If you build an app with Cordova you can easily get stuck in their APIs. If you build a Firefox OS web app you get stuck in Mozilla's APIs :) BUT Mozilla is making a strong effort at standardization and is working with Chrome and others to reach consensus. Cordova strays farther away from stable HTML5 APIs than Mozilla does so in Firefox OS you will definitely be building a more webby app. I.E. some HTML5 APIs work great on mobile, no reason to use a custom Cordova one in many cases.
However, if you need rich cross platform support for your app (like iOS) I'd still suggest going with Cordova. There is a Firefox OS backend! https://github.com/apache/cordova-firefoxos
Yeah, a lot of web APIs have implementations that connect directly to the Android equivalent. When writing a web app you'd always use a "web" API though. Some of those APIs are still very new and Chrome and Mozilla haven't reached consensus yet so you'd have to deal with prefixing and what not.
"The fallout from the Snowden leaks have hurt U.S. technology firms' ability to sell their products overseas"
What an idiotic, capitalistic claim. So Andreeson calls him a traitor because "business is now harder." Huh? Nevermind invasion of privacy and injustice.
"The decision compromises important principles in order to alleviate misguided fears about loss of browser marketshare"
misguided, as in, Firefox wants people to actually use its browser? I'm seriously surprised at some of these idealists failing to understand that normal people just want to watch House of Cards (or whatever) and that's pretty much it. Mozilla can't turn their back on those users.
There are many things wrong with this article. You can't hash secrets like this because hash functions are iterative. You should be using HMAC. Here's a good explanation http://benlog.com/2008/06/19/dont-hash-secrets/
The article you're referencing speaks about extension attacks. The attack allows you to extend a plaintext and calculate the appropriate hash if you know the original hash and the last parts of the original plaintext. These properties do not apply to password. You could extend the original password and calculate the appropriate hash in theory, but that doesn't help the attacker since the password hash is known and in the database.
As a matter of fact, the article you reference even says so: " “Don’t Hash Secrets” is not always entirely necessary. In the password example, you can hash a password as long as you salt it correctly".
Using a HMAC may be useful since you can add an extra secret that's only known to a separate server or a HSM. The original article describes that in the section titled "Impossible-to-crack Hashes: Keyed Hashes and Password Hashing Hardware".
I had to make this exact same decision in 2001 and I chose PHP!
I subsequently fell in love with Python and am still active with it today. I think a choice as far back as 2001 doesn't matter too much, programming is programming. However, I feel like I became a better programmer by having to deal with a language as shitty as PHP. There were so many pitfalls that I quickly became an expert at working around them -- this took a lot of painstaking investigation into the inner workings of the language.
Dammit. After posting, I caught up with the feed of clips and just bought six records :( It turns up records like this: http://www.youtube.com/watch?v=zCC0wgVXNpc Wat??
It totally would! Licensing is pretty tricky with this sort of thing though. Oftentimes there's some mogul who owns the rights but they won't budge on a price. Then if you use the sample anyway and they'll sue you.
However, if you need rich cross platform support for your app (like iOS) I'd still suggest going with Cordova. There is a Firefox OS backend! https://github.com/apache/cordova-firefoxos