Will Dart and Flutter Lead the List of Mobile App Development Frameworks?

Dart, as we know, is an open-source, object-oriented, general-purpose programming language developed by Google in 2011. It uses a `C’ style syntax and optionally trans-compiles it into JavaScript. While it is frequently used from client-side and server-side web development it is also used actively for mobile app development – both native and cross-platform. As per the TIOBE 2019 ranking – the de-facto standard for gauging the popularity of programming languages, Dart is in the 26th position, halfway through the listing of the top 50 preferred languages. Delphi and R, are however in the 15th and 16th position, which essentially means that they continue to remain popular programming options.

Dart’s entry timing might have been wrong, and its position amongst giants, makes it seem a negligible option. This could be the reason for its infamous ranking in Codementor in 2018. Codementor, listed Dart back then as the number one not to be learned the language. This period in its evolution was also not very encouraging if you see the lackluster demand in the job market for programmers with Dart skills. This, in spite of the fact, that Dart offers programmers ease of use and is naturally lightweight. With these two classical features, it should have been a programmer’s best friend, but in the competitive world of languages, Dart’s better features were ignored. That is until recently! Now, what could be the clincher for Dart is Google’s recent Cross-Platform mobile development Framework, Flutter completely supports Dart. This is definitely changing Dart’s fortune for the better. Flutter is popular and Dart is back on track.

Understanding Flutter

Towards the end of last year, Google’s new cross-platform mobile app framework Flutter released its first version. Though initially it was intended for mobile app development, now they are making it as a multi platform framework. Let’s take a closer look at what Flutter is doing for app development today.

Flutter is an open-source, cross-platform mobile app development framework. It currently supports iOS and Android development, with potential for other platforms including web and desktop support. Flutter sets itself apart from competition like React Native and Xamarin through consistency across platforms.

A Flutter app made using Material Design will look exactly the same on iOS as it does on Android. Additionally, Flutter is powered by Google’s Dart programming language, which should feel familiar to developers of various backgrounds.

Flutter first entered the programming world as `Sky’ and it ran on the Android operating system. Now Flutter completely supports Dart platform and uses its advanced features. On Android, iOS, Linux and Windows, Flutter apps use just-in-time and ahead-of-time compilations. Special feature of it is `hot reloads’, i.e. make modifications to running apps. This feature sets Flutter apart from the crowd.

Flutter support’s Google’s Skia graphics library, opening the world to its core world of animation and graphics.

Flutter – a game changer for Dart

Forbes.com’s Todd Fabacher, Experienced Chief Executive Officer, with an extensive history of working in the computer software industry for over 25+ years, says that he is constantly asked a fundamental question by companies, “What development language should I choose, and what tech is coming around the next corner?”

His answer is Flutter and Fuchsia. He also says that these two words will dominate all programming discussions in 2019.

Flutter is footloose and free and ideal for young, cash strapped developers. `Download it and start’ is the mantra.

Fuchisa is Google’s take on Android and is an operating system of the future. But then aren’t there enough operating systems? Why bother to create a new one? According to Todd, the answer to this question is three simple letters: IoT. It’s all those hundreds of millions of devices that are starting to be embedded in our everyday lives: Amazon’s Alexa, self-driving cars from Tesla, intelligent temperature control devices and even smart locks for our homes. Fuchsia might make is home in the billions of IoT devices in the next few years, and its secret will be Flutter. Flutter makes the development look easy, and it is built for the future.

The three forces, Dart, Fuchsia and Flutter are gearing up to take on the world of hybrid and cross-platform mobile application development and in a few years, they will be most programmers best friends.

Mobility for workforce and customer engagement

We, at Trigent, have crafted and implemented comprehensive mobility solutions for large enterprises and SMBs. We can extend this capability to design, develop, and provide mobility solutions to empower you with seamless ecosystems that transcend distances, devices, and distribution models. To know more about our mobility offerings, click here.

Not just the Vendor, Choose the Right Development Team for Your Product!

Presale discussions with prospective customers can be very interesting!

Initial discussions would focus on one of their products to be built or supported. But, when the prospect realizes that he/she is talking to a solution architect, who is technically sound, and a good problem solver, the discussions would take a detour. It will focus on their issues with other products and we end up winning an entirely different project from them!

To explain further, most of the times, the discussions would focus on the issues related to their existing vendor. They will complain about their current vendor and how their product has suffered because of the poor management by the vendor.

In several such cases, when we delve further, we find that most of the companies have done their best to find a suitable vendor. However, after identifying a good vendor, they have trustingly handed over their product development work to them. They do not find out about the actual developers or conduct background checks on the developers who will be working on their projects. Big mistake I would say!

Build highly scalable, elastic, cloud-native software products

Let me share two recent, interesting presale calls:

First Presale Call:

This was with a prospective customer to discuss some clarifications for their new product RFP (Request For Proposal). However, a few minutes into the call, the discussion took a different direction. The prospect started explaining the issues related to their current website. He was worried about the fact that their website had been hacked three times in a span of four months!

Every time it was hacked, their vendor who had developed their website made few changes, charged them for the work and assured them that the website is safe. But, once again the site would be hacked and down for a few days. He was completely frustrated with the way it is going and was avoiding meeting the senior management as he did not know how to solve the problem.

The night before the call with us, the site had been hacked yet again and their hosting provider had suspended their account. They had written to him saying that unless the issue was rectified, they would keep the account in a suspended state as the hacker was inducing lot of traffic to the hosting provider.

I was curious and felt that the hacker must be very intelligent and the site must have a really complex loophole. I asked him to give us a chance to check this issue.

Since the site had already been hacked three times and this was the fourth time, I personally got involved, even though my team could have handled it. I found that the site was built using Drupal, PHP. When we dug deeper, we noticed that there was a PHP page which triggers an email based on the email id provided by users. That page was being called from another page where there was a ‘Captcha’. When checked, their PHP page was actually getting Captcha image along with the Captcha text from the server and then validating the user input with Captcha text in their Java Script i.e. on the client side! After validation, their Java Script was calling another PHP page with the email id provided, which is triggering an email.

No wonder the hacker easily got hold of the PHP page which was responsible for triggering the emails. It appeared as though some junior programmer must have coded this way as no experienced programmer can actually do the Captcha validation work on client side. Unfortunately, no one had checked the code again even after repetitive hacks!

Our team took care of it easily by moving that validation logic to server side. We also ran a security check on the whole website and then fixed a few other minor issues. After that fix, it is been three and half months and no news about their website going down!

Second Presale Call

In this presale call with a HR advising company, when I mentioned about using cloud for their new product, the suggestion shocked them. The client mentioned that they were already paying a huge amount for maintaining their current cloud infrastructure for one product. They did not want to go with cloud for any of their other products because of this cost. After checking we found that they were using a private cloud for hosting their web portal and database servers. There were just three medium level servers and they were paying US$8000 per month to the private cloud service provider.

As a leading healthcare company, they needed measures to be compliant with standards such as HIPAA, HITECH and so forth. Their current vendor had suggested the private cloud vendor and they had gone with the suggestion. After understanding their security requirements, we moved their current product to Microsoft Azure without compromising any of their security requirements. Now they pay just USD 720 per month. Huge savings. Isn’t it?

In both the cases, the vendors with whom they were working were very good. Customer had spent a lot of time and effort in selecting the right vendor. But after selecting the vendor, they had handed over their product development work to them.

To me it appeared that the problem was with the development team and not with the vendor.

In the first case, the development work was executed probably by someone who did not know how Captcha is meant to work. This could be how their web site became a prey to the hacker.

In the second case, after hearing security requirements, the development team/architect had suggested a private cloud (due to its popularity in security) maybe without considering other options.

Best Practices for Outsourcing Development Work

  • Generally, when companies outsource their product development work, they select a good vendor and will not bother to check the development team that works on their respective products. It is a fact that vendor companies place good technical people during presale calls. However, actual development could be taken care of by a different set of people. It is, therefore, a good practice for companies to insist that their vendors place the same set of technical people who speak to them during presale calls to work on their product development.
  • Companies should insist on being introduced to the development team (at least the leads/architects) and check their expertise on required technologies.
  • Also it would be great to get their profiles checked on social media sites like LinkedIn, and technical forums etc.
  • It is good to have a dialogue with them and make sure that they are fit the requirement. If you cannot understand the technology, get a consultant to do this work for you.
  • More importantly, stay constantly in touch with the development team to make sure that the same set of people are working on the product.
  • Also, if you have a requirement for cloud infrastructure services and if you are going to a vendor who has partnered with Microsoft, they will try to convince you to go with Azure cloud. It can be the same case with AWS or GCP, Armor and so forth. It is better to find a vendor and development team that knows all the technologies and recommends a suitable platform or the technology for your product.

Summary

For product companies, the product is like a baby. When something happens to a baby, we need to search for a pediatrician and not a general physician. It is important to evaluate the pediatrician. I am sure that no one will want to get their baby diagnosed by an intern even if the intern is working in a large hospital. Also, once that pediatrician is taking care of the child, it still needs the presence and the care of its parents.

Similarly, it is important to take care of your product by choosing a good vendor along with a good development team. After all, the product is your own baby and you are more responsible for its welfare than anyone else in the world, right?

So, How Secure is Your Mobile App ?

It’s no surprise, today, we hardly find a business without mobile presence. No longer can businesses afford to become mobile agnostic. Mobility has made deep inroads from enterprise corridors to our daily lives.

Right now, somebody is hacking..

Right now, while I am writing this, there are thousands of online transactions taking place on mobile apps across the globe and at the same time, thousands of companies devising their mobility roadmap.

On the darker side, there are millions of hackers busy in hacking!  But on the opposite side, mobile security teams and companies are working their way out to do their best to tackle the situations!

Each day, the number of mobile apps are rising in biblical proportion across App stores.  But as the number of these apps rise, so are the numbers of hackers and a new story to back the latest hack.  Mobile App development is a fast paced process and the time to market an app should be very quick. A little late entry can make way for the competitors to capture the market quickly. At such fast paced competitive dynamics, developers and companies spend a lot of time in finalizing the Functionality, User Interface (UI), User eXperience (UX), Business logic, Performance, QA etc. At the same time, most of the people neglect security aspects of their mobile applications as most of the time the focus is on rolling out their app to the market in a shortest time possible.

When an app is released in the app store without due consideration to security, the results can be catastrophic.

We have recently published an article on our site that talks about all these security aspects. Here are some of the talking points:

  • Security aspects of mobile apps
  • Impact of not giving much importance to security and
  • Few minimal set of security measures to be taken while developing a mobile app.

How Secure is Your Mobile App?

We are also in the process of publishing a whitepaper on ‘Security in Mobile Applications’, which is an exhaustive paper covering all the security aspects related to mobile applications. You can expect that in next few weeks. Keep watching this space for the same!

Do you want to share something on this topic ? Please do not hesitate to share your views and comments to vijendra_h@trigent.com

Is your application architecture effectively making use of cloud?

I have seen a lot of application products (web products or mobile apps) claiming that they are based on cloud architecture. But, when we dig more into the architecture, we can see that the products are just hosted on cloud server and sometimes utilizing cloud storage (file, DB etc.).

Let’s debunk the myth first!

Lot of IT folks are under the impression that if their application is hosted on cloud servers, then their solution can be called as cloud based architecture. Is it so? Can we call it as a cloud based architecture? I leave this question to be answered by readers after reading this blog post.

Only if an application makes use of the following four principles, can we call it as a cloud based architecture.

  1. Elasticity
  2. Pay-By-Use
  3. Self Service
  4. Programmatically

So, how is the web hosting different from cloud computing? Following table lists the differences.

Attribute Cloud Computing Web Hosting
Elasticity Yes No
Pay-By-Use Yes No
Self Service Yes Partial
Programmatically Yes No

If an application satisfies the above four principles, technically it can be said that it is based on cloud architecture. But is that enough? The answer is ‘No’.

So, what does it take to make effective use of Cloud?

There are many other things to do if we want our application architecture effectively make use of cloud and thus minimize the load on web server, minimize the utilization of different resources and ultimately reduce operating cost.

Let us take a simple example of how file transfer can happen in any web based product or mobile app. Following diagram shows a typical way of sending files from end user machine/device to cloud storage. I have seen this happening in many of the customer products.

This can be called as a traditional way and following are the steps in this process.

  • The end user initiates the process of uploading a file to server using web page or mobile app.
  • The file will get uploaded to web server and sits in the web server’s local file storage. Usually it will be server’s local hard disk or some network file storage.
  • Once web server ensures that the file upload is done by end user, it will indicate the backend service (can be a regular windows service or cloud service or a daemon process) to initiate the file transfer from its local file storage to cloud storage (can be Amazon’s S3 or Microsoft’s Azure). This would be usually asynchronous process. The indication to backend service can be direct way or by just updating DB records so that the backend service which keeps on polling DB will get to trigger with that change.

If the file gets bigger in size, the uploading process from end user’s machine/device to web server as well as the transfer from webserver file storage to cloud storage will take more time.

When too many users try to upload files to servers, more web servers have to be deployed (using auto-scaling feature or manual) to balance the load on web server.

Gosh. What a wastage of CPU time, resources and also the cost!  Also the end user will not get a clear picture about when the file will be available for his/her use from cloud storage(of course through web server or mobile app) as the backend service works asynchronously.

How Cloud Helps?

Let us see how the time and resources can be minimized when the application architecture effectively make use of cloud!

In this architecture, we’ll make use of cloud storage provided functionality called ‘Shared Access Signature‘. Also we will effectively make use of unlimited bandwidth (Unlike auto scaling, this is unlimited) of cloud storages. Here cloud storage can be

  • Amazon S3 or
  • Azure Blob

Both these cloud providers offer ‘Shared Access Signature’ feature. This concept allows any file/directory stored in cloud storage to be shared with anyone with read only/write/full access for a limited time. We can make use of this feature to make the end user directly upload file(programmatically) from his/her machine/device to cloud storage.

Let us see the steps about how file gets uploaded directly to cloud storage without any backend service or the webserver’s local storage usage.

  1. End user will initiate the upload file functionality on the webserver provided page or using mobile app.
  2. Webserver creates some temporary place on cloud storage (Blob or S3) and generates write access signature which is valid for some short time (say 60 minutes-this can change depending on the need).
  3. Webserver passes access signature to client browser or mobile app. Note that it is just a signature and not any credentials related to cloud.
  4. Client browser will use that signature and uploads the file directly to cloud storage.
  5. Once the file upload process completes, browser or mobile app will indicate that to webserver.
  6. Webserver will take care of moving the file to appropriate location within the cloud storage (cloud storage will take negligible amount of time to move a file from one place to another within it). Also takes care of removing shared access opened on the file.

Note that

  • There is no backend process involved in this flow at all
  • No usage of web server’s local storage
  • Web server’s time in getting a file from end user’s machine is totally saved. Thus, lot of reduction in the web server’s load.
  • Once the user uploads a file, it will be there in final destination within negligible time and webserver can use that for user’s other operations.

So, what’s your thought?

Surprised? There are many other tricks which can be used to make application architecture effectively making use of cloud. Let us see those in coming blog posts.

Feel free to share any such tricks at sales@trigent.com

How IBM MobileFirst can accelerate Apps development?

Because of the increasing demand for cross-platform mobile solutions and mobile development tools, several Mobile solutions providers sprung up during hay years of mobile application. However, each one had its own shortcomings like uncommon language for scripting, proprietary interpreters, and limited environment for development. This led mobile developers to compromise on costs, user experience and marketing time. It was then IBM MobileFirst (formerly IBM Worklight) came to rescue the forte of many.

IBM MobileFirst is based on ‘code once and run on multiple devices’ approach. It provides a standard based, comprehensive platform that includes IDE/SDK, mobile-middleware, private enterprise app store, strong security framework, management & analytics console. It currently supports iOS, Android, Windows and Blackberry platforms.

This software helps corporates to expand their businesses to mobile devices. It offers an open, advanced and more comprehensive platform for building, testing, running and managing mobile applications for tablets and smartphones. Thus, it reduces the cost of development and the time takes to market. Furthermore, it also improves the governance of mobile application and facilitates a secure atmosphere for mobile applications.

After IBM acquired the mobile platform product Worklight in Feb 2012, it has integrated this product into all of its products so as to provide a complete life cycle management solution. After acquisition, it was called IBM Worklight. But after their 6.3 version, they have renamed the product to IBM MobileFirst.

The standards based technologies used by IBM MobileFirst completely removes the usage of code translation, non- standard scripting languages, and proprietary interpreters. IBM MobileFirst can accelerate the business development by enabling the corporates to support several mobile operating platforms from an exclusive, shared code base; by easily getting connected and synchronized with enterprise data, cloud services and applications; by protecting mobile applications in a secure atmosphere; and by governing mobile application from a single point of control.  Without writing a single line of code, through the use of adapters it can provide secure access to internal services. Similarly unified push notifications and SMS made the developers work very easy. They can be used with just few lines of code. IBM MobileFirst internally uses Cordova (Formerly PhoneGap) cross mobile platform along with HTML5, JS and CSS for hybrid applications.

The IBM MobileFirst’s portfolio can help enterprises of any size to quickly expedite development tasks for multiple platforms at ease. It can be utilized productively to develop, connect, run and manage mobile applications for matching the security standards of any business to that of any global organization.

Have something to share on MobileFirst, write to me!