The minor versions will include some cool examples of using JavaScript with UDP and perhaps some additional plugins.
In a nutshell, for anyone who is interested - the Web security is achieved using a backend utility that creates a signed file of various dependencies and signed digests of the site that requires real time verification by the JNEXT client. The JNEXT client when accessing this site in real time does not enable any native operation until the current page contents and CSS/script dependencies has been verified to be authentic.
The server backend utility has been completed and what is left is the non-trivial task of building the real-time JNEXT client side security mechanism.
It's quite a challenge, but its also a lot of fun and considering the ease at which site developers will be able to combine JavaScript with TCP,UDP,SQLite,Files and any other extension plugins gives enough motivation to meet the challenges...
[ 2 comments ] ( 66 views ) | permalink
To those interested in the development state of JNEXT:
The past couple of weeks I've been laying the infrastructure for the PKI based security system for enabling JNEXT to safely run on public Web sites.
Work is currently being done on the JNEXT security backend - the idea being the a Webmaster will be able to run a utility which will automatically pre-process the site being launched and create the necessary signatures that the client JNEXT engine will process at runtime (surftime...) and on which decision will be made of whether to enable JNEXT based on whether the javascript code on the site has been compromised.
Completing the back end and the client side security framework takes quite a bit of work - I expect the new version of JNEXT containing this functionality will be complete sometime in January 2009 - so there will be a bit of silence on this blog until then - but don't get the wrong impression: JNEXT is growing and maturing every day and my ambitions for its use are of megalomanic proportions... :-)
[ add comment ] ( 4 views ) | permalink
Things are starting to fall into place with the security design for JNEXT, so this is where the focus will be the next few weeks.
[ 2 comments ] ( 32 views ) | permalink
After getting a better understanding of the number of security holes that must be plugged in order to make JNEXT safe for deployment on public Web sites, it seems this is definitely not going to be a walk in the park. Ironically, The power and flexibility of JavaScript, which motivated me to create JNEXT in the first place, is the very reason that makes the task of letting JNEXT loose on the Web a very difficult one.
Since at this point, there are not many people actively involved in developing JNEXT, my dilemma is whether to spend more time researching how to make JNEXT's security watertight or to forget about Web deployment for now, define JNEXT as a tool for rapid application development and concentrate on creating cool extensions for it.
Anyone care to comment ?
[ add comment ] ( 5 views ) | permalink
After assessing the amount of work required for the next release my estimation is that it will take at least two months to complete the job (unless anyone volunteers to help, which given the amount of exposure JNEXT has received until now is highly unlikely).
However, once completed, this framework will have the potential to change the way we think about what Web sites can do.
As always, good technology is never enough, and so the next step (which I intend to start implementing with the next release) is to make sure that installing and using JNEXT by both Web users and Web site developers will be ridiculously simple, extremely appealing and uncompromisingly secure. To this effect, cool sample RIA via JNEXT applications will be added to jnext.org and client and server side installation and management will be much simpler and more user friendly.
There's plenty to do so I'll stop blabbing now and get to work...
[ add comment ] ( 4 views ) | permalink
Calendar
