The studiomoto demo and Tesla Motors demo outshine the Silverlight demos in my opinion, and they rival most of the Flash you see nowadays. I have no clue how to program Flex so I cannot compare it to Silverlight or JavaFX, but I have looked at the Silverlight code and I’d say its roughly comparable in ease-of-use to the JavaFX API and syntax.

JavaFX is way simpler than Swing or AWT programming and creating applets for download to a client browser. The syntax is relatively simple and can be picked up by an experienced Java programmer in no time. And the fact that you can use the power of the Java language definitely makes it a nice platform for client side web development.

There are a few things that still bug me. And I can tell by what I’ve read so far that they still bug a lot of others as well.

The fact that you still have to download and install an entire JRE to run JavaFX sux. Sure, its simpler than it used to be, but its not like ‘installing’ flash or Silverlight. Both of these browser plugins are easily installed with a simple click or two from within the ‘browser space’. With the JREs its just not as simple and can be intimidating to the common internet user.

The second is the footprint of the JRE. Flash and Silverlight come in pretty small – well under 5 MB each. The JRE comes in waaay higher . Not a good differentiator.

Third, and directly related to the second is the startup time. I’m sure it will improve soon, but the demos are pretty painfully slow to start up. To me, the Silverlight demos are slow to startup too. Flash is really quick relative to the others.

I have to wonder about AJAX at this point – along with a few other bloggers the last few weeks. Poor old AJAX has to work with the crud its given in the browser’s DOMs/APIs while Flex, Silverlight, and JavaFX will have their own well-defined and well-equipped runtimes. It may slip a bit, but I’d bet that the power of Yahoo and Google will keep it as a viable option for RIAs.

So, as I said, these are very early impressions – and I am by no means a web client side UI expert. I will be toying around with it a lot in the near future to see how it handles. I wouldn’t call myself a Java fanboy, but I am a Java fan since thats the primary language I use to earn a living – so I would love to see this succeed. I just hope its not another attempt at making ‘applets’ easier to deliver (AKA webstart).

For those of you who aren’t sure what bank account phishing is, have you ever gotten one of those emails from a bank, probably one that you don’t even have an account with, asking you to click a link in the email and provide some information for update purposes? Most of them use really official looking HTML emails with valid logos and images from the site they’re spoofing. They have usually hacked the site of some innocent company or individual and are using it to sucker you into entering information. A couple days ago I got one from ‘Bank of America’. The URL was http://www.24hourinkjet.com/www.bankofamerica.com/onlineid-sessionload/cgi-bin/sso.login.controllernoscript=true/sessiondid=2335454893_…. So it looks sort of official. Unfortunately when I went to http://www.24hourinkjet.com to alert them, I was greeted with an explitive laced web page indicating that the hacker was proud of what he had done.

If you are traversing the ‘blogosphere’ then you are probably smart enough to avoid phishing attacks, but a huge amount of the online population probably is not. I think of my grandparents. They don’t do a whole lot online. I only signed them up for a webTV account a couple of years ago so they could keep up with the family abroad using emails. If they happened to get a phishing attack email from a bank they actually deal with they’d probably go right to the link and enter their info. Its unfortunate, but the phishers do this for a reason – they obviously land some ‘phish’. So it’s important to come up with countermeasures. I like general idea that Mikko offers, but you can’t take the ignorance out of the internet user.

I’m no internet security expert, but I have opinions on the matter. The first problem with this is the ‘ignorant human’ one. For instance, my grandparents wouldn’t know the ‘rule’ about only giving your bank information to a site at a *.bank domain name. Second, as was apparent with the 24hourinkjet.com example I posted above is that the *.bank sites have to be hackproof. Certainly today the major banks are very secure, but I’m guessing that if this idea went through then every small bank and credit union would need to get a .bank domain name. The fact that they’d be spending a large part of their normal annual software/IT budget on a domain name means they have to spend less on stuff like paying a decent hosting service (i.e. one that is actually secure) or paying an admin that knows how to secure against such attacks. Plus I’d hate to see the small banks and credit unions forced to spend that kind of dough on a domain name effectively hurting their ability to compete with ‘the big boys’.

I definitely think this is a step in the right direction, but I would say that the ‘cost’ of the .bank domain name cannot be the barrier to entry. To me, I think the barrier to entry should be some form of proof that the applicant is actually acting in the interest of a bonified financial institution. I can’t offer a solution other than some governing body (warning – possible ruination of the entire point) that decides what applicants are worthy of the .bank domain name.