Jun 092010

There has been a lot of talk about Flash security lately. First Jobs made some claims about it in his “thoughts on Flash” rant,  and now with the recent vulnerability a lot of people seem to think that he has been proven right.

But is there any truth in Flash being unusually insecure?
Jobs try to back up his FUD by mentioning a Symantec report which he claims “highlighted Flash for having one of the worst security records in 2009″. Of course he doesn’t quote anything from the report, nor provide a link. But if you actually read the report you will see that his claim is a blatant lie.

Nowhere in the report Flash is highlighted, and there is just no data in it to support that conclusion. In fact the report shows that Flash was the browser plug-in with the least reported vulnerabilities.

In the section about web browser plugins they write the following:

In 2009, Symantec documented 321 vulnerabilities affecting plug-ins for Web browsers (figure 9).
ActiveX technologies were affected by 134 vulnerabilities, which was the highest among the plug-in technologies examined. Of the remaining technologies, Java SE had 84 vulnerabilities, Adobe reader  had 49 vulnerabilities, Quicktime had 27 vulnerabilities, and Adobe Flash player was subject to 23 vulnerabilities. The remaining four vulnerabilities affected extensions for Firefox.

Considering how widespread the Flash Player is, combined with the fact that it runs scripts and has a lot of connectivity features, it’s obviously an extremely attractive target. So the fact that it has the least vulnerabilities is something that Adobe should get credit for.
So we can conclude that Jobs claim has nothing to do with the number of vulnerabilities.

Could it have to do with the severity of the vulnerabilities then?
Indeed Flash is mentioned again in the report:

Among the vulnerabilities discovered in 2009, a vulnerability affecting both Adobe reader and Flash player was the second most attacked vulnerability.

Considering that Flash is installed of some 98% of computers it is hardly surprising to find that any vulnerability will be exploited to it’s fullest. But that one of the top five attacked vulnerabilities was involving Flash can hardly be used to support Jobs claim of Flash “having one of the worst security records in 2009″.

Search trough the document for when Flash is mentioned and you notice that that there is no other mentions of the security record of Flash other than what I quoted. There is a mention in the section about browsers, where Symantec provides advice about how to secure the browser:

Browser security features and add-ons should be employed wherever possible to disable JavaScript™, Adobe Flash player, and other content that may present a risk to the user when visiting untrusted sites. Organizations should consider adopting a policy of identifying a list of whitelisted, trusted, or authorized websites and block access to all other sites. Whitelists must be actively maintained due to the risk presented when trusted sites are compromised and used to host attacks or malicious software.

Of course this is sound advice for enterprises with sensitive data to protect.
If security is vital you should only allow whatever is really necessary to run on your machines, and that obviously includes Flash. Some people try to interpret this as Symantec trying to imply that Flash is a major threat, but what it means is that Flash is a threat, just like any other piece of software, and for optimal security it should only be used when needed.

Note that they recommend disabling JS as well, meaning that HTML5 , which Jobs seems to imply would be a more secure alternative, should be avoided as well. Disabling both JS and Flash and only allowing access to trusted sites does not make for a great Internet experience, but obviously that is not particularly desirable on enterprise workstations anyway.

So in conclusion there is absolutely no basis for Jobs claims in the report he mentions, and instead it shows a very good security record for the Flash player. But the features and obliquity of the Flash Player will of course mean that hackers will do everything they can to find vulnerabilities, and when they do it has the potential to affect many people.

So the claim that Flash was highlighted is a blatant lie, and it’s not a subject up for discussion. Symantec has a section with highlights in which Flash is not mentioned once. It’s interesting to note what does get highlighted in the report though.

This is what they say on Safari in the highlight section:

Of all browsers Symantec analyzed in 2009, Safari had the longest window of exposure (the time between the release of exploit code for a vulnerability and a vendor releasing a patch), with a 13-day average; Internet Explorer, Firefox, and Opera had the shortest windows of exposure in  2009, averaging less than one day each.

Compared to other browsers this is a truly appalling security record. Not only did Safari have the second most vulnerabilities of the browsers, but average window of exposure was 13 days. Second place was grabbed by Chrome with 2 days.

Also they have the following to say about Safari:

Additionally, all browsers except Safari either remained status quo or showed an improvement in the window of exposure. This demonstrates an increased effort by vendors to minimize the
amount of time that users are exposed to exploits.

It seems quite clear that the way Jobs reads the report, according to him obscurity equals security. With a market share of a few percent obviously Safari will not make it in to any list of the most attacked vulnerabilities, but that does not make it’s security record any better. The record instead shows that Apple does not seem to care much about security when it comes to their own products.

While it’s very important that Adobe ensures that Flash is secure, there is simply no basis in fact for the claims that it has a particularly bad security record. The latest incident is unfortunate, both since it seems to be a fairly severe vulnerability, and because of the timing.

But according to Adobes security team there should be a patch to the release version tomorrow.

For those of you interested in details about the work of Adobes security team,  I recommend reading this interview.

I just noted that the severity of the current vulnerability is classified to “Risk Level 1: Very Low” by Symantec. Secunia on the other hand is classifying it as “extremely critical”, so I guess the jury is still out on how severe it is. But it does seem like it’s not being actively exploited on large scale yet. According to Symantec the number of infections are 0-49 and the damage level is low as well.

Jun 032010

Flash vs. WHATWGHeated arguments and benchmarks can be both entertaining and educating, but as they say, the proof is in the pudding.

So I thought it would be a good idea to make a list with examples of applications available today using the competing technologies. Have a look for yourself how they compare when it comes to performance, features and stability.

First of all I will use a very vague or downright incorrect definition of HTML5 since there is no good name for various combinations of HTML and JS.  So I will list good DHTML or AJAX applications as well.  I will also include examples using new functionality not yet part of the HTML5 specification when I cannot find an alternative that does adhere to the specification.

My intention is to list the best and most popular applications in each category without bias, and if you don’t agree with the examples please let me know if you can think about more representative examples.

I will update with categories and examples as I find more. Of course it’s very much appreciated with any suggestions,  so leave a comment and I will update the list as appropriate.






Image Editing:


Aviary Phoenix


Apple demo

Slideshow Makers:





Wireframe Prototyping:





Audio Players:


EP Player



Audio Editors:


Aviary Myna


Audio Synthesis:




Clouddev Synth

Video Players:


Strobe Media Player


YouTube HTML5 experiment

Video Editors:


Creaza MovieEditor


Video Chat:




Word Processors:




Google Docs





Google Maps

Data Visualization:


IS Parade


HTML5 Readiness

Motion Detection:


Free Your Dance




Vatican Sistine Chapel


Apple VR demo

Strategy Games:


War Of Legends



3D Action Games:




Quake II





Lord Of Ultima

May 192010

So, now it’s official. VP8 will be open sourced and support will added to the Flash player: http://webmproject.blogspot.com/

It’s was not a difficult prediction that I mention in an earlier post:

Notice the absence of Apple and Microsoft in the list of partners.

So what does this mean?
Like I mentioned in my earlier post, contrary to what many people seems to believe this puts the Flash Player in an excellent position when it comes to video delivery in the future. It will take a long time before most users have browsers that support VP8, while a Flash Player with VP8 can become widespread very quickly.
And with their vested interest in H.264, question is if and when Apple and Microsoft will decide to add the decoder to Safari and IE.

Also, it’s great to see many hardware partners, which means that hopefully it should not take too long before we see hardware accelerated playback of VP8 video.

May 022010

Google + FlashIn the current debate about HTML5 vs. Flash as well as H.264 vs. Theora, understanding Google’s intentions behind the purchase of On2 could provide som interesting clues.  Are they planning to finally set HTML5 video free by getting their VP8 decoder into browsers? Or do they plan for another delivery method?

Obviously they want to get involved with video codecs as the owners of Youtube. The efficiency of a codec matters a lot for their bandwidth costs, and currently the only sensible alternative for them is H.264.
It’s supported in the Flash Player, which still is a requirement to reach most users, and it’s more efficient than Theora.
But H.264 is owned by MPEG-LA with both Microsoft and Apple as licensors. They can take license fees as they see fit on a case-by-case basis, and of course Google would rather not be under their mercy. Having a decent share of the browser market, MS and Apple can force Google to use the codec they accept in the browser.

Looking at the current situation Google cannot fully adopt HTML5 with H.264 since that would mean a lot of users not being able to view the videos, and Firefox has no plans of adding support. And using Theora to serve video to Firefox would just give them the worst of both options. Then they do not only have to pay licensing fees for H.264, but they at the same time make themselves vulnerable to lawsuits due to the unclear patent-situation with Theora.

So why they bought On2 seems to be fairly clear, but now when they have the codec they have a few different approaches of how to get it to the users. There is no point for them to re-encode their entire library to VP8 unless a very high percentage of users can play the content.

I can think of the following options:

1. Make VP8 a standard for HTML5 video across browsers

Many are hoping that Google will open VP8, and assume that it would end the conflict of what codec should be used to render the <video> tag. Is that likely to happen, and if so when?

First of all MS and Apple has a vested interest in H.264, so from a short term financial perspective it makes sense for them to try to push H.264 and stall alternatives. Even if MS and Apple would let in a codec competing with H.264 in their browsers, it would be a long time before HTML5 with VP8 makes it into more than 90% of users browsers. I doubt VP8 would make it in to IE9, and how many years before users with IE 9 and earlier only make up a few percent? I would not bet on that happening this decade.

The lifespan of an IE release actually seems to be longer than the lifespan of a codec, and unless that changes it becomes difficult to rely on browsers to deliver the codec. If they rely only on this approach VP8 could very well be outdated by the time it’s accessible enough to make sense as the primary delivery method.

With Jobs latest Flash-bashing and Microsoft stating their support for HTML5 and H.264, it’s pretty clear that Apple and MS are not that keen on offering alternatives to H.264 in their browsers.
There are several reasons for that. The most obvious one is that they both collect licensing fees for H.264, and by not supporting other codes they can ensure that it’s a requirement to provide an H.264 version.
Then there is the issue with submarine patents, which would be the official reason for not supporting Theora. VP8 might not avoid the patent issues completely, but at least Google’s backing should inspire a bit more confidence in the codec, but I very much doubt MS and Apple will be in a rush to support VP8 regardless.

2. Get the codec in to the Flash Player

Adobe would probably not need a lot of convincing to add VP8 support, and as soon as the decoder is implemented in the player, Google could request from users that they upgrade their Flash Player to view the content.
The Flash Player already has an astonishing adoption rate,  and Youtube making use of a new player version would make most their users upgrade immediately.
Using Flash would bypass the control MS and Apple have over what codec should be used, and enable Google to very quickly add support for the codec on the users PC or various devices.

This is without a doubt a much more viable strategy for Google if they are at all hoping to switch default codec to VP8.

3. Deliver through their own platform

Maybe as a long term strategy Google rather have control themselves over the platform. Chrome and Android certainly suggests that. But I don’t think they hope to get to a position where their own platform would serve as the main means of delivery within the lifespan of VP8. Of course they can dream of a position similar to Flash with a platform that can reach over 95% of users, but it would be a bit early to invest in a codec for when that dream comes true.  So if they have any plans for VP8 it has to do with current platforms, but they might want to get the IP and people from On2 to protect themselves and work on a future codec.

And as I understand it, as partners in the OpenScreenProject they have access to the source for the Flash Player and could write their own player. I doubt they will bother with that since Adobe certainly be very keen to do the work themselves in this case, but having that possibility it’s not as if they give Adobe the control instead of MS and Apple.

If Adobe would be very closed about their technology and be involved in licensing codecs, I guess Google would feel more of an urgency to get their own means of delivery, but right now Adobe is an ideal partner since they can enable Google to get their codec established almost instantly without paying for any licenses.


So I think Google will open VP8, but I don’t think that will resolve the issue of getting the codec into browsers, and getting the browsers to the users.

They are in one way or the other going to pursue all three options at the same time, but the chances of VP8 solving the issues with HTML5 video in the near future is almost non-existent.
And Flash will remain their main means of delivering video, especially if they want a way to establish VP8 quickly. Standards that take decades to become established, along with browsers where old versions live on for decades, are obviously not cut out for handling delivery of technology which needs to be up-to-date.

Apr 292010

Steve Jobs has posted a defence to his position on Flash and not surprisingly it’s full of errors and misrepresentations.

Let’s look at the points he makes:

First, there’s “Open”.

He asses that “Adobe’s Flash products are 100% proprietary. They are only available from Adobe, and Adobe has sole authority as to their future enhancement, pricing, etc.”
Sure, Adobe’s Flash products are only available from Adobe. That’s what makes them Adobe’s.
But there are many open source IDE’s, compilers, RTMP servers and players available.

Also he claims that “By almost any definition, Flash is a closed system.”
Flash is a complex system made up from many parts, but the most important part is the swf format. That is an open format, and you can write both a compiler and a player
without needing a license.
So if the swf is open what is Jobs referring to when he says “100% proprietary”?
It cannot be the RTMP and AMF formats since they are open. And the whole SDK with compiler and Flex framework is open.

The one thing that is not fully open is Adobes own implementation of a Flash Player. Since Apple is one of the licensors behind H.264 one would think that Jobs would be aware of why Adobe cannot release it publicly. It contains proprietary codecs and hence cannot be made open by Adobe.
But if Jobs is concerned with proprietary products, maybe he should work for making H.264 open to help Adobe open the Flash Player as well?

And let’s not forget that the canvas is Apple’s proprietary technology.

Second, there’s the “full web”.

Here Jobs claims that “Adobe has repeatedly said that Apple mobile devices cannot access ‘the full web’ because 75% of video on the web is in Flash. What they don’t say is that almost all this video is also available in a more modern format, H.264, and viewable on iPhones, iPods and iPads.”
To claim that “almost all” the web would be the same as the “full web” is of course dishonest in itself, and in this case the “almost” is very broad since there is countless sites that have not bothered with HTML5 yet.

And he seems to forget that Flash is used for a lot more than displaying video. He does mention games, but seems to think that because there are many games for iPhone today there are no games on the web.
He’s trying to argue that Adobe are wrong when they say Flash is needed to access “the full web”, and in the middle of the argument he switches focus to the app store and how many games there are there. Clearly Jobs has a vision to replace the Internet with his tightly controlled app store, and is expecting users to to the same. But the argument was about the web, and the fact remains that apart from video there are a lot of apps, games and animations which cannot be viewed without Flash.

Third, there’s reliability, security and performance.

The reliability and performance arguments never get’s old for Steve. I guess he still hasn’t bother with benchmarking to actually find out that his assumptions are bogus.
HTML5 and JS certainly does not provide greater stability or performance. That should be pretty clear to anyone familiar with the technologies.

Regarding security, looking at data from Secunia and the number of threats and time for them to get patched I would say that Flash has a rather good security record. It’s certainly not the case that JS is secure and Flash isn’t.

Fourth, there’s battery life.

Here Jobs goes in to the importance of hardware encoding. What he seems to miss is that Adobe and several hardware manufacturers are cooperating to provide acceleration in Flash Player 10.1.
Of course Apple could have done the same if they where concerned with the battery life, but that would require some effort, and dumping Flash is of course easier.

And don’t forget that Apple is a licensor of H.264, and hence it’s natural Jobs want Flash to die. With Flash developers can freely choose codecs, but with HTML5 you need to make sure the users browsers supports the codec you use. This means in practice that encoding in H.264 will remain obligatory for some time. The reason is that Safari does not support open codecs like Ogg Theora because it’s open, while Mozilla does not support H.264 because it’s proprietary. So with HTML5 Apple has a chance to exert control over the choice of codec, but with the Flash Player H.264 will be optional.

Fifth, there’s Touch.

Oh dear, I cannot believe this is written by Jobs and not by one of his mindless drones : “Flash was designed for PCs using mice, not for touch screens using fingers. For example, many Flash websites rely on “rollovers”, which pop up menus or other elements when the mouse arrow hovers over a specific spot.”

So Flash is bad because it has a roll over state…just like pretty much any other technology?
And “many websites rely on rollovers” is simply not true, just like there are very few HTML sites that rely on roll overs. He even goes on to claim that “most Flash websites need to be rewritten to support touch-based devices”.

Maybe Jobs surfed to http://www.dontclick.it/ with his iPad and got upset?
Calm down Steve, it’s an old experiment and I can assure you that most sites using Flash do not rely on rollovers.

And since it seems like Steve is a bit clueless about the development process, someone should explain to him that for sites that currently do rely on rollovers it’s a lot easier to change event type for your buttons than rewriting the whole app using a new technology.

Sixth, the most important reason.

This is the only point he does not try to support by lying or misrepresenting facts. He want’s full control over the platform, and if that means not providing a very often requested feature then so be it.
Of course it requires less effort to not have to work together with any third parties…a dictatorship is a very efficient form of government as well.
Developers and customers expect a certain degree of interoperability and backwards compatibility. And one have to strike a balance between trying to keep the platform progressing and ensuring differentiation in the marketplace while also ensuring that developers and customers are happy.

Looking at the many voices demanding Flash on the iPhone/iPad and developers outrage over section 3.3.1 it seems to me that Apple clearly is out of balance here, but time will tell. Personally I think a put option on Apple stock is looking better and better for each day.

He ends with “Perhaps Adobe should focus more on creating great HTML5 tools for the future, and less on criticizing Apple for leaving the past behind.”
Adobe are working on HTML5 tools, but unlike Jobs they are obviously smart enough to realise that there is room for more than one technology.
And claiming that Flash is the past is of course pure arrogance from Jobs. It’s a product that is very much alive making with frequent major updates, and that is currently used to serve the vast majority of the multimedia on the web.
It’s designed specifically for delivering multimedia and rich applications in the browser, while HTML5 is an attempt to add that functionality to an ageing mark-up language.

Apr 192010

Don't listen to the snake, it's a trap!Discussions about Mac vs. PC, or HTML5 vs. Flash, might be getting old, but Apple are currently shaping the future of the IT-world and that is becoming more than an issue about personal taste and choices.
My view is that Apple’s products as well as the technologies they license should be avoided by anyone remotely concerned with issues like net neutrality, open standards and freedom of information. In this article I will try to explain why I think that is the case.

There is no company that is as dedicated as Apple when it comes to DRM, patent abuse, and hardware lock-in. But at the same time both OSX and iPhone OS, as well as Safari, are based on open source technology. And they are very much involved in WHATWG, defining the HTML5 standard.

Is Jobs a schizophrenic, or is there a way working with open source and open standards that could serve to make the web more proprietary and do away with net neutrality?

I will try to explain how I think those conflicting sides of Apple actually makes sense, but first a little bit about my relation to Apple trough the years to try to give a bit of context:

Me and Apple

I have been doing music production since the 80′s, and mainly used C-Lab Notator on Atari. In the early 90′s C-Lab became EMagic. They rewrote Notator, called it Logic, and made Mac as well as Windows versions. ProTools was released around the same time, which meant the mass-introduction of computers in pro studios, and ProTools was Mac only.
When the first native DAW applications started to appear, Apple was clearly superior to Windows. Both Logic and Cubase where very unstable in Windows and the timing was awful. So for a few years I used Macs and worked for some time with a gear shop in London with configuring them for studios. Many little things did annoy me about the OS. Windows and TOS sure had their flaws, but even if some of them were very severe they were not annoying me as much.  For example the fact that windows had severe timing issues was obviously a really big issue, but it didn’t make me annoyed and instead I felt disappointed that they could not get it together. If someone behaves in a way which inconveniences me because they are disabled or sick I will not get annoyed with them, but if someone does it just from a bad attitude and lack of respect I do get annoyed. Apple would give you the feeling that you are expected to be dumb and/or clumsy enough not to be able to handle two mouse buttons or do things which makes no sense, like dragging a mounted unit to trash to eject it.

In the end of the 90′s Windows systems became a lot better at handing audio, and decent audio interfaces and DSP platforms started coming with Windows drivers. And the selection of audio apps and plugins was growing larger than for Macs. Basically, when it comes to an OS to run a DAW on, within a short period of time Windows went from almost unusable to superior.  I was using a Windows machine at home and a Mac in a studio, and I was really surprised when I noticed the performance differences beteen Mac and PC.  Despite the fact that Apple marketed their machines as being almost criminally fast supercomputers, a machine costing many times more than a decent PC would only handle a fraction of the plugins.

I figured Macs were severly overpriced and underperforming, and I completely abandoned Apple used Logic for Windows. Also my hardware of choice, Scope, primarily targeted the Windows market. By now I started developing a bit scepticism towards Mac zealots who constantly kept justifying the cost of a Mac with the supposedly superior performance, since it was pretty obvious that that was a myth.

2002 Apple decided to buy Emagic (developers of Logic) and in the press release they announced the discontinuation of the Windows version. Emagic had just been working hard on ensuring that they where able to deliver Mac and Windows versions at the same time with the same features, so they had excellent cross-platform support. But Apple did not care about the increasing number of Logic users on Windows (around 35% at the time), and instantly scrapped the work Emagic put in to ensuring that their excellent software was available on the platforms that was profitable to develop for. It was clearly not a move that was meant to take over a great software venture and try to monetize as much as possible from it. It was obvious that the idea was to try to force producers into buying their hardware. It was a move that was good for Apple Inc, but bad for producers.

I’m not that fond of being blackmailed and really felt I had to vote with my wallet and avoid Apple products from then on. Some people figured they did not like to loose the time and money invested into Logic and bought Macs, but I decided not to make the switch and discovered Ableton instead.

It was that behaviour from Apple that made it very clear to me that they had very little regard for users and view them simply as pawns in their struggle to gain market share. And it made it clear what a bad idea it is for consumers with a platform where you tie the software to the hardware.

Return of Jobs

Let’s wind back to 97, when Jobs returns to save Apple. Jobs brought the foundation to OSX over from Next, and it appears somewhat odd that Apple choose to base OSX on open source code. After all Apple was going to lock the OS down to their hardware using DRM. The most obvious reason for using open source, despite Apple being about as closed as possible as a company, would be saving costs. Give a little bit back of the work you put in, but be able to get a lot of great code for free.

Another factor in choosing open source is that even if you do not contribute much and mostly take, a lot of people will view your software as the more morally correct software to use. But the fact That Apple is using open source does not make them into valuable contributors. If OSX actually was open source I would give points to Apple for openness, but it’s not. I cannot see how taking an open source product and making it into a DRM-protected proprietary product, for which the main purpose is to lock people into proprietary hardware, would be morally better than making a proprietary product to start with.

Apple was not doing well at the time for a number of reasons, and especially one reason was extra troubling. The platform depended on applications to survive, but with a small market share it was hard to get developers. And the ones developing for the platform usually developed Windows versions as well, meaning very little incentive for people to pay the extra for a Mac. Also Apple preferred to keep any upcoming changes to the OS secret for as long as possible, which made it hard for 3rd party software developers to keep up with the many frequent and major changes.
So Apple started to acquire software like Shake and Logic to discontinue the Windows versions as well as launching their own applications. It’s the one part of their ecosystem they cannot control, so the idea is to bring as much as possible in-house.

Already when Jobs came back to Apple in 1997, the focus was on the Internet and the browser was considered very important to have control over. MS went trough great effort to push IE because the web would become the new platform that could make the OS irrelevant.

Trying to get a large enough market share with a browser to have any control over the web would be very difficult, But developing an open source rending engine had a much better chance of having a significant market share and one could still maintain a decent level of control over the technology. And you can exercise control over a work group setting standards, at least if you can keep the number of participants down and have one of your employees as an editor. You make people belive that you care about open software and standards, but only use open source when you can profit from it, and work with standards only to be able to ensure that you have control over the technology. And then you make customers belive that any measures you take to ensure your control is made for their own benefit. Lie to them about software that could limit your control over “your” platform, and tell them it’s of substandard quality. Make them believe that not giving them the option is good for them, since they are incapable of making the choice themselves.

Apple and the future of the web

Since W3C is so large and moved too slow, WHATWG was born 2004, founded by Apple, Mozilla and Opera, with Dave Hyatt from Apple as an editor. The canvas makes it’s way into the HTML5 standard, despite the fact that it’s Apples proprietary technology. And when it comes to video Apple are pushing for h.264, being one of the licensors of the technology. Safari does not support open codecs like Ogg Theora, and by not allowing access to the API for hardware accelleration they can ensure that anyone trying to use competing technologies will suffer from poor performance.
They try to use the popularity of the iPhone/iPad as well as having disinformation meetings with publishers to force websites, developers and users to adopt HTML5.

The all-seeing AppleImagine for a second that MS would have been the one starting WHATWG with Mozilla and Opera, as well as being the one licensing the <canvas> and the codec most commonly used to display <video>. And to ensure that their proprietary codec becomes widespread they would use the market share of IE as leverage by not supporting alternative open codecs. I think that would generate a lot more than a couple of blog posts on the matter. But Apple is doing it right now with HTML5 and h.264, and still it seems like a majority is cheering them on telling themself Apple is doing it to promote open standards.

People are in arms about “net neutrality” if an ISP wants to control their network in any way, but Apple gets away with controlling what programs people can use, what languages they can develop in, what parts of the human body one can view, what gestures you can implement, that you don’t ridicule public persons, that you don’t compete with their own applications and that you don’t use a frame around pictures with a ratio that any companies might object to. As they express it in their legal terms, anything that “in Apple’s reasonable judgement may be found objectionable”.

Apple is clearly trying to take as much control over the Internet as possible, and with the iPhone actually to a certain extant replacing the internet with their own tightly controlled store. They don’t work with standards and open source to cooperate with competitors and make hardware and software interoperable.

Why did Apple not donate the canvas technology instead of licensing it?
Why are they trying to strongarm people to desert Flash if it’s about openness? Is the vision of a web without proprietary technology (which Flash isn’t) really about enforcing a single standard with no competition allowed?
And are we really sure already that open standards are the best way to drive web technology forward and ensure that it serves humanity as best it can? Looking at W3C I’m not so sure about that. Both considering the extremly slow progress and the failure to ensure that the standards are enforced. Regardless, the alternatives should be explored as well.

I think looking at WHATWG and HTML5 as saviours of the open web is missing an important part of the picture. Just because a standard is defined by a work group does not mean it’s not steered by interests of domination, control and profit. And just because a markup is an open standard doesn’t mean that the technology used to render the content is.
And while I think open source and open standards results in great progress in some areas, to completely rid the web of any technology that is not open source or developed by a committee is a bad idea. Not only should there be some competing technologies, but also competing business models and ways to organize development. The vision of one standard to rule the web is in my eyes not very appealing, and what might appear as calls for freedom can sometimes turn out to be calls for tyranny.

Apple is evil

Steve calls Googles “don’t be evil” mantra bullshit and claims that Adobe is lazy.

Dr Jobs working on his next keynoteI’m sure most evil people would agree with that “don’t be evil” is a “bullshit” mantra. Not being evil would include openness, cooperation and respecting your customers, clearly not the kind of paths Steve would like to follow.

And Adobe are making a lot of effort cooperating with a lot of different hardware and software manufacturers and ensuring backwards compatibility for the Flash Player. Java and Silverlight also runs slower on the Mac, and I guess that according to Apple it is because Sun and MS are lazy as well?

Steve always wants to have the cake and eat it. He wants 3rd party developers with successful products to flock to his platform. And they should be loyal and swiftly comply with the many changes they make to the OS without regard for backwards compatibility, while he works on replacing their products with his own software.

Cooperating with competitors is a very common practice today, and has been so for quite some time. The IT industry requires some interoperability and standards and that you license technology rather than holding on to it to try to gain market share. Otherwise it hinders development and makes the technology difficult and expensive for the customers. So while you might increase market share, you’ll end up with a smaller market. MS understood this, and it’s a big reason for their success. They have been supporting Apple several times, not only by providing software but also by supporting Apple financially when Jobs returned in 97.
In the announcement at MacWorld Boston (worth watching if you have’t seen it), Jobs seems like he at least is trying to understand the principle of cooperating with competitors, but has a hard time trying to sell the idea to the crowd.
But now when Apple are the ones with the financial resources and some areas with large market share, it seems like cooperation is a thing of the past. To avoid that they are looking to control the complete chain, from actually manufacturing chips, to manufacturing the hardware, OS and software. And they have their own hardware and software stores. All we need now is Apple as an ISP where they decide if it’s your interests to access for example adobe.com or google.com.

You have to either be a mindless Jobs drone or completely incapable of using a device to think that it’s to your benefit when Steve is limiting what you can use your device for. For example he says about Java: “Java’s not worth building in. Nobody uses Java anymore. It’s this big heavyweight ball and chain.” I agree that Java is a stagnated technology which today has very few areas where it’s still a good choice, and usually I cringe a bit when I encounter a Java application. But would I rather have a device where I can install and run Java applications or one where I’m prohibited to do that?

There are a couple of Java apps that I think are the best at what they do, despite being buggy and having bad UI’s. For example I use RapidEvolution for analysing key and BPM of music because I find it to be the best software for the task. If I really want to run that app on my iPad, I will not be able to, because Steve thinks it’s not worth building in Java? Obviously I think what matters on my machine is if I think it’s worth running the program, not what Steve thinks is worth developing in right now.

So why is what Apple is doing morally objective, or evil?
If you for example are in the business of delivering a means to access information and media, that is what you are expected to do. If you start selecting or slanting information due to hidden agendas, then that is evil. A newspaper should try to be objective and an ISP should give you access to the full Internet. A paper that writes propaganda or advertisement disguised as factual articles is evil, just as an ISP that regulates access or speed to certain websites to increase their profit or hinder competitors.

You can have a successful business while respecting your customers needs and interests, and if you instead device plans for how to dupe and force customers into loyalty you are evil.
If you care about an open and free Internet, you should stand against Apple and HTML5 with the canvas and h.264.

What to do?

I have up until recently been pro HTML5. It’s about time HTML is equipped with a video tag and a drawing API, and I don’t see that as a threat to me as a flash developer at all.  I don’t code the kind of basic video players that can be achieved with HTML5 since there are already thousands of them available. I don’t make banners and basic animations.
Last couple of years I have mostly been working with audio apps, and I doubt that we’ll see sound synthesis and processing in HTML6, and it’s certainly not going to happen with HTML5.
I think it could be nice if Flash did not have to serve all the advertisement animations, which unfairly gives Flash as a technology a bad rep. I also think that it gives flash developers more credibility if HTML5 takes over more basic tasks. And even if HTML would become more capable than Flash, it’s no big deal to go from AS to JS, and any decent flash developer will already have a pretty decent knowledge about HTML and JS.

But in the light of Apples involvement with HTML5 I think it should not become a standard in it’s current form. WHATWG and W3C should pressure Apple to donate the canvas technology, and ensure that Safari for both OSX and iPhone supports open codecs like Ogg Theora.
Apple has to show that they are interested at all in both being open and supporting standards if they should play an important part in developing “open standards”.
If they don’t, WHATWG should be disbanded or reformed, and canvas should be removed from the HTML5 specification.

Voting with your wallet might not be enough. The majority does not understand what Apple are about and what kind of changes to information technology their practices can mean. If you understand and care you have to let them know.
A tactic that has worked for Apple is to have so called “evange-lists” where fanboys get sent links to discussions where they should try to drown any criticism of Apple. That certainly worked quite well for them and while it sometimes can seem like it’s impossible to keep up with the Cupertino spam bots, but people has to be made aware of the situation, otherwise they will just buy their spam.

Join the I’m with Adobe facebook group, and try to correct the misinformation that is being spread when the topic is brought up.

Do you want standards, interoperability and low prices?
Or do you want high prices with hardware and software that is proprietary and uses DRM to control what you can install or view?

Apr 122010

Reading discussions about the whole iPhone 4.0 SDK license and reading countless discussions on HTML5/Silverlight/AJAX/DHTML vs. Flash, it’s very common to find people wishing the death of Flash. And this is something that seems to be a pattern with all technology. For example all the talk about iPhone killers and now iPad killers. It puzzles me a bit why so many people seem to assume that technology is inherently like some kind of Hitler or cancer, seeking to devour all competition until there is nothing left to devour.

Evidently that is not the case. We are constantly getting more and more platforms, languages, frameworks and development tools. Sometimes a technology dies, but big prominent technologies tends to stay on.
The demise of Flash has been announced constantly for over a decade now. First it was DHTML, then SVG, then AJAX, then Silverlight and now HTML5.
But today Flash powers the vast majority of all multimedia and animation on the web and is also one of the most popular platforms for RIA development. It’s far from dead and when Jobs compares it to the floppy drive he is obviously delusional.

The future is diversity and I’m pretty sure we will have Flash, HTML5 and maybe even Silverlight in widespread use for many years to come as well as more specialized technologies like Unity3D. It’s all technologies with their own merits, and none of them needs to die. The market for technology that can deliver interactive multimedia is big enough for more than one player. Most people do agree that a little competition is a good thing, but why would they then want HTML5 to become the only way to deliver interactive multimedia?

I think it’s quite telling that very rarely you hear people in the Flash community wishing that HTML5 has no place on the web the same way you constantly hear people calling for the death of Flash.
I guess the reason for that is that we do not really fear the competition. I’m very happy with the Flash platform and think that it has a very bright future. If I’m wrong I don’t mind at all to learn new technologies, and as a Flash developer I already need to know JS and HTML anyway, so if it turns out to be more suitable for some projects I’ll be happy to use HTML5 instead.

Many developers working with JS and HTML defend their position that Flash must die with the fact that it’s a proprietary technology, and hence it has no place on the web. While I can understand that as a rationalization for wishing the death of a technology, it’s simply not true.
The SDK, compiler, Flex framework as well as the AVM is open source, and the swf and RTMP formats are open so you can write your own Flash Player or media server.
The fact that the Flash Player as distributed by Adobe isn’t open source is understandable since it uses proprietary technology for different codecs, which Adobe does not own. Hence it’s not their technology to open. Moving the proprietary code into the browser, for example to support h.264 video, does not make the web less proprietary.

I think the real issue is many times is not actually their concern with proprietary technology, but that Flash feels closed to them. Embedding an swf is like opening a hole to a different universe, and that is scary.
And while you don’t have to use Flash Professional and/or Flash Builder to generate your swf, that is what most people will do. While both IMO are fantastic products they are bulky, slow, costly and proprietary and I can understand if someone used to working with HTML and JS can feel a bit uncomfortable with using them.

And it can often be like a different universe developing for Flash. While the technologies involved overlap, someone good at developing websites is not necessarily good at developing advanced applications and games. So not only is the swf and the having to learn an extra development environment scary, but for many developers it’s a relief not having to deal with programming applications that for example involve physics, DSP, image processing or working with binary formats.

I can understand that  Flash does not appeal to everyone, and it would be a shame if developers who feel that way would have no alternative, But they have alternatives, and to me it seems a bit childish to when they wish the death of a technology, especially when trying to justify it with some bogus claims about it being proprietary or resulting in bad performance compared to competing solutions.

Jun 042008

I have collected some of the tools and resources that I find very useful when developing Actionscript applications that with the exception of one are free and/or open source.
If you are an experienced Actionscript developer you are probably already familiar with most of them, but there might be one of two that you have missed.
And there is probably a lot that I have missed that should be included, so if there is any you think should be placed on the list please give suggestions in the comments.

Actionscript 3.0 migration
Very useful AS2 to AS3 migration reference.

PHP implementation of the Action Message Format. If you need to transfer large data sets between the server and your Flash application remoting enables you to use native Flash data types which cuts down on time and resources needed to parse and transfer data.

AS3 Optimizations
Collection of useful AS3 optimization suggestions and links.

Unit test framework for Actionscript.

Web debugging proxy which I find indispensable for inspecting traffic between server and swf files.
Has support for remoting (AMF0 and AMF3) and can do bandwidth throttling.
The only resource listed here that is not free, but definitely worth a mention here due to being extremely useful.
You can try the 30 day demo and see if you think it’s worth the asking price compared to for example Fiddler which is a free alternative.

My favourite Actionscript editor. IMO the code completion is much better than FlexBuilder and it comes with MTASC and SWFMill to create AS2 swf’s and integrates with MXMLC for AS3 projects so it very easy to get started using it as an all-in-one solution for developing Actionscript applications.

Simple but very useful Firefox extension that enables you to view trace output in your web browser which is very handy when you need to debug an application while it’s running on the server.

GAIA Framework
I have to admit that I haven’t actually tried it out properly yet since it hasn’t been applicable for the kind of projects I have been working on lately, but I had a quick look at it and it really seems like a very neat framework for certain types of projects.

A neat little AS3 component set from bit101. As the name suggests it’s very minimal but usually I find full fledged architectures, like ASWing or the ones that comes with CS3, to be a bit overkill in most cases and it’s a great example to study if you like to make your own AS3 components.
They are drawn from code and hence have a tiny footprint but are not skinning friendly.
For AS2 I have mostly been using Bit101′s commercial
and I would love to see a similar set for AS3 but for now MinimalComps has come in very handy for simple little apps and prototyping.

Open source AS3 audio library started by Andre Michelle and Joa Ebert.
If you want to be able to generate or process sound without using Flash Player 10 it will help you do that, but it’s also possible to use the generators and processors with the new samplesCallbackEvent functionality of FP10 as well.
So if you are interested in Flash audio it certainly very worthwhile to check out.

Open source Flash server for media streaming and remoting. A very good free alternative to Flash Media Server.

To implement deeplinking and back button functionality when possible on Flash projects have been a concern of mine for quite a while, both due to usability and SEO concerns. Back in 2005 I developed my own solution, but it was something I quickly hacked together and although functioning and better than anything I could find at that time I always thought it could be a lot neater and was hoping someone would step up and create a package that could gain popularity with a lot of developers.
Hence I was very happy when SWFAddress came along with a package that is solid, neat and easy to implement.

I guess there is not much to say here. You’re probably familiar with SWFObject already, but in case you are not just get it and start using it to embed you swf with it now.
Not only is it a very convenient way of adding version detection, providing alternate content and passing on query parameters to the swf but it also has the benefit of avoiding the IE issues with activation of embedded content.

Easy to use version control software for Windows.

The fastest tweening engine for AS3 with very neat syntax and always my first choice for tweening duties along with it’s smaller siblings TweenLite and TweenFilterLite.
I have come across scenarios where it doesn’t behave as expected (I guess due to the fact that it doesn’t search for overlapping tween properties to overwrite only those properties) and then I stick with Tweener which has very respectable speed and equally neat syntax.
EDIT:Jack Doyle, the developer behind TweenMax, got in touch and had a look at my code to find the reason why it did not behave the same as Tweener. Basically TweenMax will not search through existing tweens to check what properties to overwrite and instead by initializing a new tween of one property you stop existing tweens of other properties. This is done to optimize speed but means that your code might have to be slightly different compared to other tweening engines.
In my case it was simply a matter of adding the property that gets overwritten to the new tween and issue was solved.

May 162008

Finally Flash will have built in ability to access the sound output buffer when using FlashPlayer 10 that just has been released.
Tinic Uro have posted a little information about the implementation.
So no more relying on complicated hacks, this is all the code you will need to generate a sine wave (snipped from Tinics post):

var sound:Sound = new Sound();
function sineWavGenerator(event:SamplesCallbackEvent):void {
for ( var c:int=0; c<1234; c++ ) {
var sample:Number = Math.sin(

Switch to our mobile site