For iOS: write an app, set a price, release it. For at least 90+% of potential customers, they have to pay for it. Piracy requires modifying the device in a way that Apple blocks.
For Android: write an app, set a price, release it. Anyone can easily pirate it, but it's still easiest to buy it instead.
I guess it's more "open" or something, but it just seems like more work for the same result.
BTW, both iOS and Android require servers to be available for purchase checks unless, as the app developer, you don't care about piracy (which might be legitimate for the "most people will buy it" argument).
This is only correct for in-app purchases where it is part of the purchase flow. For your regular app purchase no checks need to be made.
I think you are correct about opening up JS files though. Are there any good security measures against that?
Patching out code is something that's easy to do in anything while it's centralised. That's why you get do doing things like adding in a license checking macro in various places in many desktop apps: if you remove this check, that one may well still be there.
Just because it's in an ostensibly human-readable language doesn't mean it's human-readable or easily modifiable.
It's an important point and outlines the differences in Mozilla's approach. The same applies for Mozilla Persona. The cost of openness is building a system that's loosely coupled and then adding the glue afterwards to make it easy for many.
It's quite the opposite of closed systems and you have to see the longer term vision to understand why Mozilla starts out with this type of solution.
@chrismorgan, it might go a long way to include the plans for a "hosted" version of the open model as a convenience layer. Most won't make that leap themselves.
I'm not sure how Mozilla is going to handle users, etc, and how I can get that information transferred into my system so that users can get into their account from a regular web browser as well as the web app from their device. I need to figure that out, but I'm not there yet. The sales & user accounting systems are probably going to be 3-5x more troublesome than the actual program.
I've just finished writing a receipt checking web service for iAP receipts – in JS nonetheless :)
At any rate, I am starting up a project that I am hoping to sell on the FF Marketplace. It's going to be a trip (never done app development before!).
This will be an exciting project to watch.
Does anyone know if Apple has addressed this yet?
The one concern for app developers on the FirefoxOS will be protecting their code. If its trivial to reverse an Android app and use that code it will be even easier to do it on FirefoxOS. So because of that most apps will be webapps and not native apps. The downside is you will need an always on network connection.
Validating and enforcing in-app purchases will not be a problem on Firefox OS if its a web app. Of course it can be trivially circumvented in native apps. More reason why I expect only webapps on that OS.
But having an application which is 100% HTML/JS/CSS/Interest other scripting language here. Without any ability to opcache or byte code it and encrypt it. It's not going to take much to crack it.
If they somehow found a way to compress+encrypt the HTML/JS they may be able to make it at least a little bit more challenging. But that would take a lot of effort.
Minification and obfuscation are quite common for web apps already. It's done for current phone apps, and it will be done for the new breed of web apps in just the same way.
You think bytecode is difficult to crack? :-)
Until Hex-Rays Decompiler for asm.js comes out of course :-)
there is a key difference: it does not lock you into Mozilla or lock you into your Firefox OS phone
How is this true in any meaningful way? I look down this list of APIs: https://wiki.mozilla.org/WebAPI and I see many many things that are FirefoxOS only, and are not planned to be made available for other platforms.
If they want to say that FirefoxOS can display 'standards compliant' web pages then yes, great, but so can every other OS to some degree (web 'standards' are a moving target and Chrome and Safari have broadly comparable standards compliance).
If FirefoxOS is to be truly standards compliant that means it will be unable to do a single thing that other platforms can't also do in their respective standards compliant web browsers (and if no other browser implements it then it's not much of a standard). So where is the additional value from FirefoxOS? It's just an OS that is by definition less functional than every other OS.
Before anybody chimes in pointing out all the misleading PR from Apple and Google and Microsoft, yes I'm aware of that, but they are for profit companies and don't claim to be working for the betterment of mankind. If to compete with them you also have to coat everything in a glaze of PR bullshit then how are you any better than them, other than that your bullshit has a slightly different consistency that makes it easier to swallow for some people.
The point of this article was to start getting others to help us make it work for them. There is a chicken/egg problem so someone has to start somewhere.
Compare this to Chrome OS; they have not made an effort at creating a decentralized receipt format. To validate a paid app your only option is to talk to Google's web service.
That wasn't sarcasm, I'm legitimately excited.
Plus, WebOS is still here -- I almost feel like people are actively ignoring it: trying to sweep it under the rug whenever its mentioned. Truthfully, I'll be sad if Firefox OS gains traction, because WebOS did all of this years ago.
That's not very true. Any HTML5/JS app built for WebOS 3.0+ (when Mojo was depreciated, and Enyo brought in) can run in any browser; if it uses WebOS-specific API calls (most often used for notifications), then it can be wrapped in PhoneGap/Cordova and compiled for nearly any OS.