Hacker News new | ask | show | jobs
by yjftsjthsd-h 828 days ago
I'm not sure I understand your constraints. Accepting at face value that your app has to be wholly non-user-modifiable, what exactly is wrong with web/JS/Python? Putting a web frontend on the system shouldn't let the user control anything interesting since the frontend is just a client over the real HTTP control interface. And rolling Python in with Java et al., why does it have to be a compiled language? Most users aren't exactly going to pop open the app regardless, and if your threat model includes users patching the program and ex. editing out signature checks, it's not like compiled code will protect you from a debugger/decompiler/hex-editor.

(To answer the actual question as posed: If you can use Linux, I think you'd be crazy to use anything else. It gives you far more control, completely removes the risk of any updates you don't want, can allow really slick update strategies (roll forward/back, snapshots, A/B updates, immutable snapshots...), most likely completely throws out licensing fees for the OS. Like, if your team is familiar with Windows, fine, if you need Windows-specific drivers, sure, but otherwise? It's an appliance; Windows was never a good fit.)

(Edit: Also, whichever OS you go with, please decouple your stuff from the OS as much as possible. If it's Windows, make a real installer or portable app. If it's Linux, it depends on your model (do you control the OS, or do customers?) but make a package/docker image/flatpak/static binary/appimage/self-contained install directory/whatever and document the install process. I say this as someone who has had to come in after something was no longer supported; it's so much easier to update the underlying OS when it's clear how you install the app on a fresh OS image)
1 comments
martin_e 828 days ago
The hardware and software are delivered as one unit. Think of buying a fancy smart refrigerator. The user doesn't install anything. They turn it on and use it. In this case we'd pre-integrate the rugged tablet with the application and have it launch in single application (kiosk) mode. In other words, from the user's perspective, they turn it on and use it and it isn't a general purpose computer.

While I definitely like the idea of using one of the many Python or JS frameworks for desktop app development, we just can't have the source be openly visible at the moment. It isn't about end users, it's about others.

Yes, I understand, it is impossible to protect against everything. There are a million ways to mess with any system. I get it.

I don't have an adherence to Windows or Linux. Equally comfortable in either environment. I've been using them both since version 1.0.

Part of my thought experiment at this stage is to try to understand what the best decision might be from more than one perspective. Questions such as what UI libraries might be available in each platform. Or, how difficult might it be to hire competent desktop application programmers in each case. Remember, this isn't about building a website. There are millions of very capable web technology coders. That doesn't qualify them to write code that can interface with and control devices in an industrial installation.

Windows has their IoT version which seems to be designed for this sort of application. I need to get in touch with them to discuss. This isn't a high volume application, maybe 1000 units per year. Not sure how that might fit their licensing scheme.

Cost isn't necessarily an issue. If the Qt commercial licensing approach wasn't such a scary mess, I would not have any reservations about paying for that. The problem is that I have to hire an attorney to actually understand it (if I want to be responsible and informed). I have less than zero desire to hire an attorney to choose a development framework.

link