Introduction
I was on SAI meeting last evening (15/3/2012). It was all about development on Mobile Devices using JavaScript, like Smartphones and Tablets.
This evening conference was given by ACA IT Systems. The 2 guys talking about development on mobile devices were Tom Moors (Solution Engineer) and Stijn Van Den Enden (CTO ACA It-Solutions).
They started with an overview on the mobile phone from the first GSM to the current Smartphones like Apple iPhone, Blackberry, Andriods, …
The big success for some application on the Smartphones were thanks to the introduction of AppStore(s) for Apple and Android phone. All applications tried to be number-one with the most download. Its like the time when websites tried to be number one at Google. At the end, there could be good money made with Apps. Also new was the price of Apps on mobile devices. The price of Apps weren’t around 60 – 600€, but around couple of cents to some €uros. A lot of downloads meant a lot of money.
Take Instagr.am who made a lot of money in a couple of weeks by creating an App and an infrstructure for sharing photos. 15.000.000 downloads…
The main drawback today is the performance of the mobile phones to run Javascript interpreter. This can easily be verified using the sunspider benchmark ( http://www.webkit.org/perf/sunspider/sunspider.html).
There are 2 main big web frameworks on JavaScript and each with its advantages and features: jQuery Mobile and Sencha Touch. They will be discuss in here.
There are 2 interesting frameworks for creating native Apps using JavaScript.

jQuery Mobile

jQuery mobile is HTML centric. This means it uses the HTML DOM to render the web application to ressemble as a native App on your mobile phone and it supports a lot of Smartphone platforms, like iOS, Android and Blackberry, but also WebOS, WindowsPhone, Meego, …
jQuery Mobile is limited to the HTML support for the interaction. It has all the necessary elements to give it look of a native application. jQuery Mobile also supports the development of the behaviour for the elements.
You have to be careful for the browser-support on the mobile phone, when developing with jQuery Mobile.

Sencha Touch
Sencha Touch is a framework, which is developed from Sencha ExtJS. It normally works only with JavaScript. So in the end you have no HTML elements. The framwork is a UI-framework based on MVC and has some extra support for storage, a history framework and native packaging framework for Android Market and AppStore.
It has also all elements to create a nice UI on a smartphone using its native look-and-feel. You perform you development completely in JavaScript.
It is big (320k compressed), so it can take some time to load on your mobile device.
Sencha Touch 1.1 is also incredible slow on Andriod devices. Sencha went talking with Android smartphone companies and they released Sench Touch 2.0, which is much more responsive. If you develop a mobile application with Sencha, do use Sencha Touch 2.
Sencha supports a profile system, where you can develop for tablets and mobile phone with the same codebase.
Sencha has a history support (with a back button) which works very well, because with dynamic applications the history can get corrupted when using back button of the browser.
Finally, Senach Touch 2 has the Syntactically Awesome StyleSheet (aka Super Awesome StyleSheet), which is an extension of CSS and make it easier to develop and maintain your style sheets.

This about HTML JavaScript frameworks….

How do we to create native apps using Javascript?
Sometimes it is necessary to use very device specific resources, which are not supported in HTML5 or JavaScript. This means you have to use a Native App. When developing applications, you realy want to limit the codebase dependent on the resource and reuse as much as code to support the different devices (iOS, Android).
You maybe also want to release on the AppStore to have a bigger visibility of your application.

1) PhoneGap
PhoneGap has become Apache Cordova
PhoneGap is a chromeless browser which gives you access to the native developed libraries using something like JNI-calls from the Java world. Phonegap uses Rhino or the iOS Javascript interpreter. It gives your developers the opportunitiy to stick to developing in JavaScript/HTML/CSS and your application will look like a native application (Copy protection of the source is not possible). It will also be deployed like a native application. The native libraries must be build in the native environment of the device (iOS or Android), but the UI and a behaviour can be cross-platform.

2) Titanium
In Titanium, your developer can develop in JavaScript, but the JavaScript code is recompiled to the platform you want to use iOS or Android or both. This Native package can then be distributed as a native app.

Conclusion: Access Granted smiley -> No Security information
A very interesting evening of all the UI features the biggest frameworks provide in JavaScript. It was slso very instructive how to decide between a JavaScript/HTML5 application and a native App.
Not one word about security, which is normal. The evening was mainly about the features of the frameworks and was very instructive.
But this is also dangerous, because al those features of UI are used in dynamic applications, which sometimes work with confidential data (even a username/password). Nobody in the evening had any questions about the security implications of their mobile applications.
Nevertheless I asked some question on the side about the authentication mechanisms and secure development, which they (ACA) gave very interesting answers of using OAuth for authentication with 2-way and 3-way. SSL is ofcourse a minimum. They also mentioned to very careful about code injection. Also protecting your sourcecode in JavaScript is almost impossible.

Links:
SAI: http://www.sai.be/content/javascript-je-broekzak-js-mobile-devices
jQuery Mobile: http://jquerymobile.com/
Sencha Touch: http://www.sencha.com/products/touch/
PhoneGap: http://phonegap.com/
Apache Cordova: http://incubator.apache.org/callback/index.html

Some other frameworks mentioned:
Sproutcore: http://sproutcore.com/
Enyo: http://enyojs.com/