job is sed, or awk, or perl. It's cp, not mv. It's FreeBSD on the server but not on the Desktop. It's Windows for gaming.

      Really, is this so hard to understand? Are you really advocating that your multi tool have a soldering iron, ball peen and crow hammers, cross-cut and standard tooth saw, and everything else that might be in your belt?

      Frankly, I am concerned with my desktop performing window management and placing things in spots and in ways that make sense. Everything else is just shit and fluff in a nice little glossy package. The OS, being a more complete idea, should be something for a desktop role that makes sense for my needs. It should not be something that's also my first choice for a server, unless it truly merits that.

      Really, how many of you would willingly use X11 if it was not free?

    2. Re:Security of Online Apps a Hurdle? by mrjohnson · · Score: 5, Interesting

      Personally, I have never used or considered using ActiveX since it only runs on Windows. What I know is it's a program, usually Visual Basic cab file, running within the browser. There have been several security problems, mainly stemming from the fact that once running, it has programatic access to the whole computer.

      Other than the security issues, and that it only runs on Windows and within IE, I understand it's generally a pain to work with and debug. But it does allow you to run programs on the client and use normal Windows widgets in your design. Painfulness is measured differently by me than somebody who programs for Windows. I imagine they would disagree.

      Somebody will correct me if I'm wrong on the ActiveX details here, I'm sure. :-)

      XUL is meant for addressing the same problem -- bad interfaces on the web, but it takes a drastically different approach. The dialogs are described by lightweight XML files that are pretty painless to develop. The client programming is done in Javascript, which is not as bad as it sounds. The main problem Javascript faces is cross-browser support, which is negated by only using gecko. There's also a decent Javascript console which make it a lot easier to fix script errors in Mozilla than in IE.

      The main advantage is everything is still done on the server, only a little user interface junk is left to the client to handle in Javascript, which is arguably where it belongs. You'd do the same in a normal webapp, write html and use Javascript to manipulate objects for a better user experience.

      Also, I've seen far too many ActiveX programs that do database access from the client, for example. Typically, there's no security or verification of who's doing what at that level, a difficult thing to get right in any client. Often times you can take the ActiveX object and use it's own objects to access the database and change whatever you like. XUL leaves all of that up to the server which makes it easier to manage and more difficult for bad programmers to leave gaping security holes.

      Anyway, there's no 'trusted' environment. All companies should prevent internal users from abusing the system. :-)

  3. November 9 lauch day by solferino · · Score: 4, Interesting

    Blake Ross's minimal website reveals that November 9 is the day we "take back the web" i.e. the launch date for Firefox 1.0.

  4. Firefox as a platform... by OneDeeTenTee · · Score: 4, Interesting

    Is it possible that we could see a distributed OS where Firefox on one computer acts as an interface to multiple computers which act in concert to "simulate" a much more powerful machine?

    No this would not be a beowulf cluster.

    The maximum amount of processing power available to any one process would be limited to the fastest machine in the group, but it could be useful for anyone who can give thier computer difficult tasks faster than the computer can complete those tasks.

    Every new task would be automatically given to whichever node has the lightest load.

    --
    Stop the world; I need to get off.
  5. sshh by guet · · Score: 5, Interesting

    Yet here was Andreessen publicly proclaiming in the summer of 1995 that Netscape's plan was to reduce Windows to "a poorly debugged set of device drivers." "They didn't save it up," Myhrvold said. "They fucking pulled up alongside us and said, 'Hey, sorry, that guy's already history.'"

    "The tactic drove Redmond into a rage. The day after Andreessen's quote appeared in the press, John Doerr, the prominent venture capitalist and Netscape board member, received a chilling email from Jon Lazarus, one of Gates' key advisers. In its entirety, it read: "Boy waves large red flag in front of herd of charging bulls and is then surprised to wake up gored."

    from Wired

  6. Re:let it be just a browser by mikael · · Score: 3, Interesting

    as soon a browser reach a bit of popularity, everybody seem to try to have it substitute his OS. why can't it just be a browser???

    Because in the corporate environment, system administrators are completely fed up of the constant battle with spyware, adware, trojans, email spam, viruses and popups that users inadvertently download while using web based applications (E-mail, web browsing). Since at least one of these applications is web-based, having a secure browser is manna from heaven. And as the other applications (calendar/diary, group conferencing/whiteboard, voicemail) need network access anyway, there is no reason why these shouldn't be accessed through the same browser. If all of this is possible, then it eliminates the need for all the applications to be stored/run on a PC, thereby eliminating the need to buy licenses for the "professional" release of a certain OS whose vendor maintained a web browser is a basic part of the OS.

    --
    Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
  7. Huh? Who isn't online yet? by Ars-Fartsica · · Score: 4, Interesting

    Your bank? Check. Your brokerage? Check? Your government? Check. Your doctor? No, but thats because your doctor is still using Win95 and Office 97. Once someone consolidates the IT operations of law offices and medical practices, this will happen too...the cost of handling paper records is killing these industries.

  8. Re:Mozilla? by FuzzzyLogik · · Score: 4, Interesting

    a development platform doesn't necessarily mean operating system. look.. the idea is simple, write your code in XUL + javascript using the backend of Mozilla and 99% of that will work on every platform that mozilla/firefox already support. write once, run in all those other places... it's not an OS, it's a development platform. why does everyone think it'll become an OS? Seriously.

  9. Re:What about security? by darnok · · Score: 4, Interesting

    Your points are valid, but I can see a potentially huge market for Firefox in intranet applications. Many browser vulnerabilities are simply irrelevant in an intranet context, where users' PCs are already locked down.

    Most/all large customers have internal-only applications that have been client-server or n-tier with a custom front end. These apps tend to be brutal to deploy, particularly the front-end, as they are prone to DLL hell and various interdependency issues with other applications (it'd be nice if a customer's IT was mandated to only ever use version X of app Y to develop all apps, but that never is the case). In many cases, customers have resorted to deployment "hacks" such as deploying these front-ends to a small number of servers, then using e.g. Citrix terminal services to expose them to their users.

    Enter Firefox and other Mozilla browsers. Now it's practical to build your front-end GUI using XUL and related stuff, and have it talk to the backend over sockets, XML-RPC, SOAP, etc. The only thing that gets deployed to the end user is the Firefox/Mozilla/etc. browser (plus possibly a few addons, typically JavaScript), which is self contained and very easy to deploy.

    This is a potentially huge market, which is why MS is keen to grab it with Avalon. Unfortunately for MS, Mozilla is here now and Avalon is over a year away; Mozilla is easy to deploy, and Avalon will presumably be bundled with Longhorn and all the installation/testing issues that go with it.

    Finally, I suspect that it will be relatively easy to develop an XUL-based app solution and later retrofit it to Avalon using XSLT and not a huge amount of extra effort - an investment in Mozilla app development now *won't* be lost if a later decision is made to jump to Avalon.

  10. IE7 by LordMyren · · Score: 4, Interesting

    Why hasnt IE been updated in so long?

    Because IE7 was the biggest threat to microsoft. They nearly built open standards which would have let their users to everything as webapps. The only problem is they didnt have any lock-in.

    Thats why IE7 team was stomped into the ground and we havent seen or heard a major release since Win2000.

    Someone dig up some of those random facts i once had on this subject please? IE7 was a strong active dev team doing neat stuff. Then they were axed.

  11. Re:Worries me.. by jsebrech · · Score: 3, Interesting

    Problem with this 'We can do more' attitude is that you could end up with serious bloat for simple software.. like your web-browser being a 20mb download and supporting everything under the sun.

    Firefox is not a 20 meg download, it is a 6 meg download, which is lean enough for my tastes. And for all intents and purposes, it already is the platform they want it to be, with the browser merely yet another app running on top of the platform, written in javascript, xul and css. So it is not going to bloat. In fact, it has been steadily shrinking/speeding up, and will continue to do so.

    On a wider level though, the paradigm shift is inevitable. Historically the market has always demanded richer web apps in waves, and the browser maker which responded best won out marketsharewise. Now we see again the market complaining browsers are too dumb, asking for the ability to deliver desktop-quality apps to the browser. To not become a broader platform at this point is suicide marketsharewise. Even microsoft, who has tried desperately to avoid having the browser become a generic app design platform because it would make the OS less relevant, recognizes this and is launching their XAML initiative partly to focus attention away from the platforms that already exist, and partly to have something in the fray they can push at those wanting richer web apps.

  12. Re:What about security? by DigitalRaptor · · Score: 4, Interesting

    I agree totally.

    To say FF is more buggy and less secure than IE because of the number of bugs found is higher is as stupid as it is inaccurate.

    I spent 4 HOURS at my inlaws house on Saturday removing OVER 800 different bugs and viruses (750 removed by Ad-Aware, 50+ had to be removed by hand) from their XP machine. I would never have believed it if I didn't see it.

    This is an old man and an old woman. ALL they do on that computer is suck in pictures from their camera, read email, and occaisionally surf the web. They never download and install programs.

    Firefox is infinitely more secure than IE in real world usage. The vast majority of bugs are only minor issues and do not lead to the entire computer being owned.

    Compare that to IE, where the vast majority of bugs ARE doozies and DO lead the machine being compromised. Tying IE so deeply into the OS was the stupidest thing MS could have done. I'd like to send them a bill for my 4 hours, just to see if I get a response.

    --
    Lose Weight and Feel Great with Isagenix
  13. Re:no, the cat HASN'T got my tongue. by XMyth · · Score: 3, Interesting

    Actually, now you can embed .NET controls in webpages. Would be an alternative to ActiveX.

    Speaking of which....would be nice to see a Firefox extension which can embed .NET controls using Mono on *n*x. May be a security risk, but it'd just be an extension and would allow intranet apps built using it to run on *n*x

  14. SlashHack by graveyhead · · Score: 3, Interesting

    (see my sig)

    SlashHack is a cool example of an app written on top of the Mozilla platform.

    The article is correct Firefox (really Moz as others pointed out) is a fantastic development platform.

    The technology is especially cool for me: I wrote a system in 2000 for a client that positions Java Swing widgets using XML, in order that the app could support pluggable skins. I view XUL as the ultimate application of that architecture. A fantastic decoupling of logic and presentation.

    --
    std::disclaimer<std::legalese> sig=new std::disclaimer; sig->dump(); delete sig;
  15. Re:A few really good Apps could make the differenc by IGnatius+T+Foobar · · Score: 3, Interesting

    That's a great demo. But the first thing I thought when I saw it was, "Damn, when Microsoft inevitably steals this and puts out their own version in the form of XAML, we in the non-Microsoft world are going to have a really hard time keeping our platform software relevant and viable."

    We've got to get this stuff out there and widely used before Microsoft does. The very future of computing is probably at stake.

    --
    Tired of FB/Google censorship? Visit UNCENSORED!
  16. Same Threat - Different Date by Nom+du+Keyboard · · Score: 3, Interesting
    But FF is not just a problem as a browser; its potential as a platform is significant.

    This was the Netscape threat of 5 years ago. That Java enabled apps running under Netscape would destroy Microsoft/Windows because any platform that that could support Netscape would run everything else as well.

    Didn't happen then. Don't hold your breath yet now.

    --
    "It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
  17. works for us by Gunark · · Score: 5, Interesting

    I work for a company that develops intranet-type applications for big mega corporations here in Canada. We've been developing and deploying apps written in XUL/JavaScript + PHP or Python for almost a year now... so far so good. Surprisingly (or maybe not surprisingly) no one has complained about the forced switch to Firefox. In fact we tend to get thank you emails gushing with compliments about Firefox :)

    XUL is here, and it works. Having all of the advantages of web-based deployment, while being able to use proper user interface elements is a godsend.

    1. Re:works for us by Glabrezu · · Score: 3, Interesting

      well, not exactly our experience here. We have been trying to develop a system using XUL and JavaScript but we ran in multiple problems, that required almost always some kind of work around.

      Don't get me wrong, I do think there's a LOT of potential in XUL. Specially, XBL has been wonderful to develop some data binded components that saved us a lot of time in the long run, and they were quite easy to develop.

      However, theres a lack of maturity in some of it features that make them look as it they were an after thought, or just not really well designed. Templates have a lot of limitations, remote XUL just doesnt work right (or at least the docs that explain how to sign components are just too outdated), many errors result in segfaults (agree, the problem was in how we were using some components, but you shouldn't segfault in any case!!), theres no clear separation between components and services (I really don't understand why they don't share a common interface!), XBL lacks of obvious things (like a script tag, please). And honestly, javascript sucks to structure your code... we had to implement an include () directive to import other .js, there should be a way to do that in the language. And, there should be support for other datasources besides RDF.

      And the worst part is that there are not many apps developed in XUL, so documentation (specially about XPCOM components) is really scarce. The reference is OK (most of the time), but you dont have a single example for most of the XPCOM components. A search in google usually returns C/IDL headers from the mozilla implementation or the reference at xulplanet ;).

      I really hope XUL development speeds up. Its really a good platform, and the separation between presentation/data/logic really shows up. But as it is, its darn difficult, and slow, to develop for it (at least till you know most of the work arounds).

      By the way, has anyone developed both in Luxor and mozilla XUL and have some insights in their pros and cons? (besides what the luxor page says, which of course I wont believe until I try it :P).

      --
      Santiago
  18. Not unti l XUL is beyond just mozilla by Ambassador+Kosh · · Score: 4, Interesting

    Overall I can't see how doing stuff with XUL is a good idea until other systems support XUL also. The point of web based apps isa freedom to change at any time. If you write to XUL you have locked yourself in to one rendering engine essentially. If xul worked with khtml and opera then I would not have this problem.

    I want to have the freedom that web based apps give me and my customers not remove that freedom. Tieing myself to one browser engine does remove that freedom. Right now if I do regular html, css etcthe stuff works pretty much everywhere under almost any kind of device. With XUL I would lose that freedom and it is important.

    --
    Computer modeling for biotech drug manufacturing is HARD! :)
  19. Re:no, the cat HASN'T got my tongue. by Anonymous Coward · · Score: 5, Interesting

    Three years ago I had a fairly full function IDE for creating XUL applications working in Mozilla (project creation, form designer etc.). It was written in XUL+CSS+Javascript+RDF+XML.. I even demonstrated it at Netscape in Mountain View - Zero interest. At that time Netscape was entirely engaged in finishing the Browser, nothing else mattered.

    The problem is that Mozilla was designed as a platform to develop a browser (unsurprisingly), not a platform to develop applications. I believe they were wrong in this decision as they could have finished the project sooner if the platform had been powerful enough to bootstrap itself. Unfortunately the rush to finish the browser lead to a mish-mash of api's which treat HTML, XUL, XML and now probably XHTML documents entirely differently. For example, some api's had a large number of unimplemented functions. Embedding HTML documents in XUL or visa-versa led to bizarre problems. Also the parsers did not have a round-trip mode in which DTD, entities, comments, CDATA etc. were preserved. Writing an XML editor was an exercise in frustration.
    Application development in Mozilla/Firefox is possible. However, I believe that the current technologies seem to have been designed for excessive hand crafting - lots of exceptions and hard to comprehend mechanisms for overlaying functionality. Robert Ginda's excellent Javascript debugger was a labor of love and a triumph over adversity. It shouldn't be that hard.

    Unless Mozilla.org has had a change of heart, MS has nothing to worry about.

  20. Not until... by seguso · · Score: 3, Interesting
    IMHO, as long as Microsoft is allowed to offer Internet Explorer as a default, Firefox will never reach a sufficient market share to have vendors use it as a platform.

    The law has to realize that a (monopolist) operating system must not be allowed to bundle a file browser, a web browser, a multimedia player, a firewall, an instant messenger, and any other kind of software which someone else may want to sell. Otherwise that dominant position of that monopolist will be self-reinforcing.

    We are spectators to the same phenomenon that happened on the earth, where a completely unregulated natural selection took place: humans have come to such a dominant position that other animals simply cannot compete with them anymore and have no way to invert the dominance. They are only free to adapt to niches that are of no interest to humans. (like MacOSX and Linux are doing)

    There is a degree X of dominance that, when crossed by a species S, allows S to stay dominant, if no regulation happens. This has happened on the planet earth but must not happen in the market.

    So we can only prevent monopolists to include products by default. Of course some users like to buy a product that does all those things out of the box, but 1. that desire is not necessarily to be fulfilled, because there may be more pressing matters, 2. the installation of products could be made embarassingly easy if you really want to. One click.

    Modularity is the key.

  21. Some maybe Most are getting confused... by vivehosting · · Score: 5, Interesting
    Alot of people are confused about the facts and the potential of Firefox, even the ones that use it. First, let me just say to those who claim IE is faster... IE loads up faster initially, but Firefox renders faster. Unless you are the type to go to a website, close the window, open ie, go to a website, and so on. Firefox is going to be a much faster solution.

    I've been noticing more here than anywhere else that some are confusing Firefox with the Mozilla Suite(Someone even mentioned being a user of FireFox 1.7.3). Firefox is not bloated and will never be bloated. Extensions are optional and if you are like me, you would only be installing about 5 small features to the default installation. The option is there to bloat to your wishes though ;).

    Now the potential as a platform isn't really going to be Firefox. It's starting with firefox, and will become popular because of firefox, but the platform is under development as the XUL Runtime Environment (XRE). This is where the magic starts.

    One will be able to develop executable applications seperate from Firefox that automatically run on Windows/Linux/Mac. Right now, noone wants to tie their developments to a browser although a few like to tinker with it on their own. When the XRE is released, people will then actively develop XUL/Javascript applications with an optional backend of their choice. You will be able to create .exe applications. You can make those one-click installations someone mentioned somewhere here. No need for the browser although the browser can be used if you want to. Bad news is the XRE isn't being actively developed as Firefox is. So, who knows when they'll release it. But when they do, Firefox, Thunderbird, etc will be complete XUL/Javascript Applications that run using the XRE and GRE. I don't know much about GRE, but that's most likely going to stay browser-specific, although I'm probably wrong.

    I'm one of the people who has starting learning XUL and such, and although I have big plans for it. I do not plan on coding for a browser ;) XRE all the way!

  22. a quick trip down OS theory lane by Moraelin · · Score: 3, Interesting

    A native program running in a well designed OS is just as secure as Java.

    That's why, for example, we used to let 20+ students at terminals at a mainframe or mini, in universities for example. They could run whatever programs they wanted on that machine, including their own code and including stuff they found on a hacker BBS. And in fact in all CS universities they're _supposed_ to program on those machines. Yet none of them came anywhere _near_ owning the machine.

    The concept that a program once running on a machine automatically can retrieve or overwrite _all_ data, format the drive, or generally even blow an alien mothership up, is (A) Hollywood idiocy, and (B) never true except for the simplest single-user OS's like Win'95.

    Or to put it otherwise: what do you tell Unix users? "Don't run as root except to install programs or other admin tasks. Especially don't go online as roo." Then they ask: why? "Because if someone takes control of the program via an exploit, they can't do as much harm if it doesn't run as root."

    For all practical purposes, a modern OS is (or could be) just as virtualized as any Java sandbox. Programs no longer run directly on the bare metal, like in the days of DOS. (Which was barely a program loader.) They have to go through the OS to do _anything_. Including, but not limited to, reading or writing files, opening TCP/IP sockets, installing stuff.

    Heck, even directly accessing RAM from other apps or directly poking machine ports can be blocked when running on a 386 or above (and _is_ blocked when you don't have kernel access).

    Basically when running an app on a 32 bit CPU it can be as sandboxed as you want it to be.

    E.g. don't want them accessing files? That's trivial. Just run them as a different user that can only access its temporary directory.

    So ActiveX _could_ work, and it _could_ be extremely secure. Maybe not on Windows, and maybe not implemented by MS. I'll concede that point. But at least theoretically it can be at least as safe as Java, and without needing users to download 100 MB plugins that get wantonly changed by Sun.

    --
    A polar bear is a cartesian bear after a coordinate transform.