Much has been said about the fantastic power of Ajax - you can implement very responsive UI within HTML. I like this stuff a lot and am regularly impressed by how far people push it.

 

Some theorize that Ajax will eventually subsume the interesting 80% of the desktop UI that 80% of the people in the world use. That may be, but there are substantial barriers. The first is the lack of a local memory accessible to Ajax clients.

 

Most simply put, the internet security model - to generalize grotesquely - depends on bifurcating the two worlds of computing into online and desktop. Online applications that do anything with your desktop data are highly suspect, and a webpage that works with your desktop data would set off alarm bells - and rightly so.

 

It's hard to teach people about security, so we simplify - and people have learned that protecting their machine from intrusions by anything running in a browser.

 

Bottom line: Ajax does not provide a facility for interacting with local state. This causes two problems:

- applications cannot tailor themselves over time to better fit user behavior

- or, if they do, they must rely on server-based state, thereby tying users to particular services

 

Moreover, if you do rely on a server to keep personal information about you so that it can provide a more adaptive and useful service, you are also allowing the service to use and probably exploit that information. So in order to run your application in a web browser you are willing to share private information with a service. Is that really a good trade? It's a good question to keep in mind.

 

As usual, we ask: what's in it for the user?

 

I expect to see people pushing on this issue in the year ahead. Interesting to see what happens.