Nothing is stopping you from installing your own web server and use these apps on your intranet. But most people don't like paying thousands of dollars for software anymore.
Nor do they like paying thousands of dollars over the course of several years for a subscription that allows access to what FSF calls "service as a software substitute". Just because it's on the web doesn't mean it's available without charge.
The only required difference between the traditional applications you're accustomed to and Web Assembly applications is that Web Assembly applications don't have to be installed.
I have gathered that many users of Slashdot actually want the barrier of installation because it protects a user from code that he hasn't explicitly chosen to run. Some even want the barrier of compilation because distributing source code to the public discourages underhanded behavior by putting a program's developer on notice that any third party could audit the code.
Both do the work locally, and can save the work locally - even on a device with no network connection.
I thought web applications were subject of a quota of 5 MB of local storage per origin. You aren't going to be able to fit a lot of video into that, unless by "video" you mean a vector or sprite animation analogous to what people used to use Macromedia Flash to build. When was this increased?
In theory, one could extend LibreJS to support WebAssembly. In practice, I imagine few major for-profit web sites would bother to support LibreJS, particularly because all major web ad networks track users from one site to another using proprietary JavaScript.
The first difference I see is that wasm is not encumbered by Oracle's licensing restrictions. In addition, wasm is designed such that traditionally unmanaged languages like C++ can compile to it, whereas the JVM and CLR impose type system constraints that make it hard to define how to compile something like standard C++.
a WebAssembly VM will be a common feature on all OSs, and most scripting languages can then simply transpile down to this. Do something similar with generation of LLVM bytecode, and you can remove the need for actual binaries for most purposes, and also tweak OS designs so that many security properties can be enforced at the language level more easily
That's what the experimental Singularity operating system tried to do, except with.NET IL instead of WebAssembly.
But at least WebAssembly will allow use of languages that currently compile to native code, unlike.NET that required changes to popular languages to get them to work. For example, Microsoft's C++/CLI is set of extensions to the C++ programming language to allow creating managed code. But the syntax for arrays, pointers, and references differs between the unmanaged and managed "worlds". This means a program intended to compile in both a standard C++ compiler and the verifiably type-safe subset of C++/CLI (/clr:safe) can't use arrays, pointers, or references, which more or less restricts the common subset to programs not much more complex than Hello World. In fact, not even that works as advertised because most of the C++ standard library is missing in the verifiably type-safe subset.
I agree about removing Flash Player from the mainstream web. Almost everything modern has moved to HTML5 technologies. Classic animations and games, such as those found on Newgrounds, Dagobah, Albino Blacksheep, Homestar Runner, or Weebl's Stuff, can be run in a specialized browser in a virtual machine.
But Flash is more than Flash Player. Without Flash, what timeline-based graphical tool do you use to author an SVG or Canvas animation? Typing the coordinates of each vertex of each keyframe into a text editor is unlikely to cut it for animations of more than trivial complexity. Is Synfig any good yet?
The old "web browsers don't support standards the same way" problem strikes again.
But it's still probably a lot less effort to port a web app from Chrome to Firefox or vice versa than to port, say, a macOS app using Cocoa to Windows.
But a longer answer is: 99.999% of the Javascript out there is not slow but waiting on some server to send back content.
You'd be surprised at how much time the browser spends running ad exchanges' "real-time bidding" processes, collecting bids from a dozen different ad networks for each ad unit on a page just to eke out a larger fraction of a cent. On the weaker ARM or Atom CPUs of compact laptops, tablets, and smartphones, adtech scripts often cause the web content process to take a whole core for several seconds.
But I don't *WANT* to do that shit in a web browser. I want it to live on my local computer
What's better: using a JavaScript or WebAssembly app in a web browser, or not being able to use an app at all because it's native but doesn't happen to have been ported to your device's operating system?
There are only two possibilities: either the programmer in question is a hobbyist, or a pro.
My question was about the transition from the first of these "two possibilities" to the second. But first, let me make sure we agree on definitions. To me, a "professional" means one who has been paid for his work in a particular field. Am I right? Or are you instead defining it as one who seeks to be paid for such?
I thought one's project to become a professional had to be done with hobbyist tools in order to afford professional tools for the next project. The only ways I can see around this are A. to earn money for the required tools in a day job in a different industry, or B. to release hobby projects to establish one's reputation and then crowdfund the tools needed for a simultaneous 5-platform release of one's first professional project. Which one is more practical?
If the former, then Virtualbox (or whatever other emulator/virtualization system is applicable) would be fine.
I thought it was copyright infringement to run macOS in "VirtualBox (or whatever other emulator/virtualization system is applicable)" on anything but a Mac.
If the latter, then two phones and a Mac Mini is affordable.
Do you consider it a desirable state of affairs to give Apple a monopoly over computers used by developers? If so, why is this an exception to the inefficiency of monopoly?
instead of buying certain to be backdoored Intel, my next laptop will be a Pinebook, using entirely free software with no firmware blobs
Say I wanted to switch from my current compact laptop, a Dell Inspiron mini 1012 with an Intel Atom N450 CPU, to a Pinebook. My current workflow includes applications that are made for Win32 API and distributed as free software, such as FCEUX (debugging version), FamiTracker, and Modplug Tracker. (A port of FCEUX to SDL exists, but unlike the Win32 version, the SDL version lacks a debugger.) Currently, I run them acceptably in Wine. How easy is it to, say, recompile them to use Winelib for the Pinebook's ARM Cortex A53 CPU?
And then compile the game made in SDL and OpenGL for which of the five platforms?
Um... all of them, as you normally do?
Not everybody "normally do[es]", for two reasons.
First, an individual developer graduating from hobby projects to a first revenue-generating project is unlikely to have the financial resources right off the bat to purchase five different devices for which to build and test: a Mac, a Windows 10 PC, a GNU/Linux PC, an iPhone or iPad, and an Android device. He would have to make a version for each platform and use the revenue from users of each platform to fund a port to the next platform. But with web technologies, it's possible to hit multiple operating systems with one testing effort, such as all three major PC operating systems plus Android. In addition, someone who habitually uses Chrome and Firefox and refers to Can I Use is likely to be able to make something that's at least partially usable in Edge and Safari and can fix reported issues on demand. In addition, all users of Edge or Safari for macOS are eligible to install Chrome or Firefox and use it to run a particular web application until the application's support for Edge or Safari is more thorough.
Second, with WebGL, if you publish the game once, all five platforms receive it simultaneously. There is no mandatory app review process to delay it by two weeks or reject it, as there is with native apps for iOS.
And then compile the game made in SDL and OpenGL for which of the five platforms that I mentioned above (Windows, macOS, GNU/Linux, iOS, or Android)? Because I doubt that these platforms are binary compatible, unlike web browsers running a web application.
By forcing the user to keep their browser/tab open and entering the code directly on the page
How usable is this flow to inexperienced users, who may not understand tabs? My grandmother sure doesn't, despite my attempts to teach her about them. And how usable is this flow to users of smartphones, whose comparatively small displays don't make the existence of other open tabs obvious?
there's no compulsion to use answers consistent with the question being asked. You could even use totally random strings for those, too, if you wanted to.
Unless part of the password recovery process involves a voice call to the telephone number associated with the account.
The problem was that to move to the vault we would either have to get access to the full password or get everyone to re-register.
There are two ways to do that. One is to require all users to go through password recovery, as you mentioned. The other is to prompt the user for the full password next time he logs in, and then once it matches the hash, transition that user to the vault for subsequent sessions. Users who do not log in at all during the month of transition to the vault would have to recover.
In other words you don't know what your machine is running
This is true if the PC runs Windows. It is not true if the PC runs GNU/Linux. Disabling or rekeying UEFI Secure Boot, which is a separate mechanism from TPM, allows the PC to run GNU/Linux. All x86 and x86-64 PCs certified for Windows 8 allow disabling or rekeying Secure Boot, and many (I'd guess most) PCs certified for Windows 10 allow it as well. Only Windows RT devices and certain avoidable Windows 10 PCs use Secure Boot without letting the device's owner disable or rekey it.
As usual, you Trusted Computing loons keep saying you can disable the TPM
What are the consequences of disabling the TPM in Windows?
or change the keys
The TPM and Secure Boot are separate mechanisms. One difference between the two is that the machine's owner can change the Secure Boot keys but not the TPM key.
As I said, everything after that is a software update.
What are the consequences of "a software update" if the user has chosen to disable the TPM? What are the consequences of "a software update" if the user has chosen to disable or rekey Secure Boot?
Smart enough to know that this question could be interpreted as a personal attack.
the mediums could not be more different
Let me rephrase my understanding of your comment without personal attacks: "The web doesn't have residuals the way old media do. Unlike people who compose music and people who make motion pictures, most people who make an HTML document do not earn royalties for its continued public display years later." Is this accurate? If not, what did I miss?
Unless I'm targeting the developing world or writing games I'm not sure I see the use case.
If you follow @Mozilla on Twitter, you'll get an idea of how Mozilla is "targeting the developing world". See, for example, the Digital Inclusion section of its Internet Health Report.
Nothing is stopping you from installing your own web server and use these apps on your intranet. But most people don't like paying thousands of dollars for software anymore.
Nor do they like paying thousands of dollars over the course of several years for a subscription that allows access to what FSF calls "service as a software substitute". Just because it's on the web doesn't mean it's available without charge.
The only required difference between the traditional applications you're accustomed to and Web Assembly applications is that Web Assembly applications don't have to be installed.
I have gathered that many users of Slashdot actually want the barrier of installation because it protects a user from code that he hasn't explicitly chosen to run. Some even want the barrier of compilation because distributing source code to the public discourages underhanded behavior by putting a program's developer on notice that any third party could audit the code.
Both do the work locally, and can save the work locally - even on a device with no network connection.
I thought web applications were subject of a quota of 5 MB of local storage per origin. You aren't going to be able to fit a lot of video into that, unless by "video" you mean a vector or sprite animation analogous to what people used to use Macromedia Flash to build. When was this increased?
In theory, one could extend LibreJS to support WebAssembly. In practice, I imagine few major for-profit web sites would bother to support LibreJS, particularly because all major web ad networks track users from one site to another using proprietary JavaScript.
The first difference I see is that wasm is not encumbered by Oracle's licensing restrictions. In addition, wasm is designed such that traditionally unmanaged languages like C++ can compile to it, whereas the JVM and CLR impose type system constraints that make it hard to define how to compile something like standard C++.
a WebAssembly VM will be a common feature on all OSs, and most scripting languages can then simply transpile down to this. Do something similar with generation of LLVM bytecode, and you can remove the need for actual binaries for most purposes, and also tweak OS designs so that many security properties can be enforced at the language level more easily
That's what the experimental Singularity operating system tried to do, except with .NET IL instead of WebAssembly.
But at least WebAssembly will allow use of languages that currently compile to native code, unlike .NET that required changes to popular languages to get them to work. For example, Microsoft's C++/CLI is set of extensions to the C++ programming language to allow creating managed code. But the syntax for arrays, pointers, and references differs between the unmanaged and managed "worlds". This means a program intended to compile in both a standard C++ compiler and the verifiably type-safe subset of C++/CLI ( /clr:safe ) can't use arrays, pointers, or references, which more or less restricts the common subset to programs not much more complex than Hello World. In fact, not even that works as advertised because most of the C++ standard library is missing in the verifiably type-safe subset.
I agree about removing Flash Player from the mainstream web. Almost everything modern has moved to HTML5 technologies. Classic animations and games, such as those found on Newgrounds, Dagobah, Albino Blacksheep, Homestar Runner, or Weebl's Stuff, can be run in a specialized browser in a virtual machine.
But Flash is more than Flash Player. Without Flash, what timeline-based graphical tool do you use to author an SVG or Canvas animation? Typing the coordinates of each vertex of each keyframe into a text editor is unlikely to cut it for animations of more than trivial complexity. Is Synfig any good yet?
The old "web browsers don't support standards the same way" problem strikes again.
But it's still probably a lot less effort to port a web app from Chrome to Firefox or vice versa than to port, say, a macOS app using Cocoa to Windows.
If a particular application is available as a web application without charge or as a native application for pay, would you choose to pay?
But a longer answer is: 99.999% of the Javascript out there is not slow but waiting on some server to send back content.
You'd be surprised at how much time the browser spends running ad exchanges' "real-time bidding" processes, collecting bids from a dozen different ad networks for each ad unit on a page just to eke out a larger fraction of a cent. On the weaker ARM or Atom CPUs of compact laptops, tablets, and smartphones, adtech scripts often cause the web content process to take a whole core for several seconds.
But I don't *WANT* to do that shit in a web browser. I want it to live on my local computer
What's better: using a JavaScript or WebAssembly app in a web browser, or not being able to use an app at all because it's native but doesn't happen to have been ported to your device's operating system?
There are only two possibilities: either the programmer in question is a hobbyist, or a pro.
My question was about the transition from the first of these "two possibilities" to the second. But first, let me make sure we agree on definitions. To me, a "professional" means one who has been paid for his work in a particular field. Am I right? Or are you instead defining it as one who seeks to be paid for such?
I thought one's project to become a professional had to be done with hobbyist tools in order to afford professional tools for the next project. The only ways I can see around this are A. to earn money for the required tools in a day job in a different industry, or B. to release hobby projects to establish one's reputation and then crowdfund the tools needed for a simultaneous 5-platform release of one's first professional project. Which one is more practical?
If the former, then Virtualbox (or whatever other emulator/virtualization system is applicable) would be fine.
I thought it was copyright infringement to run macOS in "VirtualBox (or whatever other emulator/virtualization system is applicable)" on anything but a Mac.
If the latter, then two phones and a Mac Mini is affordable.
Do you consider it a desirable state of affairs to give Apple a monopoly over computers used by developers? If so, why is this an exception to the inefficiency of monopoly?
I thought PaintShop Pro was a Corel product, and "Open PSP" was GIMP.
instead of buying certain to be backdoored Intel, my next laptop will be a Pinebook, using entirely free software with no firmware blobs
Say I wanted to switch from my current compact laptop, a Dell Inspiron mini 1012 with an Intel Atom N450 CPU, to a Pinebook. My current workflow includes applications that are made for Win32 API and distributed as free software, such as FCEUX (debugging version), FamiTracker, and Modplug Tracker. (A port of FCEUX to SDL exists, but unlike the Win32 version, the SDL version lacks a debugger.) Currently, I run them acceptably in Wine. How easy is it to, say, recompile them to use Winelib for the Pinebook's ARM Cortex A53 CPU?
And then compile the game made in SDL and OpenGL for which of the five platforms?
Um... all of them, as you normally do?
Not everybody "normally do[es]", for two reasons.
First, an individual developer graduating from hobby projects to a first revenue-generating project is unlikely to have the financial resources right off the bat to purchase five different devices for which to build and test: a Mac, a Windows 10 PC, a GNU/Linux PC, an iPhone or iPad, and an Android device. He would have to make a version for each platform and use the revenue from users of each platform to fund a port to the next platform. But with web technologies, it's possible to hit multiple operating systems with one testing effort, such as all three major PC operating systems plus Android. In addition, someone who habitually uses Chrome and Firefox and refers to Can I Use is likely to be able to make something that's at least partially usable in Edge and Safari and can fix reported issues on demand. In addition, all users of Edge or Safari for macOS are eligible to install Chrome or Firefox and use it to run a particular web application until the application's support for Edge or Safari is more thorough.
Second, with WebGL, if you publish the game once, all five platforms receive it simultaneously. There is no mandatory app review process to delay it by two weeks or reject it, as there is with native apps for iOS.
I don't have strong enough words to endorse their Watchtower service
I'd hope it doesn't have quite as much confused theology as that other Watchtower service.
And then compile the game made in SDL and OpenGL for which of the five platforms that I mentioned above (Windows, macOS, GNU/Linux, iOS, or Android)? Because I doubt that these platforms are binary compatible, unlike web browsers running a web application.
That's why I disable Javascript on my bank's web site.
And then watch the only option be "Apply for a line of credit to purchase a new computer capable of running JavaScript".
By forcing the user to keep their browser/tab open and entering the code directly on the page
How usable is this flow to inexperienced users, who may not understand tabs? My grandmother sure doesn't, despite my attempts to teach her about them. And how usable is this flow to users of smartphones, whose comparatively small displays don't make the existence of other open tabs obvious?
CORRECTION: By recovery I meant reset.
there's no compulsion to use answers consistent with the question being asked. You could even use totally random strings for those, too, if you wanted to.
Unless part of the password recovery process involves a voice call to the telephone number associated with the account.
The problem was that to move to the vault we would either have to get access to the full password or get everyone to re-register.
There are two ways to do that. One is to require all users to go through password recovery, as you mentioned. The other is to prompt the user for the full password next time he logs in, and then once it matches the hash, transition that user to the vault for subsequent sessions. Users who do not log in at all during the month of transition to the vault would have to recover.
In other words you don't know what your machine is running
This is true if the PC runs Windows. It is not true if the PC runs GNU/Linux. Disabling or rekeying UEFI Secure Boot, which is a separate mechanism from TPM, allows the PC to run GNU/Linux. All x86 and x86-64 PCs certified for Windows 8 allow disabling or rekeying Secure Boot, and many (I'd guess most) PCs certified for Windows 10 allow it as well. Only Windows RT devices and certain avoidable Windows 10 PCs use Secure Boot without letting the device's owner disable or rekey it.
As usual, you Trusted Computing loons keep saying you can disable the TPM
What are the consequences of disabling the TPM in Windows?
or change the keys
The TPM and Secure Boot are separate mechanisms. One difference between the two is that the machine's owner can change the Secure Boot keys but not the TPM key.
As I said, everything after that is a software update.
What are the consequences of "a software update" if the user has chosen to disable the TPM? What are the consequences of "a software update" if the user has chosen to disable or rekey Secure Boot?
How stupid are you?
Smart enough to know that this question could be interpreted as a personal attack.
the mediums could not be more different
Let me rephrase my understanding of your comment without personal attacks: "The web doesn't have residuals the way old media do. Unlike people who compose music and people who make motion pictures, most people who make an HTML document do not earn royalties for its continued public display years later." Is this accurate? If not, what did I miss?
I thought the size of a fingertip was why websites look like crap on mobile. Too much of the viewport has to be devoted to controls.