Feeds

Microsoft: Silverlight youth beats Flash experience

Outta your sandbox

Intelligent flash storage arrays

It sounds like Microsoft is getting the same treatment from Apple as Adobe Systems when it comes to putting its media player on the iPad and iPhone.

It's been put on hold.

Regardless of whether Silverlight makes it on to either, Microsoft still feels pretty good about how it stacks up against Flash in security - an area where Apple chief executive Steve Jobs recently unloaded on Flash.

There's no Flash on the iPhone, Jobs said, because Flash is riddled with bugs. "Whenever a Mac crashes more often than not it's because of Flash," Jobs said. Adobe's chief technology officer Kevin Lynch fired back: "We don't ship Flash with any known crash bugs."

In an interview ahead of next Tuesday’s release of the latest installment in the Silverlight story, Silverlight 4, corporate vice president for the .Net developer platform Scott Guthrie told The Reg that security and performance for the player are "super critical" to Microsoft.

Overall, he added, Silverlight 4 positions Microsoft "very well" as a technology for building and delivering Rich Internet Applications (RIAs) against the Flash-based Adobe Integrated Runtime (AIR).

The stakes are certainly higher with this version of Silverlight than previous editions.

Silverlight 3 ran applications from the safety of a sand-boxed environment, to protect your PC from potentially malicious code that might be hidden inside that video of the cat playing chopsticks you just downloaded from YouTube and started watching during your lunch break.

But version 4 lets you chose to run applications outside the sandbox as it taps into your computer in a way that would embarrass its predecessors.

Video in Silverlight 4 will integrate with the media hardware on your PC, like the processor and any camcorders - should the application using Silverlight need to use a video, that is. Silverlight 4 adds new APIs that let you re-size and re-position video or other content using Silverlight outside the browser and on the desktop. Applications can be integrated with the task bar at the bottom of your Windows-7 screen or the doc on Apple's OS X. Applications written in Silverlight 4 can also access the PC's clipboard.

Applications in Silverlight 4 can read and write to the file system if the application is supported. And you can customize the chrome and host HTML - handy for running video build in HTML 5 but also potentially handy for cross-site scripting or SQL-injection attacks.

Guthrie said security is something Microsoft worries about every day but noted Silverlight has enjoyed a very good reputation since version 1.0 in 2007. He attributed that to youth.

Silverlight has been built in an era when its been possible to take advantage of the best practices that have evolved as the result of the last decade's word of attacks. Technologies like Flash, which hails from the mid 1990s, predate this and contain layer upon layer of legacy code and fixes to cope with first the PC and then the rise of the web.

"Any code written in the last five years tends to be more secure than the code written 10 years ago - that's true for us and others," Guthrie said. "Silverlight, because it's been written over the last two to three years, is able to incorporate the best practices we've learned. We feel pretty good about Silverlight's security."

Interestingly, during the recent Pwn2Own hacker contest at CanSecWest, Google's Chrome was the only browser not to succumb to attacks from hackers that felled Internet Explorer, Mozilla's Firefox, and Apple's Safari. All these pre-date the two to three year window while Chrome is Silverlight's peer, having been first released in 2008.

Overall, Guthrie said he felt Silverlight 4 positions Microsoft well against Adobe's Flash-based AIR for RIAs. Like Silverlight, AIR breaks down the barrier between downloaded applications and their access to the local hardware and data on your PC.

In many ways, Silverlight 4 closes the gap on Flash and AIR on a features perspective with simple additions like the ability to print from Silverlight and the addition of support for rich text, bi-directional, and RTL text.

Guthrie repeated the latest market-share numbers Microsoft has claimed show Silverlight's growing uptake is closing in on Flash's ubiquity - Adobe claims Flash runs on more than 90 per cent of PCs.

He claimed Microsoft's data shows 60 per cent of all devices on the internet now run Silverlight - up from 45 per cent when in November 2009 when Microsoft released the Silverlight 4 beta. Guthrie cites major events like the Vancouver Winter Olympics, the March Madness basketball frenzy in the US, and Victoria's Secret fashion show have all been broadcast online using the Silverlight player have helped drive uptake as viewers had to downloaded the player.

Guthrie claimed this gives Silverlight RIAs and edge over AIR, because you don't need to download a separate Microsoft RIA runtime. You get the RIA as part of Silverlight. AIR, though, needs to be downloaded separately to Flash, so while Flash is ubiquitous AIR's still striving for penetration. He claimed Silverlight is installed on "three times" as many machines as AIR, making the Silverlight RIA option more attractive to developers looking for an existing market to target.

"While Flash is installed on lots of machines, AIR is not...so the day we ship next week our out-of-browser support will be installed on far more machines than AIR," Guthrie said.

That's a maybe, but there's still one device they all want to be on and that won't be running Silverlight, Flash, or AIR anytime soon. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Preview redux: Microsoft ships new Windows 10 build with 7,000 changes
Latest bleeding-edge bits borrow Action Center from Windows Phone
Google opens Inbox – email for people too thick to handle email
Print this article out and give it to someone tech-y if you get stuck
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
UNIX greybeards threaten Debian fork over systemd plan
'Veteran Unix Admins' fear desktop emphasis is betraying open source
Entity Framework goes 'code first' as Microsoft pulls visual design tool
Visual Studio database diagramming's out the window
Google+ goes TITSUP. But WHO knew? How long? Anyone ... Hello ...
Wobbly Gmail, Contacts, Calendar on the other hand ...
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
Ubuntu 14.10 tries pulling a Steve Ballmer on cloudy offerings
Oi, Windows, centOS and openSUSE – behave, we're all friends here
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.