Why hybrid app developers should love the new iOS 8

Exciting news coming from WWDC for all HTML5 hybrid app developers, notably for Cordova and PhoneGap. Apple’s iOS 8 has a new browser engine called WKWebView. As the name implies, this is a real Webkit-based view that can substitute for the traditional UIWebView. Browser engines allow mobile app developers to embed Web content into their app, a core functionality for most apps.

We did many benchmark tests and figured out that WKWebView has a huge advantage in performance, stability and functionality. We believe WKWebView marks a major improvement in performance for hybrid apps that run on iOS. It is a big step forward.

Both WKWebView and UIWebView provide browser rendering capabilities with a JavaScript execution engine. The question is: How are they different, and how are the iOS 8 browser engines improved compared to iOS 7?

In a nutshell, all HTML5-based hybrid apps will run much quicker and become more stable if they use the new WKWebView engine. Hybrid apps are still often considered infamously slow. This new engine clearly solves a major issue in hybrid app development for iOS devices.

Looking at the numbers
To easily highlight the differences between WKWebView and UIWebView, we made a simple hybrid app that is hosted by WKWebView and UIWebView. All benchmarks were run in the application. We used two iPhone 5s: one with iOS 8 beta and one with iOS 7.1.1.

HTML5 support level test: To begin our comparisons, we executed the HTML5Test.com benchmark. Below are the differences between those three engines. Interestingly, there are some APIs that are only available in WKWebView. Since UIWebView is running on top of WKWebView, we first assumed all of the API sets are inherited. That was wrong.

WebGL is now enabled: Until now, WebGL was a hidden feature in iOS 7 that could not be enabled by the developer. But starting in iOS 8, WebGL is now officially supported in both WKWebView and UIWebView. This is huge for developers who require native-level 3D animation capability, especially for game app developers.

Should you build your next mobile game with HTML5?

Should you build your next mobile game with HTML5? This is the question facing thousands of mobile game developers and studios struggling with game discovery and monetization within the Apple app store and Google Play. Is now, finally, the time for HTML5?

HTML5 took quite a beating a few years back when Facebook dropped it and early studio adopters stumbled, but as a mobile game development platform, it has been quietly making a comeback.

To assess if HTML5 is right for your next mobile game, below is a list of important business and technical factors to consider:

Mobile Web, hybrid native, or some combination thereof? Most HTML5 game engines today are biased to a particular platform. There are some really slick engines from Goo Technologies and Turbulenz that leverage WebGL and offer 3D rendering, but produce games geared for desktops as opposed to mobile due to the size of the games they produce.

Then there are hybrid native technologies like Ludei, Apache Cordova and Intel’s XDK that wrap HTML5 games and accelerate performance for native for distribution within the native app stores, but do not extend performance benefits or distribution to the mobile Web.

Finally, there are mobile Web-optimized engines like TreSensa’s (my company) TGE, Phaser, Construct 2 and Kiwi.js that can produce games that work via the mobile browser and can be distributed on mobile game portals, media sites, social gaming platforms, native apps, and emerging carrier game stores. These mobile Web games can also run on desktop browsers and can be wrapped for native app stores.

Critical security problem found in Google Play

A crucial security flaw was discovered in Google Play by a team of computer scientists from Columbia University.

“So many people download content from Google Play these days, yet there appeared to us to be some potential risks given that no one reviews the content that gets uploaded there,” said Jason Nieh, professor of computer science at the university. “For example, for $25, anyone can upload an app, a very low barrier to entry, and it is immediately available to a huge audience for download.”

Nieh and the team created PlayDrone, a scalable Google Play store crawler that uses hacking techniques (such as simple dictionary-based attacks) to index and analyze more than 1,100,000 Google Play applications on a daily basis. What PlayDrone found was that developers were storing their secret keys in their software. Storing secret keys in software leaves user data or resources from service providers like Amazon and Facebook vulnerable to malicious attacks, according to Nieh.

(Related: Android accounted for more than 97% of malware in 2013)

“Unlike other types of vulnerabilities that require a user to download an app and run it to become vulnerable, this problem relates to server/cloud resources, and users can become vulnerable even without running the app,” he said.

To resolve this problem, Nieh and the team are working with service providers, including Amazon, Facebook and Google, to identify and notify those at risk.

“Google is now using our techniques to proactively scan apps for these problems and notify developers,” he said. “A key goal of ours was to try to make Google play a safer place for everyone.”

PlayDrone also found that about a quarter of all Google Play free apps are duplicates of other apps; the Top 10 worst-rated apps in Google Play had more than a million downloads despite their rating; and that Google Play displayed performance problems resulting in slow app purchases.

MongoDB 2.8 enhancements revealed

For Eliot Horowitz, CTO and cofounder of MongoDB, it’s been all about solving database problems. From his time as cofounder of a website called ShopWiki, where he developed crawling and data extraction algorithms, he found himself spending more time customizing databases to do what he needed than working on his original application.

“We spend so much time building accidental databases, we said why not build one on purpose?” Horowitz said during an interview on the opening day of MongoDB World in New York City yesterday.

And today he took to the stage for a keynote speech in which he unveiled new features of MongoDB, the hugely popular NoSQL database.

He couched the announcement by saying the improvements—in three main areas—might not seem to be huge technological breakthroughs, but they do provide a means for developer productivity and operational correctness.

First, on the server-side, Horowitz talked about document-level locking, which enables greatly improved concurrency. This will be added in the 2.8 release of the database, which he said should be out in “late fall.” This more granular locking will allow for more simultaneous writes to occur without locking up resources or hurting performance, he explained.

Also due out in the 2.8 release are new storage engines, each with different performance characteristics that can be selected based on use case, Horowitz said. These dedicated storage engines, for things such as encryption or compression, can be run simultaneously in single replica sets, he said.

The last improvement he discussed is in automation, as new managements tools for orchestrating large MongoDB clusters arrive that enable rolling configuration changes out of the box. Provisioning today is only available for Amazon Web Services, but other platforms are in the works.

Rethinking application life-cycle management

Software has changed, end points have changed, even the role of the developer has changed. So, it only makes sense that the way developers and organizations manage the application life cycle would have to change too.

In the beginning, the ALM process was very independent, according to Robert Holler, CEO of VersionOne. “You kind of had your application life-cycle-management capabilities that supported requirement-management tools, design tools, coding tools, test tools, build source, deploy tools and project-management tools,” he said. “At first there was a lot of disintegration. Each one of those tools was completely independent.”

With the ever-increasing demand for better quality, better user experience, faster delivery and advanced technologies, the way in which tooling has worked together has evolved.

“Through the years, tool sets have become integrated,” said Holler. “All those tools are no longer independent tool sets; they are actually integrated tool sets that all work together to help manage the project, the product and the process, all at the same time.”

But it hasn’t just been the tool sets going through an evolution; the entire scope of ALM has changed. Where once testing had a definitive role at the end of the life cycle, or requirements took up a large part of the life cycle, the aspects of the life cycle are now linked together. “The life cycle starts with a business idea and doesn’t end with delivery of some value to a customer, but rather cycles around with feedback back to the business again to say did we actually meet the need,” said Kurt Bittner, Forrester analyst.

Crowdsourcing means raising an army of developers

Enterprises are grappling with a rapidly changing IT landscape and not enough in-house developer talent to deal with it. As the explosion of the cloud, Big Data, mobile and connected devices leaves organizations strapped for skills in emerging areas, more and more enterprises are turning to crowdsourced application development.

Crowdsourcing development platforms give enterprise organizations access to a free market of developer talent, ready and mobilized to work on an application right away. It’s a mutually beneficial arrangement, giving enterprises the specific developer skillsets they need to build custom software, and allowing developers to supplement their incomes, choosing their own freelance projects in a collaborative but competitive atmosphere and gaining new programming skills in the process.

Platforms such as TopCoder—the largest online crowdsourced developer platform with a community of more than 630,000 developers and designers—open enterprise projects up as competitive challenges, breaking down the software’s components into itemized tasks for developers to complete. The developers, the majority of whom have full-time jobs, monitor the challenge boards for tasks that match their skills and interests, and in a matter of days or weeks code and deliver the software with the goal of receiving a cash prize. Any piece of software the enterprise customer ends up using, including a combination of multiple submissions, the developer gets paid for.

“Let’s say you needed to build a mobile front end to some application, and you didn’t have any skill to do that,” said Eric Knipp, managing vice president of application platform strategies at Gartner. “You can go to a digital agency and they’ll charge you an arm and a leg for it. You can try to hire someone with that skill; they probably won’t want to work for you if you’re a traditional enterprise because of the compensation. Or you can go to a crowdsourcing community where you can buy a little slice of their time and get this thing you need relatively quickly.”

In March, Gartner published a report, “Use Crowdsourcing as a Force Multiplier in Application Development,” in which Knipp explores how crowdsourced development applies a cloud operating model to the development and delivery of custom software. Organizations can use platforms including TopCoder and the crowdsourced testing community Applause (formerly uTest) to spin up, develop, test and ship software relatively quickly. A recent partnership between the development and testing platforms takes this a step further by consolidating the customer’s experience through the software development life cycle.