For anyone with a passing interest in developing apps or who has made an app that makes use of a remote web service, listen up. Much as it can be dull to talk security, particularly when it comes to Android applications, it’s still necessary. Today though, I’m going to go through some suggestions for securing applications that make use of remote web services. Whether this is a server to store data on or a server to deal with communications and messages being sent between users, it’s always worth paying attention to a few things that are often overlooked.
1. Encrypt. . . . READ ON »
In light of all the recent panic over surveillance and Internet monitoring, there are a plethora of “secure” communication programs being announced and launched. These tend to make bold promises of being secure, protecting users from surveillance, and being better than equivalent services.
Yesterday, 3 notable personalities in the web-o-sphere lost much credibility in my (and anyone interested in security’s) view. Why? For using pseudo-security, and trying to market it as security. They clearly do not have a strong background in cryptography or security theory, and appear out to make money, rather than to create a well-designed and well-architected, . . . READ ON »
The interwebz are alight. Debate and argument is intense, following the launch of the HTC One and Samsung Galaxy S4, Google Play editions. The Google Play edition moniker, for those (such as I) who choose to reside under a rock, refers to the fact these devices come minus the manufacturer skins and modifications users are accustomed to, and instead ship with the “stock” Google experience, most commonly seen from AOSP or Nexus devices. A fair idea, it appears, although the launch has been met with controversy and debate over if these new handsets are a let-down. Why? Let’s take a . . . READ ON »
All too often, major device manufacturers such as HTC, Samsung, and Motorola steal the thunder with their announcements and product releases, leaving little room for smaller OEMs to enter the market. Today we’re going to put aside the HTC One and Samsung’s Next Big Thing to talk about the Oppo Find 5, the Chinese company’s first foray into the global market.
You may be asking why we at XDA-Developers would want to review a relatively obscure device that is unfortunately difficult to procure in many regions. Well, availability was recently broadened, and we’ve already been inside the device. . . READ ON »
Android, as an operating system, is fairly unique in that it makes users aware of the permissions available to apps in a fairly transparent way. Compared to Blackberry or iOS, which issue granular prompts such as “Can Angry Birds access your location?” or “Can Instagram access your camera to take photos?” There is a somewhat subtle difference here: The rivals give the user a choice about these requests.
Jump over to Android where, after installing an app, it has free reign to use every permission you agreed to. While this doesn’t sound an issue, let’s take a look at the . . . READ ON »
As promised, the first in our series of “Say Sayonara to Google” articles is about the Play Store. Love it or loathe it, the Play Store is popular. It is so popular, in fact, that it is often berated for the poor quality of apps contained within. While Google is making strides to improve this via their Bouncer malware screening platform, at the end of the day, the Play Store is built on fairly shaky security grounds.
The first security issue with the Play Store is that of remote control. Imagine someone told you the . . . READ ON »
What is freedom? This is a big question being asked by people around the world over the past few years. Many of us believe (and often rightly so) that we are fairly free. Arguably, this is correct in many countries throughout the world. You have political freedoms and many many more. But do you have electronic freedom?
For almost everyone reading this article, it is likely you have a Google Account. This means you have a Gmail account. It’s tied deeply into Android via the Google Apps package of proprietary applications (they are not open sourced, unlike the core Android . . . READ ON »
After our earlier article warning users to uninstall the Sky apps from their devices, it’s time to take a look at the technical significance of this attack. Firstly, the attackers have managed to do two key things here, each of which should each be impossibly difficult for the Play Store update system to be secure:
The former is obviously . . . READ ON »
Today is Sunday, 26th May, and across the world, many people have woken up following a leisurely lie-in to the small notification of an updated app being available. Nothing unusual there, or so you’d think.
The only difference is that today, some of these app updates may well have been malicious updates, pushed to some of the Sky UK official Android apps. As reported by PC Pro and Android Police; the Sky Go, Sky+, SKY WiFi, and Sky News apps all appeared to be targeted in the attacks that involved updates being pushed to the Google Play Store for these applications.. . . READ ON »
This is entry number one in a series of articles about tools for app developers, today focusing on app analytics. The goal of these articles is to spur conversation in our new app development forums, so go there and contribute your experiences.
I was on a plane last week, sitting next to a 15-year-old Japanese girl. I was about to pull out my GS3 to play some CCS (Candy Crush Saga for the uninitiated) when I looked to my right and noticed that she was doing the same. A tad embarrassed that I was playing the same game as . . . READ ON »
I have been a News Writer (among many other things) on XDA-Developers for a little over 3 years and have written well over 1,000 articles. I have covered topics ranging from themes and icon packs, development news, and even some more intricate stories, which have had a much greater reach than I would have thought. I have ranted against carriers, manufacturers, governments, individual companies, and many more. However, even with all that said, I have not yet once wanted to drive my fist through my screen as much as I did when I read this. I have seen dumb, . . . READ ON »
Here at XDA, you’ve probably seen us talk about collaboration. The dictionary defines collaborating as “to work with another or others on a joint project.” We take collaboration seriously, so much so that we actually frown when we see members of the community not take it as seriously. What makes us even more upset is when manufacturers don’t take it seriously, though that rant is for another day.
There have been numerous instances of OEMs that have claimed to be “developer-friendly,” but whose actions spoke louder than their words. On the other hand, there are only a few instances of OEMs actually having their actions match their . . . READ ON »
OK. It’s no big secret. The HTC One is a great and exciting device. You’ve heard us talk about it—everything from the launch event and preliminary benchmarks to giving the device and its carrier variants a place on our forums. Now, we have kernel source for some One variants, which is great news for those looking to start development work for HTC’s latest flagship. And since the device was only recently launched, with many carrier variants still pending release, HTC has done a great job of keeping to their GPL requirements.
In addition to the One, HTC also saw fit . . . READ ON »