Too briefly re-iterate certain main important points in the article.
- - It does not mean all unupgraded Rails apps are suddenly widely vulnerable.
- - It does not mean Rails doesnâ(TM)t escape SQL inputs.
- - It does not mean Rails doesnâ(TM)t provide parameterized SQL APIs.
- - It does not mean Rails encourages code that are inherently prone to SQL injection. The code should be safe but due to a subtlety was not. This has been fixed.
It can't be helped that HTML and JS apps on Mobile Phones haven't been taken seriously, but to be fair they are usually treated as a second citizen there. HTML and JS app is actually a pretty good platform to develop with, it's pretty simple and robust, in my experience. And the growth of development techniques and tools used in web development can also propagate to the development of mobile apps that uses the same technology as a platform.
Also some project have proved that it is feasible to create an experience on par with the native apps. One of them is Sencha's fastbook, and that app shows that, even if it is HTML and JS app, it can provide similar experience to native, IF it is done right. I think it's a pretty sane decision also, since in the end most Mobile Apps have similar utility as their website counterpart if not completely the same. Let's not forget that the quality of app in any platform is usually correlated with the interest in the platform rather than the limitation the platform itself.
Lastly, I don't think a lot of people is eager to invest in an another language to develop in a NEW platform that enters this late in the game especially with no Big name to back them up. By using HTML and JS, people that have already dabble in it for a living can at least tread the water and maybe make an app or two for fun. If the platform tanks they can at least salvage a website out of it. Guess what I'm trying to say is, HTML and JS is the most promising option at hand, even if it doesn't seem all that promising.