[Tools] Protecting and other tools to consider for your app. - Android Software Development

I have gotten to the point in my project where I can actually see an end. I am sure there is a lot more left to do to wrap up my game, but I wanted to start thinking about the end game for this application(game).
Which brings me here, I was curious what tools/library's/methods indie dev's are using, and your reports on them. Hoping this section will help me decide what to include in my code, and help others too.
I've compiled a very short list. None of which has been tested personally by me. I will update with other people's great ideas. I am sure I have missed quite a few things,
Protecting your App
Obfuscate your code
Helps stop pirating to an extent, pretty easy to implement if articles are anything to go by.
Example:
http://developer.android.com/guide/developing/tools/proguard.html
License Verification Library
Also helps stop pirating, lets you refund people and be reasonably assured they aren't still using the product.
Example:
http://developer.android.com/guide/publishing/licensing.html (Android Licensing Library)
Secure Network communications
Needed if you are handling sensitive data in your app. Probably should be included anyways
Misc
Stat Tracking
Probably your number one way to get feedback from people actually using your app. Want to know if it was worth putting in a pause button that took 3 weeks to code? Record how many people are using it!
Examples:
http://www.flurry.com/ (Flurry)
http://code.google.com/mobile/analytics/docs/android/ (Google Analytics)
SaveToSD
I have not looked into this yet, but if comments on apps/games are anything to go by, this is requested quite often.

Here's another:
Crash reporting
I wouldn't rely on Android Market for crash reports because tools like BugSense and ACRA do a much better job. Personally I use BugSense because I prefer the UI but supposedly ACRA collects more data. If I wasn't using it I would never have known my app was crashing on older HTC models because Android Market just doesn't include that kind of info.

I'm just starting to put these in my app, and BugSense seems almost too good to be true. I'm in the process of testing it now, should help a lot in the coming months. Thanks.

Related

What is going on...?

Ok first and foremost this is not just another post of someone complaining, in no way am i trying to offend or criticize this new device...these are simply observations made by a previous HTC owner (MDA/Herald/Wing) me...
I understand that the open source to "create" applications is fairly new not to mention all us G1 owners (ive had mine for lil more then a month). My concern is why are we seeing such "simple" programing in applications and things tht in reality none of us would ever use? Not to mention graphics what is going on...Look i have not created any nor have taken the time to even try to create applications, and if you or someone you know has, then my hats off to you, i envy you for knowing how and taking the time to...what im saying is why do all these new applications have so many bugs and in my opinion (cause that is all it is) are sub-par...i know its not really fair to compare to any other device on the market since it is the first of its kind, but im getting a little skeptical...am i alone in this? i find myself checking the android market every hour hoping for some sign to motivate me, but nothing so far aside from the obvious winners (youtube,maps,imeem,wheather channel etc...)...ill shut up now i sincerely was not trying to stir things up, and know/knew when i purcased the G1 it was the first of its kind and would probably take time to show its full potential, i just thought there were some things google had up its sleeve that were ready...does anyone have any insight or knowledge of better things to come...?
timace said:
Ok first and foremost this is not just another post of someone complaining, in no way am i trying to offend or criticize this new device...these are simply observations made by a previous HTC owner (MDA/Herald/Wing) me...
I understand that the open source to "create" applications is fairly new not to mention all us G1 owners (ive had mine for lil more then a month). My concern is why are we seeing such "simple" programing in applications and things tht in reality none of us would ever use? Not to mention graphics what is going on...Look i have not created any nor have taken the time to even try to create applications, and if you or someone you know has, then my hats off to you, i envy you for knowing how and taking the time to...what im saying is why do all these new applications have so many bugs and in my opinion (cause that is all it is) are sub-par...i know its not really fair to compare to any other device on the market since it is the first of its kind, but im getting a little skeptical...am i alone in this? i find myself checking the android market every hour hoping for some sign to motivate me, but nothing so far aside from the obvious winners (youtube,maps,imeem,wheather channel etc...)...ill shut up now i sincerely was not trying to stir things up, and know/knew when i purcased the G1 it was the first of its kind and would probably take time to show its full potential, i just thought there were some things google had up its sleeve that were ready...does anyone have any insight or knowledge of better things to come...?
Click to expand...
Click to collapse
Personally, I find the plethora of apps encouraging, yes, some are more useful than others but the wide range of effort is fan-flippin-tastic.
MY biggest observation is that the Market place needs some severe MODERATOR intervention... the one star "i is first u goons" and "this app suks (because I am too stupid to read the intro to figure out what it is for) really really really needs to be cleaned up/out. (A perfect example is the UTC clock... it does EXACTLY what it says, true, the numbers in the display look like they are from a missile silo, but hey, it is a tribute to the UTC heritage...anyway, people bag on it because they have no idea why, what, or anything else about it... morons)
[/rant]
--M
demontefixo said:
Personally, I find the plethora of apps encouraging, yes, some are more useful than others but the wide range of effort is fan-flippin-tastic.
MY biggest observation is that the Market place needs some severe MODERATOR intervention... the one star "i is first u goons" and "this app suks (because I am too stupid to read the intro to figure out what it is for) really really really needs to be cleaned up/out. (A perfect example is the UTC clock... it does EXACTLY what it says, true, the numbers in the display look like they are from a missile silo, but hey, it is a tribute to the UTC heritage...anyway, people bag on it because they have no idea why, what, or anything else about it... morons)
[/rant]
--M
Click to expand...
Click to collapse
i agree "first" comments are riduculous, and if you dont like the application from descrption then dont install it...positive criticism is more then welcome but "this sucks" is getting on my nerves...
timace said:
Ok first and foremost this is not just another post of someone complaining, in no way am i trying to offend or criticize this new device...these are simply observations made by a previous HTC owner (MDA/Herald/Wing) me...
I understand that the open source to "create" applications is fairly new not to mention all us G1 owners (ive had mine for lil more then a month). My concern is why are we seeing such "simple" programing in applications and things tht in reality none of us would ever use? Not to mention graphics what is going on...Look i have not created any nor have taken the time to even try to create applications, and if you or someone you know has, then my hats off to you, i envy you for knowing how and taking the time to...what im saying is why do all these new applications have so many bugs and in my opinion (cause that is all it is) are sub-par...i know its not really fair to compare to any other device on the market since it is the first of its kind, but im getting a little skeptical...am i alone in this? i find myself checking the android market every hour hoping for some sign to motivate me, but nothing so far aside from the obvious winners (youtube,maps,imeem,wheather channel etc...)...ill shut up now i sincerely was not trying to stir things up, and know/knew when i purcased the G1 it was the first of its kind and would probably take time to show its full potential, i just thought there were some things google had up its sleeve that were ready...does anyone have any insight or knowledge of better things to come...?
Click to expand...
Click to collapse
i agree with you; even though i love this phone there are a lot of things i dislike about it. the only advice i can give to you is to be patient. the phone has 'officially' been out for a little under a month and there is already so much improvements to it:
- 2 updates have already been rolled out,
- we have found a Root and a way to manually update it.
- we are beginning to see system folders moved to sdcard to save space(even though the phone should have came with more memory)
apps on the market are getting better i don't if you have seen the app "bubble". bubble is a basic bubble level that uses the accelerometer to see if something is level and changes as the phone changes orientation it may seem like a simple app but it shows that Google came come out with an update that uses the accelerometer to change orientation.
- first signs of on screen keyboards like akeyui, a7email and a7sms.
all of these improvements in about 3 weeks and tons more to come idk what anybody can complain about besides hardware issues
just wait come Jan 2009 the G1 isnt going to be anything like it is today.
demontefixo said:
Personally, I find the plethora of apps encouraging, yes, some are more useful than others but the wide range of effort is fan-flippin-tastic.
MY biggest observation is that the Market place needs some severe MODERATOR intervention... the one star "i is first u goons" and "this app suks (because I am too stupid to read the intro to figure out what it is for) really really really needs to be cleaned up/out. (A perfect example is the UTC clock... it does EXACTLY what it says, true, the numbers in the display look like they are from a missile silo, but hey, it is a tribute to the UTC heritage...anyway, people bag on it because they have no idea why, what, or anything else about it... morons)
[/rant]
--M
Click to expand...
Click to collapse
yeah there need to be some serious clean up in th commenting sections, some of these comments might discourage people from developing apps for the G1, i think comments should strictly about the apps and not about being 1st or 151st, or bashing other commenters, and people definitely should not comment on an app the don't know how to use.
however developers should include directions on how to use their apps so people do not have to rely on commenting to try and figure out what it does and how it does it.
The point is the development muscle that has been put in the device is minor.I feel like the market is made by kids or teenagers that stopped uploading on youtube and are writing apps using ready made lego kits (APIs). The apps in the market are all basic stuff. There is not even a Divx player for this device available but 5 Video players using the Google provided APIs to play mp4 which only play SOME mp4 files not all.
I love the sliding, bubble and Gmail on it but I cant name too many more things I love. Not even a Navi that works properly. I really cant think of anything else I love about it. No office, word, excel, PDF, flash, divx. The SMS system is grouped together. The actual phone keyboard is beyond basic with no options. There are simply too many bugs on the phone operation itself like bluetooth etc.
Time flies google, we need apps that have more than 10 man-hours of software programming spent on it. Lets stop the growth of many timers and alarms in the market and get some real stuff out there. Microsoft has probably put in millions of development hours into WM and it was not until now that I realized this.
brooklynite said:
The point is the development muscle that has been put in the device is minor.I feel like the market is made by kids or teenagers that stopped uploading on youtube and are writing apps using ready made lego kits (APIs). The apps in the market are all basic stuff. There is not even a Divx player for this device available but 5 Video players using the Google provided APIs to play mp4 which only play SOME mp4 files not all.
I love the sliding, bubble and Gmail on it but I cant name too many more things I love. Not even a Navi that works properly. I really cant think of anything else I love about it. No office, word, excel, PDF, flash, divx. The SMS system is grouped together. The actual phone keyboard is beyond basic with no options. There are simply too many bugs on the phone operation itself like bluetooth etc.
Time flies google, we need apps that have more than 10 man-hours of software programming spent on it. Lets stop the growth of many timers and alarms in the market and get some real stuff out there. Microsoft has probably put in millions of development hours into WM and it was not until now that I realized this.
Click to expand...
Click to collapse
muscle...DiVix...kids...office...flash...basic...bugs
words that stood out and i DEFINATELY agree
as i said before patience is the key here
the reason why there aren't many good programs out right know is because they are still in development, there are some apps that won google's app contest that are not on the market because they are still under development. developers take their to try and come out with a bug free app and you criticize them for taking to long however if they rush it and get it out with SOME bugs people crucify them. how long did you think it took for divx or flash to be developed for other phones?
why do people expect a phone thats been out for under a month to have the same capabilities as phones that been out for years?
how many phone do you know had divx support right out of the box or even one month after release? i estimate that divx support will be out before the end of the year.
i agree that apps on the market are going the the hole, especially with millions of the same type of apps, c'mon how many different weather apps do we need, how many background apps is necessary. but you got to admit out of the hundreds of apps on the market there are some good ones.
I'm waiting with great anticipation on the games for the g1. Sure i want cut copy and paste, document reader, full video player, full file manager and task manager as well as others but i'm dying to play nes games and others on this phone. The market is pretty lame in the games department but hey i got pacman, solitaire, and a few others free so i'm not gonna complain. I think the apps are very promising and there are a wide variety of them. Granted none of the crucial apps are out yet but i have quite a few on g1 that i love and got em all for free!!! We just have to be patient, i knew going in i would have to be.
All the apps are free. The hardware has only been in people's hands for a few weeks (at most). A serious developer, wanting to create the exact apps we're all hoping for, needs a heck of a lot more time. The SDK was fine, but any serious developer is going to want to log a lot of hours with a physical device (or several) to finalize the product.
And they're not going to do all that, for free.
This device has huge potential, and the reason we're seeing amaturish apps is because the only people who are willing to play around with creating apps for free are mostly hobbyists who want feedback to further their skills.
I predict that once the payment system is set up for the Market, the apps you're all stomping your feet about are going to show up.
The programs we're talking about are complex, writing them and testing them is time consuming, and I assume that they're going to be larger than the apps we're seeing now. It's entirely possible that some of these apps are almost finished, but are waiting for SD card loading to be added to the functionality before they can release them. Some may even be delayed by the announcement of the virtual keyboard -- they may want to integrate that for the launch of their apps.
I think two things need to happen before we're going to see the apps we all want.
-Pay system on Android Market
-The Ability for Apps to be installed and run from the SD card.
Until those two things happen, the App Store is going to be like it is. And it's also time you guys thought about something. The apps that are "missing" were never a secret, most of the complaints I see are about things that were known well before launch, or discovered the first week people had it in hand. If you didn't read up, that's your fault. If you read up and assumed things would be taken care of within one to two months (something no one promised you) that's also your fault.
I'll predict something for you right now, in light of the economy and everything else, it'll be 6 months to a year before HALF the apps we want are available and working. Now, that's just my estimate, but if that sounds "too long" to wait, then I'd invest in another phone rather than spending the next 6 months posting complaints like "why isn't _____ done yet? And where's the ______ app?!!"
Just my 2 cents
I have already heard many apps have been developed but the developers are waiting for the pay system which has already been annoucnced and is coming 3 months after launch.
I am similar to you... give it time and you will see the best things you have ever seen. I mean look at Linux... they have some awesome apps on most linux flavors that make me dual boot into linux just to have. I think this device will be the same as this was the entire purpose.
Google is updating features all the time in the git directory and it won't be long before they fix the main issues and then the developers will be looking at new things to give us.
So far the barcode readers alone seem like such a huge advantage as I haven't seen them on mobile devices before(at least none that worked)
brooklynite said:
The point is the development muscle that has been put in the device is minor.I feel like the market is made by kids or teenagers that stopped uploading on youtube and are writing apps using ready made lego kits (APIs). The apps in the market are all basic stuff. There is not even a Divx player for this device available but 5 Video players using the Google provided APIs to play mp4 which only play SOME mp4 files not all.
I love the sliding, bubble and Gmail on it but I cant name too many more things I love. Not even a Navi that works properly. I really cant think of anything else I love about it. No office, word, excel, PDF, flash, divx. The SMS system is grouped together. The actual phone keyboard is beyond basic with no options. There are simply too many bugs on the phone operation itself like bluetooth etc.
Time flies google, we need apps that have more than 10 man-hours of software programming spent on it. Lets stop the growth of many timers and alarms in the market and get some real stuff out there. Microsoft has probably put in millions of development hours into WM and it was not until now that I realized this.
Click to expand...
Click to collapse
Well you said my answer in your own post. The device has been out less than a month. That's nowhere near enough time to make those killer apps you're talking about. To google's credit they did put in things like street view with the compass mode and there are those apps you've talked about. It takes MONTHS to do real software developement so you're going to keep seeing more and more alarms and stuff until then.
seriously, does ANYBODY give a ratsass or even use streetview?
They should have made sure all the media stuff and the email was topnotcxh.
I agree 100% with the first post! Google should have prepaired Android better. There is a lot of competition out there and I would say by what I've seen so far they are light years behind. I did not expect that with all the money in the world Google couldn't release product that was better polished. I have put my G1 back in its box and I'm back to my unlocked Tilt, what sucks is going back to the old screen and Edge but its functinality that I need. I wish they made some kind of task aplication that I can put on the screen kind of likr thr picture frame that would display my tasks for the day. I have a Motorola ROKR E2 that runs Linux and there are more useful stuff for it out there. I desagree we have to wait untill we start paying for apliications, I believe Google can afford providing us with free functional software as more and more people will be using their services.
i love my g1, but i agree with these people that google didn't do enough...and i hope they're working to fix it.
i think that their whole "leave it in the hands of developers" approach was probably a mistake. they should have made all the basic applications like they did but also gone a step further to spice up the phone. i hope that google, in the new few updates, incorporates some more stuff, like OUTLOOK SYNC (i wuld love it if they changed the google calendar sync for windows into just google sync and have it sync everything with outlook....funambol right now sucks i have like 80 of each contact!)
they also should have made a GOOD video recorder / player, and even a better music player. they're trying to beat apple at multimedia, and are failing miserably.
they should add a decent on-screen keyboard and maybe even a task manager...or make it only have like 4 open tasks in the backgroudn...because i've noticed my g1 slowing down a lot after having a few apps open.
google should add a manual update button...i'm still on RC28 because i dont feel like installing the modified rc30 or plugging it in to update. have a freaking "UPDATE" button in the system info thing or something.
i think google needs more than 3 home screens...i've already filled all of mine up. they also should have added more widgets, like the guy above me said.
SELECTING TEXT SUCKS. i have to use the trackball to select a ltter of a word...on my windows mobile i could just tap on where i wanted it to be and at least it would get me within 1 or 2 letters...if i tap on a word on the g1 nothing happens!
we need to be able to install stuff to the sd card!
i think i'm missing a lot of things but i've only had the phone for 2 days and i've noticed all that...i hope developers DO step in if google is too stupid not to add more basic functionality.
/rant
Look at it this way currently there is no way to charge for apps that are developed. This is why we are seeing nothing but apps programed by independant programers some of which are good and some of which are useless. Once companies can charge for apps then it will make sence to put money into the development of better more porfessional apps. My suggestion is to just hold off on passing judgement untill the market is finished to where people that spend money in development can recoup those losses. I do think that the market place should have been finished before launch but what can you do.
coffeboy23 said:
Look at it this way currently there is no way to charge for apps that are developed. This is why we are seeing nothing but apps programed by independant programers some of which are good and some of which are useless. Once companies can charge for apps then it will make sence to put money into the development of better more porfessional apps. My suggestion is to just hold off on passing judgement untill the market is finished to where people that spend money in development can recoup those losses. I do think that the market place should have been finished before launch but what can you do.
Click to expand...
Click to collapse
Agaqin, super lame of google.
We can get a bunch of usless wank programs, but not proepr ones, becasue they don't have the pay market ready.
Also, I think that certain things like exchange and a proper email client shoudl have been included.
And remember most people are new to development, don't know how many "this is my first try" apps I have seen. When you get that one that charges 20 bucks for the app... you will get another developer who will release it free and just ask for donations... I suggest donating whatever you can to the one that gives it free.
Henchman said:
Agaqin, super lame of google.
We can get a bunch of usless wank programs, but not proepr ones, becasue they don't have the pay market ready.
Also, I think that certain things like exchange and a proper email client shoudl have been included.
Click to expand...
Click to collapse
google isnt the one entirely in charge of the market... tmobile is the one wanting money
neoobs said:
google isnt the one entirely in charge of the market... tmobile is the one wanting money
Click to expand...
Click to collapse
No, but it was google who shoudl ahve made sure that the basics were coveredf well.
The Camera I'm sure can take greta pics, but the controls suck.
The email is severly lacking.
No streaming video.
And they shoudl ahve elarnt form the iPhoen release, that push email fro MsExcahnge should have been there fromt he getgo.
Or the should have built a BB app, just like you can get for WinMo.
No, they focused on teenagers, not professionals.
neoobs said:
google isnt the one entirely in charge of the market... tmobile is the one wanting money
Click to expand...
Click to collapse
no....google is not taking any money but is giving 30% of all apps sold to the carriers...tmobile might be the one "wanting" money but they have no control over the app store at all.

Android Security: A neglected subject (long)

First of all: I'm an OSS advocate and love the idea of open source. Don't forget that while reading this.
Some 2 month ago, I got myself a Galaxy S. It's not exactly cheap, but on the other side, it's really good hardware. This thread is not about Samsung or the Galaxy S. It's about the missing parts of android security.
We all know it from our home computers: Software sometimes has bugs. Some just annoy us, others are potentially dangerous for our beloved data. Our data sometimes gets stolen or deleted due to viruses. Viruses enter our machines by exploiting bugs that allow for code execution or priviledge escalation. To stay patched, we regularly execute our "apt-get update;apt-get dist-upgrade" or use windows update. We do this to close security holes on our systems.
In the PC world, the software and OS manufacturers release security bulletins to inform users of potentially dangerous issues. They say how to work around them or provide a patch.
How do we stay informed about issues and keep our Android devices updated?
Here's what Google says:
We will publicly announce security bugs when the fixes are available via postings to the android-security-announce group on Google Groups.
Click to expand...
Click to collapse
Source: http://developer.android.com/guide/appendix/faq/security.html#informed
OK, that particular group is empty (except for a welcome post). Maybe there are no bugs in Android. Go check yourself and google a bit - they do exist.
"So why doesn't Google tell us?", you ask. I don't know. What I know is that the various components of Android (WebKit, kernel, ...) do have bugs. There's nothing wrong with that BTW, software is made by people - and people make mistakes and write buggy code all the time. Just read the changelogs or release notes.
"Wait", I head you say, "there are no changelogs or release notes for Android releases".
Oh - so let's sum up what we need to stay informed about security issues, bugs and workarounds:
* Security bulletins and
* Patches or Workaround information
What of these do we have? Right, nada, zilch, rien.
I'll leave it up to you to decide if that's good common practise.
"But why is this important anyway", you ask.
Well, remember my example above. You visit a website and suddenly find all your stored passwords floating around on the internet. Don't tell me that's not possible, there was a WebKit bug in 2.2 that did just that. Another scenario would be a drive-by download that breaks out of the sandbox and makes expensive phone calls. Or orders subscriptions for monthly new ringtones, raising your bill by orders of magnitute. Or shares your music on illegal download portals (shh, don't tell the RIAA that this is remotely possible).
The bug is probably fixed in 2.2.1 - but without changelogs we can't be sure.
But that's not all - there's a second problem. Not only are we unaware of security issues, we also don't have automated update mechanisms.
We only receive updates when our phone's manufacturers release new firmware. Sadly, not all manufacturers support their phones in the long run.
In the PC world, most Distros have a central package management - that Google forgot to implement in Android. Agreed, some phones can receive OTA updates, but that depends on the carrier. And because of the differences in Android versions it's not possible to have a central patch management either. So we do not know if our Android devices might have security issues. We also have no easy way to patch them.
Perhaps you knew this before, then I apologize for taking your time.
What do YOU - the computer literate and security aware XDA users - think about this? Do you think that's a problem? Or would you rather say that these are minor problems?
Very intresting, thanks! The update problem should be fixed with the next release, no more custom UIs and mods from phone manufacturers,at least google said that
Sent from my Nexus One using XDA App
Excellent post and quite agree with you. The other significant problem looming is the granularity (or rather, lack thereof) in app permissions which can cause problems you describe without bugs and exploits. I install an app that does something interesting with contacts and also has internet access to display ads. How do I know that my contacts are not encrypted, so making sniffing useless, and beamed back to mummy? Nothing other than blind trust!
I love Android but it's an accident waiting to happen unless the kind of changes you advocate are implemented and granularity of permissions significantly increased. I don't like much about Apple but their walled garden app store is something they did get right although IMHO, they also abuse that power to stifle competition. Bring out the feds!
simonta said:
The other significant problem looming is the granularity (or rather, lack thereof) in app permissions [...]
How do I know that my contacts are not encrypted, so making sniffing useless, and beamed back to mummy? Nothing other than blind trust!
Click to expand...
Click to collapse
I agree, although I'm not sure that less experienced users might have difficulties with such options.
simonta said:
I love Android but it's an accident waiting to happen
Click to expand...
Click to collapse
Sad but true. I'm just curious what Google will do when the first problems arise and the first users will have groundshaking bills.
If that happens to just a few users, it'll get a kind media coverage Google surely won't like.
I've seen quite a few android exploits posted on bugtraq over the years. It's a high-volume email list, but with some filtering of stuff you don't care about, it becomes manageable. It's been around forever and is a good resource if you want the latest security news on just about anything computer related.
http://www.securityfocus.com/archive/1/description
People are bashing a lot about the Android security model but the truth is you can never have 100% protection with ANY solution.
Apple is not allowing any app in their store. Fine. but mostly they are only filtering out apps that crash, violate some rules or they just don't like them or whatever. but they can never tell what an app is really doing. Therefore they would neeed to reverse-engineer every app they get etc. That's just impossible considering the amount of apps....
Speaking again of Android. I think the permission model is not bad. I mean, no other OS got such detailed description about what an app can do or not. But unfortunately it can only filter out very conspicuous apps, i.e. a Reversi game asking for your location and internet access. But then you never know... if the app is using ads it requires location and internet access, right? so what can you do?
RAMMANN said:
Apple is not allowing any app in their store. Fine. but mostly they are only filtering out apps that crash, violate some rules or they just don't like them or whatever. but they can never tell what an app is really doing. Therefore they would neeed to reverse-engineer every app they get etc. That's just impossible considering the amount of apps....
Click to expand...
Click to collapse
Not really, they do blackbox testing and let the apps run on emulated devices they then check if the app "behaves" as desired...
Of course you can't get 100% security and I don't think that's what we're saying, but there is a lot you can do.
Take for example internet access which is the biggest worry I have. The only reason most apps request internet access is to support ads. I now have a choice to make, don't use the app or trust it. That simple, no other choice.
If I installed an app that serves ads but did not have internet access, then the only way that app can get information off my phone is to use exploits and I'm a lot more comfortable knowing that some miscreant needs to understand that than the current situation where some script kiddy can hoover up my contacts.
However, if internet access and ad serving were separate permissions, you could in one hit address, taking a wild guess, 90% of the risk from the wild west that is Marketplace. With a bit more design and work, it would be possible to get the risk down to manageable and acceptable levels (at least for me).
I absolutely agree with you on Apple, one of the main reasons that I chose a Desire instead of an iPhone, but the Android approach is too far the other way IMHO.
Just my tuppence, in a hopeless cause of imagining someone at Google paying attention and thinking you know what, it is an accident waiting to happen.
marty1976 said:
Not really, they do blackbox testing and let the apps run on emulated devices they then check if the app "behaves" as desired...
Click to expand...
Click to collapse
Well, so why did a tethering app once make it into the appstore?
Also I think there are many possibilities for an app to behave normal, and just start some bad activity after some time. Wait a couple months until the app is spread around and then bang. Or remotely launch some action initiated through push notifications etc.
If there is interest, then there is always a way....
simonta said:
However, if internet access and ad serving were separate permissions, you could in one hit address, taking a wild guess, 90% of the risk from the wild west that is Marketplace. With a bit more design and work, it would be possible to get the risk down to manageable and acceptable levels (at least for me).
Click to expand...
Click to collapse
I agree that a seperate permission for ads would be a good thing.
But there are still many apps which need your location, contacts, internet access.... all the social media things nowadays. And this is where the whole thing will be going to so I think in the future it will be even harder to differenciate.
Getting back on topic: I just read that Windows 7 Phone will get updates and patches like desktop windows. That means patchday once a month plus when urgency is high...
simonta said:
However, if internet access and ad serving were separate permissions, you could in one hit address, taking a wild guess, 90% of the risk from the wild west that is Marketplace. With a bit more design and work, it would be possible to get the risk down to manageable and acceptable levels (at least for me).
Click to expand...
Click to collapse
But, how do you distinguish them? Today, (as a developer) I can use any ad-provider I want. In order to distinguish ads from general internet access, the OS would need one of:
A Google-defined ad interface, which stifles "creativity" in ad design. Developers would simply ignore it and do what they do now as soon as their preferred ad-provider didn't want to support the "official" ad system or provided some improvement by doing so.
An OS update to support every new ad-provider (yuck^2).
Every ad-provider would have to go through a Google whitelist that was looked up on the fly (increased traffic, and all ads are now "visible" to Google whether Google is involved in the transaction or not). This would also make ad-blocking apps harder to implement since Google's whitelisting API might not behave if the whitelist was unavailable. On the upside, it would make ad-blocking in custom ROMs be trivial.
Even if Google did one of these things, it still wouldn't provide any real increase in privacy or security. The "ad service" would still need to deliver a payload from the app to the service (in order to select ads) and another from the service to the app (the ad content). Such a mechanism could be trivially exploited to do anything that simple HTTP access could provide.
http://code.google.com/p/android/issues/list
issues submitted are reviewed by google employed techs... they tell you if you messed up and caused the issue or if the issue will be fixed in a future release or whatever info they find.
probably not the best way to handle it but its better then nothing.
twztdwyz said:
http://code.google.com/p/android/issues/list
Click to expand...
Click to collapse
Knew that bug tracker, but the free tagging aka labels isn't the best idea IMHO.
You can't search for a specific release, for example...
twztdwyz said:
probably not the best way to handle it but its better then nothing.
Click to expand...
Click to collapse
Ack, but I think Google can do _much_ better...
Two more things to have in mind:
1. I doubt that many Android users bother much about what permissions they give to an app.
2. Using Google to sync your contacts and calendar (and who knows what else), is a bad, bad idea.

Annoying Market Problem

Just wondering if anyone knows details on how market listings work. I know there are some apps that show or not to certain phones, but is that just a version issue, a special exception google makes?
At any rate, it's moot, because if google has a solution, they aren't making it very clear to lots of people.
Anyway, the problem:
As android ages, the phones age, and the apps mature. There are lots of apps that won't adequately run on older phones, but as far as I can tell, the only recourse devs have is to put a note in the description, which stops no one from actually downloading it, then clogging the reviews with 1 star "does not work on the ___" reviews.
While this was always a problem, now that we've reached the point in time where this is starting to happen to Droid 1 users, it's less an annoyance, and more a serious issue. Ratings almost mean nothing on those apps, and it's hard to use the reviews to see if there are actually any real issues.
(There are 10 billion droid users, and because it was true for quite a while they seem particularly locked in to the "I have one of the better phones out there" mentality )
Ok, rant over. Not sure anyone else even notices this.
Also, I'm not sure the solution is to restrict access, but an official way to list the phones that work or don't work needs to be in place, and then maybe another dev option to still allow access*
Then, if your phone isn't compatible, but the dev okays downloading anyway, you are given an extra screen to dismiss, explaining the app probably wont work for you, and you aren't allowed to leave reviews.
*Not all phones are equal, a stock phone, and a tricked out custom kerneled OC'd version, are very different, so a user might opt to give it a whirl anyway.
I have several apps on the market. In the manifest for the app you declare the minimum version of Android required for the app, and it's my understanding that phones that do not have at least that version of Android will not see the app.
Now, just because an app doesn't work on one person's phone, and they write a nasty review saying "doesn't work on the Epic!" doesn't actually mean that it doesn't work on the Epic, it just means that one person couldn't get it to work. Also, the developer may have made some hardcoding choices (like directories, etc.) that are not universal, and that may lead to incompatibilities that were un-anticipated. But, other than version of Android, I'm not sure what else is available to a developer to restrict access.
Yeah, I figured you could set the version. It's too bad there's no way to control it a bit finer.
I also realize that it's entirely possible someone is just being an idiot, but the fact remains we're past the days where you could necessarily infer anything about the phones from the version, or NEED the latest API version to do something useful/cool.
There are apps that legitimately don't run on some phones, and I feel like google needs to offer an official solution, rather than rely on dev comments that no one reads.
Obviously there are lots of ways to fake what your phone is, and whatnot, so nothing is going to be perfect, but there needs to be some way to officially denote "This app only requires 2.2, but your phone can't be one that shipped with Cupcake"
Edit: perhaps an easier approach is to have a market setting that only factors ratings/reviews of people that have the same phone.
I also don't mean to sound like I install every 5 star app, and wont even think about installing a 3 star app, no matter what I've heard. I've just noticed this in apps I was installing for one reason or another, and felt bad for the devs. It also gives a little less incentive to provide new/cool things for those of us with better phones.
I also suppose there's no "official" guidelines on what these stars are supposed to mean, but to me 1 starring an ap that says "this won't work for you" when it doesn't work for you is like telling people your dentist sucks because he wouldn't change your oil or make you a burger.
Hey guys, remember when the carriers blocked wireless tethering apps from the market for 'their phones'? I don't believe they ever REMOVED the apps from the market, just tagged them in such a way that they are not visible to any of the phones they provide service for. Just a thought, maybe devs could do the same kind of 'blacklisting' based on model number...
Sent from my pocket rocket

[PROJECT] EvolutionUI, integrating Gamification into Android - open source research

Hi all developers,
We released our EvolutionUI research project as open source. In this project we are experimenting with integrating gamificiation (experience points, achievements, etc) into Android. This should make the phone easier to use and a lot more fun.
Feel free to have a look at the open source project and contribute to make it even better!
https://github.com/sonyxperiadev/EvolutionUI
Get the full story on Developer World.
/Pál Szász
SW developer at Sony
Hi
pal.szasz said:
Hi all developers,
We released our EvolutionUI research project as open source. In this project we are experimenting with integrating gamificiation (experience points, achievements, etc) into Android. This should make the phone easier to use and a lot more fun.
Feel free to have a look at the open source project and contribute to make it even better!
https://github.com/sonyxperiadev/EvolutionUI
Get the full story on Developer World.
/Pál Szász
SW developer at Sony
Click to expand...
Click to collapse
Interesting! A very good initiative how can I put the file in my rom?
I actually like the idea a lot. Brings simple 'Fun' to the Android system. For some users it won't be though because there have been times where myself just wanted to dive into my Brand New Android device when I received it. However once I get used to it I get somewhat bored?! Lol, I'm a phone whore so that's definitely why. This might actually help me not want to move on to the 'Next Best Thing' once I get used to my current device.
I like it!:good:
Sound great....
i love the idea!!
Great idea, I actually think this is a great concept. Some users I've noticed find it white hard to get used to Android phones.
With this, they can explore and find out more things about their device yet figure out more about what they can do on it.
So great concept, I'll take a peek at the source
Sent from my Nexus 5 using Tapatalk
Marília de Oliveira said:
Interesting! A very good initiative how can I put the file in my rom?
Click to expand...
Click to collapse
If you are making/building your own ROM, then I guess you need to include the two projects into our repo and create Android.mk files for them.
If you just want to install it on your already flashed phone, there are precompiled binaries here: https://github.com/sonyxperiadev/EvolutionUI/releases
In each case note that this is not a finished product
This reminds me of app Android achievements
Used a lot then lost after factory reset and got lazy enough to not install it
Press thanks :good: if I've helped :highfive:
great job,, nice sound quality on sony
Good stuff! I'm trying to convince family to ditch iPhones since they're getting worse and worse on build quality under Mr. Cook. Their only real concern is learning a new phone. This would be extremely useful!
This has been already been done in form of an app. Been available for some time too!
https://play.google.com/store/apps/details?id=com.pixelmark.phonechievements
Awesome work
Currently you can get achievements by :
1) Add 5 Shortcuts to Home Screen (Told by OP).
2) Open any app 5 times (Told by OP).
3) Add 5 Widgets to Home Screen (Discovered by me).
4) Add 10 Apps to Home Screen (Discovered by me).
pal.szasz said:
If you are making/building your own ROM, then I guess you need to include the two projects into our repo and create Android.mk files for them.
If you just want to install it on your already flashed phone, there are precompiled binaries here: https://github.com/sonyxperiadev/EvolutionUI/releases
In each case note that this is not a finished product
Click to expand...
Click to collapse
Thanks !
Thanks for the feedback, both for the positive and the negative!
Btw, you should be able to adjust other applications to work with achievements. The launcher is just an example.
Any application can publish it's own set of features and achievements. I started to write some more detailed explanation, but it's not finished yet: https://github.com/sonyxperiadev/EvolutionUI/wiki
However you can always look at the launcher patches: https://github.com/sonyxperiadev/an...mmit/71460e8441066b3dfc1a796b05f196d7edab8ba8
honestly, this is a bad idea. let me explain why.
the main idea behind this concept is to make it easier to the user to get familiar with the user interface. The user is slowly understanding the "game mechanics" of one "level" (i. e. reduced interface) and once he mastered them, he's ready for the next level. This process repeats until the user has all the skills needed to use the phone fully.
Ideally, the user should have full access to all functionality. The user interface should be polished and user friendly enough that any user doesn't experience any steep hills on the learning curve.
like someone said, Everything Should Be Made as Simple as Possible, But Not Simpler.
The average user has changed since the first smartphone. Back then, the idea of interact with a machine was very new. Arguably nowadays people are being brought up surrounded by technology, making it easier for them to understand how a computational device work.
Hence the achievements system is purely a steep hill that every single user has to do, even an experienced user. More computation machines are owned by the average user: tablet, phone, watches. What I fear is that the user has to go through a little game every time he has a new device. An idea to be successful has to be widely implemented, and I don't see this happening.
One could argue that every device may have a different interface and new "skills" have to be learned in order to fully use the device. True, but where the problem really lies is within inconsistency across multiple devices.
Consistency across multiple devices. This is what the aim of a good designer should be. As mentioned, this interface should be clean and intuitive. It's not easy, Microsoft is trying to do it and even with all the skilled people and resources available they ain't quite there yet.
With what it is available at the moment, a AOSP look with a theme engine (and an advanced menu unlocked it via a semi hidden command, like tapping multiple times the build number to get to Dev options) is a very very good concept.
Sony is almost doing so with the recent devices and I'm really happy about their decision. Continue down this way you guys. This surely was a fun little project to do, hopefully it has taught you something on the way.
p. s.
I love Android and its ability to change interface when I feel like it. But once I found an interface I'm happy about, I'm sticking with it between flashing and phones. The interface is device agnostic. This idea is shared among my friends and personally it is shared across xda as well. Hopefully this could serve as a proff of the above.
pps
I really like the professionality of the latest Sony interfaces, it doesn't look like it was designed for teens. Thank you!
I hope I have expressed my ideas in a clear way without offending anyone. I have open to further discussion on this topic.
hrockh said:
honestly, this is a bad idea. let me explain why.
the main idea behind this concept is to make it easier to the user to get familiar with the user interface. The user is slowly understanding the "game mechanics" of one "level" (i. e. reduced interface) and once he mastered them, he's ready for the next level. This process repeats until the user has all the skills needed to use the phone fully.
Click to expand...
Click to collapse
That's only one of the main ideas. Another important idea is to make it fun, to make a positive feedback to the user. I understand that some users don't need, but some do, some like an extra little bit of challenge, or simply a reward. For example my parents were very happy when they managed to find out how to merge two word documents, and they were eager to tell everybody
hrockh said:
Ideally, the user should have full access to all functionality. The user interface should be polished and user friendly enough that any user doesn't experience any steep hills on the learning curve.
Click to expand...
Click to collapse
I don't think this is possible. There is no way to make a user interface, which is easy to use both for beginner users and contains all the features required for advanced users. You mention the hidden developer options as an example. For me that's a good example why it doesn't work: it took me some time to find out what happened with the developer menu. The same with the offline map support in google maps. They removed the feature from the menu (to make it easier to use for the beginner users), and they added it as a hidden feature (type "ok maps" in the search?!). I also used an iPhone for 2 weeks, but didn't liked. And I liked the UI of the old UIQ phones. I also think the new trend of using more hidden gestures is also confusing for some users (especially the new swipe-sideways-to-delete-but-sometimes-to-show-more-options thingy).
Btw, we thought about advanced users, they can switch profile and disable the achievement system. Or switch profile only, but keep the achievement notifications just for fun. In many comments I saw people look at this as something they HAVE TO do. That's not the case. The point is to track what they are doing, and enable more and more. And of course there are not and there will never be microtransactions involved.
hrockh said:
Hence the achievements system is purely a steep hill that every single user has to do, even an experienced user.
Click to expand...
Click to collapse
Like I mentioned before, this is not something the user HAS TO do. You can skip it by changing profiles.
hrockh said:
What I fear is that the user has to go through a little game every time he has a new device.
Click to expand...
Click to collapse
We actually thought about this as well (but was not mentioned in the article for time/size reason)
We actually think this can help the user to switch to a different phone even if he used a smartphone already. Smartphones have new features compared to the previous one, so there is always something new to learn. The idea is the following:
* if switching from a phone which already supported EvolutionUI, we can copy the state (experiences, features, achievements obtained) and continue from the same point. This is rather easy to do, we already store this information locally (obviously, in case the user reboots the phone), so the only thing we need to do is transfer it to another device (probably via a cloud service). (NOTE: this is still in the concept phase, not implemented yet).
* if switching from a phone which did not support EvolutionUI, we can have a small builtin database, which maps the previous phone to an achievement state. For example if the previous user had an iPhone, we can set the medium profile instead of the beginner profile. It would be possible to even have customized profiles for certain phones (i.e. a small xml file describing all the features which needs to be enabled by start, since it was available in the previous phone)
hrockh said:
Consistency across multiple devices. This is what the aim of a good designer should be. As mentioned, this interface should be clean and intuitive. It's not easy, Microsoft is trying to do it and even with all the skilled people and resources available they ain't quite there yet.
Click to expand...
Click to collapse
NOTE: the following is just my personal opinion:
Of course we cannot guarantee complete consistency, since we control the Sony phones only. But to be honest, I don't think consistency is that important: imagine, if all android phones would look and behave like the iPhone. Of course it would be nice for many users, they could switch to android easily. But what should those users who don't like the iPhone UI do? They could not buy any phone. And I also want to mention again, that IMHO there is no such thing as perfect UI. UIs evolved a lot, but it's still a matter a fashion: a couple of years ago everybody liked the real-life-looking apps on the iPhone. Now they like the new modern, simplified look. It's always changing, and just like with fashion, not everybody has the same taste.
hrockh said:
I hope I have expressed my ideas in a clear way without offending anyone. I have open to further discussion on this topic.
Click to expand...
Click to collapse
Thank you, and I appreciate it!

Why so many updates for Android apps?

Ok, first off, I DID do a search for this, and did not find any pertinent information, so please don't jump my case about using search.
I have often wondered why so many apps get so many updates from the Play Store, some getting updates 3 or 4 times in one week! Is there really that much behind the scenes development going on? Are they just changing the ads or something? Is Play Store updates broken so you get the same update multiple times? It does not seem to be just the free apps though. I have a number of paid apps that do the same thing. If any of you devs could shed some light on this, I would appreciate it. It bothers me when I see an app getting so many updates so quickly, as I wonder what is going on with it that requires those constant changes.
Regards,
--KB
KB_Thailand said:
Ok, first off, I DID do a search for this, and did not find any pertinent information, so please don't jump my case about using search.
I have often wondered why so many apps get so many updates from the Play Store, some getting updates 3 or 4 times in one week! Is there really that much behind the scenes development going on? Are they just changing the ads or something? Is Play Store updates broken so you get the same update multiple times? It does not seem to be just the free apps though. I have a number of paid apps that do the same thing. If any of you devs could shed some light on this, I would appreciate it. It bothers me when I see an app getting so many updates so quickly, as I wonder what is going on with it that requires those constant changes.
Regards,
--KB
Click to expand...
Click to collapse
In short, one of the reason are manufacturers, apps have sometimes problems and bugs with specific phones, for example App 1 works good on Xiaomi, but has bugs on Samsung, developer fix some problem for Samsung but breaks something on HTC phones, and so on, it's sometimes endless loop. And sometimes the same app can be working excellent on Samsung A, but buggy on Samsung B, or App FC when you have some other app installed, but works good if you don't have that other app for example.
Second is that there is 0 app that hasn't got some kind of bug.
Thanks Nitro. As a retired software engineer it just disturbed me that the apps seemed to be so unstable. I guess it makes sense though as they do run on a large number of different devices, with a large number of different iterations of the base software. I also would think that with the shear number of devices out there, actual testing on the various devices would be pretty hard unless you were a rich man. That is where the guidelines from Google come in I guess. You write to the guidelines and hope the manufacturers didn't mess with that portion of the base Android system. Heck of a way to make a living.
In any event, thanks again for the reply, and thanks to the devs that try to make usable apps in a chaotic system! :good:
--KB

Categories

Resources