I agree entirely that desktop applications are not secure by a long shot, but I think I should give it my best shot to keep our know how as secret as possible. Sure you can decompile something, but seeing source code javascript is so much easier, even your off the self tech support guy could do it in a second without special tools or training.
I've given this issue a bit more thought and after reading your posts I have a few more brainstorm ideas to throw out.
First and furthermost to clarify some positions. I'm totally pro DRM and I'm totally pro Linux and open source and the whole nine yards. To the point that about 50% of my installed user base runs Linux on the desktop and we use mostly open source development tools and web services.
Of course there are certain companies (particularly one) that will want to make you think that the OS is all that matters. For me what matters is what I run on top of that OS and what I hold in information. There's another one that does the same with music, but I don't buy any CDs, TVs, sound systems, game consoles or games from them. I do watch CSI though
I totally agree with you that the value of source is falling. While the value of what you do with it is not and there is the importance of DRM. Hence it is DRM over your business information not software. But to have that you need to DRM your software.
I think the inclusion of DRM in open source software will be the do or die for getting into the corporate world. As software development tools commoditize themselves and the software developed with them I think DRM will be a key tie breaker. How secure is your application. How secure is the info in it. Are you sure that the right people are watching the right stuff? This is even more important with distributed computing.
Now back to the topic of AJAX. I see AJAX as a communication tool for distributed computing. I also have an axe to grind when it comes to Swing and similar based applications. There is the whole GUI stuff. How it looks different on different systems. Having to keep two interfaces up to date, etc.
Here are a few things I would really like to see growing in the HTTP world.
-With XML we could have just about any tag and visual widget. Not only selects, inputs, buttons, but just about anything that could be plugged into the browser and not be Active X stuff that only runs on one. This way we can solve all the worlds GUI problems with a browser and be done once and for all with the look and feel issue and for all (well not technically, but it's a nice thought once).
-Downloadable code libraries that run like applets, but without a GUI. So the page can talk to it and get some work done. These libraries can be Java for example and have hooks for JavaScript so certain methods can be called.
-We then use AJAX to do the communication between the GUI and the server or even between the loaded libraries and the server.
But hey you'd say. That sounds just like Java Web Start. Yea but it isn't because you don't need Java Web Start. Why load an Swing render engine when you already have one with the browser? Say a mobile device. Why load all the Swing libraries if I already have a JVM and a browser (say Opera)?
To further develop this point lets take the pricing scenario and extend it to a real life case. For example we organize events. So we need to give price quotes to our clients. How much equipment we need, number of participants, vehicles, staff etc. All those are variables that are held inside a spreadsheet, but it is hell to keep up and keep secret. We can't have that laying around or people would know how much it costs us and how to under cut us.
So lets build a web app. So the knowledge is centralized in an application. I have two ways to go. An applet or an HTML based client. I decide to use HTML. I start to code in all the variables and then decide this posting and getting an update is too slow. So I use AJAX. Now hey I can even check to see how many vans I'm using. If I have enought or need to rent.
When a user changes a value AJAX posts all the variables and gets a digested result from the server. But then I realize I'm calling the server just to add this or that which could be calculated on the client side. So why not download that logic to the server (DRM here!!) If I download it as simple java script then I expose a lot of the know how and beat the whole webserver based application benefit. So I need to download a .jar file that does all the math for me on the client side, but still use the clients HTML render engine.
There just seems to be a chasm between the applet-GUI world and the HTML-browser world. At least I don't know of a system that allows you to download the game logic in three modules (to say a number). Then the graphic engine in another four and show them in a browser. You could then have an HTML page with a few frames or views. Some holding pure html code linked to the modules to do all the "math". These modules are then hooked to the graphic modules that allow you to display graphic information in four spots across the screen.
Wow, almost ran out of breath there. Hope I didn't wear you all out with my ranting.