Hacker News new | ask | show | jobs
by nly 2069 days ago
It would be surprising if the companies using Sciter (Norton, Avast, ESet, BitDefender) didn't have a copy of the source code with their commercial license, and the right to ship their own patched version with their software.

If the project ever fizzled away they would probably just maintain it themselves, or migrate to Electron. Actually, it's not like these AV companies are known for their high quality product, so it wouldn't surprise me if they would just let it bitrot until there are exploitable holes.
1 comments
Rebelgecko 2068 days ago
Why is sciter so popular with antivirus companies?
link
c-smile 2068 days ago
For many reasons.

Compact and manageable UI layer is the first. Full Sciter build for one platform/target is 50 seconds or less. Electron/Chromium builds are about tens of hours as I've been told.

Yet this https://sciter.com/from-skeuomorph-to-flat-ui-evolution-of-o...

is the same app that uses the same UI engine since 2007.

UI maintenance all these years is the matter of updating CSS declarations. Yet you always know that it will be HTML/CSS people that can do your UI in future.

link
webmaven 2067 days ago
> For many reasons.

[snip reasons]

But why AV companies specifically?

link
c-smile 2067 days ago
> AV companies specifically ...

AV/security specific reasons:

First serious customer was Symantec with their Norton Antivirus. Norton AV 2007 was their first version that used Sciter (named HTMLayout then). And Norton AV was market leader at that time.

Symantec did first security audit of Sciter source code.

You (AV vendor) have UI engine that fits most of UI requirements (lightweight, supports i18n by nature, flexible to screen resolution, HTML/CSS is well known in UI) and, which is most valuable, secure. So decision is quite obvious.

Yet, psychological aspect.

AV product must look modern at any time. User may not trust AV app that looks outdated - that rises suspicion that it is not adequate to recent threats - so it must look modern. Therefore ability to modernize UI by CSS without touching anything else (happens at least once per year) is the key requirement. UI systems/frameworks that use designs nailed down to pixel grids are too expensive on the long run in such circumstances.

link
webmaven 2066 days ago
Interesting. Was this a market segment that you targeted deliberately from the outset, or was it a happy accident that you subsequently leveraged?
link
donmcronald 2068 days ago
What order are those in? The top left (first one) is the best UI IMO. Lol.
link