App Mirroring Has Begun!

Share if the site was helpful

App Mirroring Has Begun!

Last October we wrote about Microsoft’s expedition in linking mobile phones and computers to provide a seamless experience for users. Known as App Mirroring, the goal is to allows users to take any app they use on their phone and use it the same way on a desktop or laptop.  It was just a showcase idea at the time, but now the beta testing has begun!

App Mirroring:

We all love a fluid experience between our devices, yet up to this point in time there has been a noticeable gap between apps and how/if they can be accessed on a computer.  If you want to take your Snapchat conversation and continue it on a desktop, that can prove to be a feat.  With app mirroring the idea is that any app that you can use on a phone can be mimicked on a Windows screen.

We talked about how this could be exciting not only for users, but for developers too.  It could create another medium for experiences, and thus new types of apps could spring up.  Hard to say what, but that’s up the creatives of the world and I’m sure we’ll see some cool things.

Device Limitations:

App Mirroring is still a catchy term in my opinion, but the feature is currently named “Phone Screen”, and it has a few limitations.  Phone Screen will only be supported on certain types of hardware and requires users to use the latest beta Windows 10 Insiders build.  It will be compatible with Android phones running 7.0 or higher, so if you’ve bought a phone within the past few years you are probably in the clear there.

Additionally user’s PCs will need to support Bluetooth with Low Energy Peripheral mode. And with the Surface Go meeting these requirements, there will likely be a fair amount of compatibility between the app and tablet worlds as well.

Using Phone Screen:

To use Phone Screen as a beta tester you’ll simply open the Windows 10 Your Phone app.  In here you’ll be able to see a list of all your installed Android apps, and you can select any of them to open the same way you would a phone.

Currently only Windows Insiders running the latest test builds will be able to test app-mirroring (that’s how betas usually go), but it’s hard to say how long until its available to everyone.  Android users can already use the Your Phone app to see the last couple dozen photos they’ve taken on their phone.  So the first steps to bridging the gap are actually already here for all of us. It’s good to see that trend is continuing with App Mirroring

What are your thoughts on App Mirroring/Phone Screen?  Are there any apps it will be amazing to use on a desktop?  Let us know in the comments below!

 

Monetizing Your Apps With Ads

Share if the site was helpful

Monetizing Your Apps With Ads

App making is a beautiful things.  You can literally write down what you want to happen, and watch your creations come to life.  It’s both a science and an art.  Unfortunately sometimes app making alone doesn’t pay the bills.  It does if you work for a company or you freelance your skills to other people, but if you want to make apps on your own, you need to find a way to cover your costs.  Enter ads.

Of course, no one likes ads.  They’re an evil necessity though, allowing goods and services that would otherwise cost money to be enjoyed for free. The user gets a free experience, the company displaying ads gets publicity, and you the developer get money! It’s not a get rich quick scheme, but trust me, you’re going to get downloads a lot quicker if you can make your app free.

Who do I need to call?

Before you pick up the phone and start calling local companies to see if they want a spot in your app you should know its easier than you think. Rather than having to contract with advertisers yourself, Google does the heavy lifting.  AdMob is a mobile advertising company designed to link developer’s creations with companies looking to advertise.  All you the developer have to do is add a spot in your app for ads to appear, and Google takes care of the rest.

It doesn’t matter how they do it or what steps are involved, but Google will gather and distribute the advertisements companies have paid them for.  You may be advertising for Coca-Cola, or Tide.  You don’t really know and you probably don’t care.  Meanwhile every time an ad is displayed to a user and then clicked on you earn a couple pennies.  Not enough? Well get a few thousand downloads and then we’ll see how your bank account is doing.

How to get started?

A lot of job descriptions I’ve seen include “experience with AdMob” as if it’s something that takes a while to master.  This couldn’t be farther from the truth.  There are a few steps to get things set up initially, but the process isn’t complicated.  We walk you through creating an account, adding the necessary code, and publishing your app at on the Play Store.

Here’s AdMob’s website where you can create an account. Once you do that the two things you’ll need to do are update your xml to include a view for your ads, and then create a new AdRequest to load your ads.

One Size Fits All?

There are actually different kinds of ads that you can include in your app.  The instructions above are for Banner ads.  These are small ads that appear either at the top or bottom of the users screen while they are using the app.  User’s may not even notice them if you use them correctly.  Then there are other ads such as Interstitial ads.  These are much more invasive taking up the user’s entire screen for a short time.  User’s really don’t like these, so make sure you use them wisely (maybe in between levels in a game).

The bottom line is that ads can be really beneficial to you as the developer, and if done correctly hardly an inconvenience to users.  It’s a win-win.  We didn’t go into the weeds on anything here, but if there’s something else you want to know about ads or AdMob, just let us know in the comments below!

 

The Man In The Disk

Share if the site was helpful

The Man In The Disk

If you’ve ever taken an introductory class on cyber security (or if you’ve explored the topic on your own), then you’re likely familiar with the term MITM.  Man-In-The-Middle attacks are security breaches where a 3rd party butts their way in-between two parties attempting to communicate.  Obviously, this is not an ideal situation for either party, and a new variation of MITM is taking Android users by storm.

MITD

Man-In-The-Disk (MITD) is the name that’s been flying around the past few days.  But before we get into its details, let’s discuss a little more of what MITM attacks entail.  A MITM attack is when an unknown party inserts itself between the two trying to communicate.  When this is done that malicious party is able to spy on the conversation happening.  Even worse they might altar what is being sent.

As an example let’s picture an everyday conversation between two friends.  Person 1 and 2 are talking to one another about their plans for tonight.  And let’s say person 3 is bitter they didn’t get invited.  Person 1 might send 2 a message online asking “Want to meet up at 8?”, but 3 intercepts it, changes it, and then forwards the newly modified message to 2.  Now when 2 opens the message it instead says “On second thought there are cooler people I’d rather spend my time with”.  (A riveting example, right?)

The idea is simply that a 3rd party can both invade and modify conversations between clients and servers.  And a lot of the time the invasion can be a lot more critical than hurt feelings.  MITM attacks can be avoided by taking proper precautions and such as certificate pinning.  But that deserves a whole post of its own.

So How Does It Happen?

MITD attacks are a specific type of MITM that takes advantage of careless storage on users phones.  MITD attacks can allow 3rd party users to access information that is stored on an android device’s external storage.  This is something that many apps don’t use, but researchers at Check Point recently found that many app developers (including Google itself) are not following the recommended security precautions for avoiding this vulnerability.

There are a couple different methods for storing information in Android apps.  Android’s developer website has a good page laying out the differences between them.  If you want to go deeper into when using each is appropriate PhonLab covers this in its Android Development Course.   For the most part Android security is very sound due to sandboxing.  This is the idea that each app silo’s its information and only makes it available to others if either the user allows it or if both apps are on board for sharing.

External Storage

External storage is essentially a part of the device’s storage card that is shared by all applications. Google suggests that developers should add extra validation if apps utilize this storage functionality.  And unfortunately it seems that a lot of apps currently aren’t doing this.  Due to prioritization of external storage, data coming in to the phone may be subject to MITM attacks before it even reaches the app meant to use it.

Ironically Google was not following this advice either.  Since the report came out they’ve addressed the places where they were falling short, but it seems many other apps have made the same mistake and will be named after they correct their issues.

In conclusion, there is a security scare going around for android apps, but don’t overhype it.  If developers take the proper precautions to prevent MITM attacks (something Google explains easily how to do on their site) then this danger fades away.  Security is an ever-changing field, but this breach is one that can be easily avoided if developers do their due diligence.

 

Google Pay: Caring Is Sharing

Share if the site was helpful

Google Pay: Sharing Is Caring

Earlier this year Android Pay and Google Wallet combined forces to create Google Pay, a one-step payment process for Android users.  The app has featured online payments with certain websites/apps by initially linking a credit card and then checking out in the future with one click. More technologically impressive it uses NFC (Near Field Communication) to allow users to hold up their phone at a cash register and buy things in person too.

Google Pay seeks to make users lives easier by removing the hassle of reaching into you wallet/entering checkout info every time you buy something.  Yet the adoption rate for it has been…sub-optimal.  So far we’ve seen about 6% of total smartphone users give Google Pay a try.  It’s a growing number, but it’s still not very big.  If it’s because Google Pay doesn’t do enough for users, then it may start growing faster.

So what’s new?

Today Google announced some new features for the app that make it more useful.  The biggest of these is that you can now use Google Pay to send money to friends.  With apps like Venmo, PayPal, and the CashApp this is nothing new, but it’s necessary for the Google Pay to become relevant as it’s one of the primary ways younger generations pay one another.

And if you haven’t used cash sharing apps like these before GET ONE.  They’re essentially the staples easy button for splitting bills at restaurants and paying back friends.   Google Pay has a challenge of gaining traction in this sector since there are already a few established apps and sharing apps are only as useful as their adoption rate.  But then again, it’s Google and they choose what apps comes preloaded on Android phones.  Chances are they’ll be alright.

But wait there’s more!

Another new upgrade for the app is that it will be supporting boarding passes and event tickets.  Companies like Southwest and Ticketmaster will be incorporated into the app to allow users to take one step closer to a one-stop shop.  These tickets will update with real time information if something like a flight delay takes place, and they’ll work alongside any loyalty cards you have.

The updated Google Pay app is rolling out today, but it will be a few weeks until it reaches everyone who uses it.  The long term goal is clearly for Google Pay to become your go to app for any circumstances. I’m certain we’ll see some more new features come up in the news soon, and I’m also sure you’ll be able to read about them here!

What are your thoughts on Google Pay’s changes?  Is it still lacking something essential for success?  Let us know in the comments below.

Improved Security Or Less Freedom? APK Updates

Share if the site was helpful

Improved Security Or Less Freedom? APK Updates

Earlier this week a small change rolled out to the Google Play Store.  It’s one that you likely won’t even notice, but for those who have it’s tough to decide whether the shift is good or bad.  What change?  Just a small string of metadata for apps.

Google is adding a security string of metadata to all Android APKs (the file format android apps are stored in).  This string will come along with the usual app and be used to verify that apps are distributed through the Play Store or another approved channel.

But why?

The reasoning is (of course) for security purposes.  Users will be able to verify that the apps their downloading aren’t malicious apps seeking to wreak havoc on your system.  There are plenty of apps that have posed as secure looking every-day apps when in reality they were doing other things under the hood (such as mining bitcoin).  This new metadata will supposedly help catch apps like this and ensure that any apps users are downloading are coming from a safe place.

We’ve talked before about how android apps are pretty secure through their information silos.  Apps must use a content provider/resolver to access information from one another, and in order to get access to your serious information (contacts, messages, pictures) apps are required to request permissions that must be explicitly granted by the phone’s owner.  That being said it’s still not a good idea to go around downloading every app you can just for the heck of it.  Security should not encourage reckless behavior.

So what’s the issue?

So why the controversy?  If this new string of data will help keep our phones more secure why could people be opposed to it?  Well the new string is essentially DRM (Digital Rights Management).  As with media services, there’s potential for companies to abuse DRM to choose how and when you use their product.

Let’s say for example you download an app and like it how it is.  A new update comes out and you hear horrendous things about it like it makes an ad pop up every 5 seconds (a terrible marketing strategy).  Naturally you would try to hold off on updating to this new version as long as possible.  Well with DRM it might be difficult/impossible to tinker with the app to remove ads, and a developer could potentially force you to update to the new version by altering the metadata.  It’s a win for mobile app security, but it also invites misuse.

It’s not easy to say if this is a big deal or simply a step in the right direction for security, but it also hasn’t been in the limelight for long.  What are your thoughts on this change to coming apps?  Let us know in the comments below!

 

 

Google I/O Is In!

Share if the site was helpful

Google I/O Is In!

We’ve talked about Google I/O being on the horizon here before, but we can do that no longer.  It’s here! (Actually once it’s over we’ll probably immediately start writing about 2019’s event).

Yes, today marks the kickoff of Google’s 11th annual conference.  And as such the entire Android population has a lot of stuff to talk about.  Google I/O started off strong with its keynote mapping out some of the things to be discussed this year.  Here are some of the highlights of day one:

Artificial Intelligence:

As with most other places these days, AI was one of the most used buzzwords at day one.  It’s somewhat become an all encompassing term for any technological advancement that helps us.  Despite this, Google separates itself from the pack by bringing some pretty cool new features to the table.  Whether it’s self-writing emails or auto adjusting screen brightness to your preference, Google is working on slipping AI into every part of our days.

Actually it’s so much cooler than that.  In the video above at 3:10 you can watch the Google Assistant play as your personal secretary.  It makes a call to a local hair salon and books an appointment without the person on the other end ever realizing they’re talking to AI.  Scary cool.

Android P:

There’s been lots of hype about Android P in the past few months, and we got to see more today.  With it’s 3 key themes of Intelligence, Simplicity, and Digital wellbeing, Android P seeks to one up everything else already in your hand and provide a predictive, pleasant experience.  We’ve talked before about some of the new features coming with Android P, and today that list only gets longer.

Adaptive Battery is a feature aimed to conserving battery life by using (you guessed it) AI.  It studies your app usage patterns and then can dedicate more battery power to conserving the things that you will likely be using in the near future.  Along with this comes the Adaptive Brightness feature I mentioned above where your screen will auto-adjust given your preferences.

Not only does P look to alleviate your battery strain under the hood, but it uses its predictive analytics to bring apps you’re about to use to the forefront.  P is currently available on a select few devices (9 total), and if you’re interested in downloading it click here.  If you’re unsure what you’re doing and want support with flashing your phone, then check out our Smartphone Tech Course over at Phonlab.  Otherwise stay tuned and we’ll post a guide in the near future.

Augmented Reality:

As for the other big buzzword topic, Augmented Reality had some cool new features to display.  Maps have been souped up with the newest computer vision features to recognize where you’re looking in the real world and flash both directional arrows for guidance as well as information about local places.  If you’re walking down the street and a restaurant catches your eye, say goodbye to opening up yelp and searching for its reviews.

The camera has also become greatly enhanced with its new capability to recognize where things are in the real world in terms of depth perceptions.  Moving your phone around your room, office, or down the street you’re able to get live estimates of how far away things are.  This is sure to be crucial in a lot of coming apps.

There’s a lot more to come in this year’s Google I/O, and we’ll keep you updated here.  Is there anything in particular you want us to go more in depth on?  Comment below and we’ll give you all the info you could dream of!

 

 

 

 

Reverse Engineering Apps. A Primer

Share if the site was helpful

Reverse Engineering Apps.  A Primer

Reverse engineering is a pretty cool concept.  Someone builds something, you want to see how they did it, so you take it apart and see how it was put together in the first place.   It can be a great way to learn, and it pushes technological progress forward.  But there’s also a dangerous side to it.

Reverse engineering done with malicious intent can lead to copyright infringement or other damages.  It’s a fine line to walk on for what is ethical and what isn’t, and that doesn’t change inside of the Android world.  In here reverse engineering is common and developers should always account for it when building apps to make sure they’re taking necessary precautions.

The term for reverse engineering an app is “decompiling”, and what you’re decompiling is an APK (Android Package Kit).   This is essentially just a .zip file that stores our apps code.  You build an APK when you compile your code and use that APK to upload the app onto the Google Play Store.  This is then what users around the world download onto their devices.  And if they’re tech-savvy enough, they can open up this APK and see what’s inside.

Why Decompile?

Let’s take a second to think about a couple reasons why we would want to decompile our APKs.  One possibility is that we’ve misplaced our source code and are hoping to recover it.  If this was the case then we could decompile our app from a phone it was already on. Note that this has its limitations as the decompiled code will not be the exact same as the original.  Some parts will be lost along the way, so make sure you save your code on Github!

Another possible reason for decompiling an app would be to evaluate its security.  If you’re able to see things you want to keep private simply by decompiling an app, other people can too.  And chances are they won’t always be decompiling for education purposes.  I’ll be following up on this blog shortly with another one going more in depth on how to properly hide secrets in your apps.

And of course there’s always decompiling for modding purposes. If you reverse engineer an app and put it back together how you want then you can add new features or customize how things behave.  Here’s where I throw in a disclaimer that you should make sure you’re a law abiding citizen while doing these things.  Lots of companies/developers would be very unhappy to hear that someone is decompiling their apps to make monetary gains.

How To Decompile?

The good news is that if you want to decompile apps on your own, you absolutely can!  You’ll need to download a popular tool known as apktool, and also make sure you have java set up on your computer.    Here’s an great video showing how to use apktool to theme and edit android apps.

 

Want to know more about decompiling apps?  Don’t worry we’ll be writing lots more on it soon, but in the mean time let us know what you want to know in the comments below!

Malicious Apps: Mining Your Own Business

Share if the site was helpful

Malicious Apps: Mining Your Own Business

Whether you know it or not, you may be an investor in bitcoin.  Ok, that’s not entirely true.  But your phone may have helped someone else mine it without your consent.

Researchers at Kaspersky Lab, a cybersecurity company, have recently found multiple “mining” apps on the Google Play Store that are disguised otherwise.  Apps hiding under the mask of games or streaming apps have secretly been using smartphone processors to mine cryptocurrency without the user’s knowledge.

Mining in Smartphones

Thanks to its recent news hype, most people are familiar with the concept of cryptocurrencies such as Bitcoin and how it’s mined.   There’s no physical digging, but instead users are rewarded the currency in return for processing transactions and updating the blockchain ledger.  And since processing transactions takes hardware and electricity, the more technology you have at your disposal, the more currency you can earn.  This has resulted in giants entering the business and consolidating massive amounts of hardware in warehouses.

Smartphone processors are not as powerful as their desktop counterparts, but when one app is able to tap into thousands of them, the results are still significant.   Kaspersky Labs has found multiple apps with this affliction, some of which have been downloaded more than 100,000 times.  Some of these apps are even programmed to keep tabs on how much processing power their using so as to easily fly under the radar of the average user.

Google’s response

Google has since removed the known abusers of this tactic, but it’s hard to say how many apps are in public hands right now doing the same thing.  It also seems that the betrayal of trust isn’t the only underlying issue here.  Recently Google announced that it would remove any and all mining extension in the Chrome Web Store, regardless of if users were aware of what they were doing or it the extensions were legitimate.  The question remains whether this policy will expand into the Google Play Store, but I think it’s safe to assume it’s only a matter of time before it does.

And until then the question becomes how to avoid these kinds of apps.  Right now from a development standpoint there are no permissions that must be accounted for in relation to mining, so there doesn’t seem to be much security that can block these kinds of apps (other than mindful downloading).

What are your thoughts on your phone being used as a mining tool without your consent or knowledge?  Do you have any thoughts on how to prevent this?  Let us know in the comments below!

Building Your First Augmented Reality App

Share if the site was helpful

We’ve talked before about how influential augmented reality is going to be in the future.  What we didn’t mention is how easy it can be to take part in shaping that future.  Over the course of the next two posts we’ll show how to incorporate AR into an app, and when it’s all said and done we’ll be able to look at a virtual elephant in the real world.

It’s not too complicated as far as subject material goes, but there a couple steps involved so we’ll split this into two pieces: gathering our resources and then putting them into action.

Before we do any work though, let’s take a second to discuss the bigger picture of what we’ll be doing here.  If you’ve ever experimented with game development, then you’ve probably heard of Unity.  If not, then some things in this tutorial may seem a little confusing at first (but far from impossible!).  Unity is a development environment where developers can make 2D and 3D games, and we’ll be using it here to host our augmented reality app.  Click here to download Unity, and when you do make sure that you include the Android/iOS and Vuforia plugins.

We all know about Android and iOS, but odds are Vuforia is a new name.  Vuforia is a popular AR platform that allows us to use image targeting in our apps.  Essentially all we have to do is pick a 3D model and an image.  Vuforia will then root our 3D model to any images it sees in the real world.

For example, in this app we’ll be using a 3D model of an elephant made with Blender, and the image will be a $1 bill.  With this combination, any time our app’s camera finds a dollar bill in the real world, it will place the 3D model on top of it.  The result is the title image of this post.

Ok, that’s enough background.  Let’s jump into the actual set up.  Use the above link to download Unity if you don’t already have it, and then go to developer.Vuforia.com and create an account.  After you’ve made an account click on the develop tab and then click to create a new license key.  You can name this anything you want, but as you can see in this image I chose “VuforiaElephant” as my name.

After creating the license key you’ll be able to click on it and see a string of random characters representing it.  Copy and paste this value; we’ll be using it later in this tutorial. 

We create this license key so that our app in Unity will be able to connect to our Vuforia account.  Now for the second step we’ll need to do create a database inside of Vuforia to hold our dollar bill image.  Change your selection from License Manager to Target Manager and then add a new database.  I’ve named mine “DollarElephant”.  Inside of this database we’ll click “Add Target” to add a new target.  Pull any image of a dollar bill from Google images and add it here.  Then set it’s width value to 5 and give it a name (dollarTarget is just fine).

When you’re done with this click to download the database, and that’s everything we’ll need to do in Vuforia.  Before moving into Unity let’s also get the 3D model of an elephant we want to use.  Click here to download the elephant made by sagarkalbande (and feel free to try this out with a different model).  Save this file onto your computer and now let’s move into Unity.

If you’re feeling overwhelmed right now, don’t worry we’re not going to do much else in this first part.  For now let’s open Unity and create a new project named “VuforiaElephant”.  Go to “File”, then “Build Settings” and select Android as your Platform.  After making this change the little Unity cube should appear next to Android.

Finally inside of the Build Settings window click on “Player Settings” and a bar of options will appear on the right side of your screen showing setting options.  Open the tab that says “XR Settings” and check the box that adds Vuforia Augmented Reality to our project.  Go ahead and import the settings that Unity says it needs to add, and now we’re ready to start the fun stuff.

If you’ve made it this far down the blog, then good work sticking through the dry steps.  We created a Vuforia account, made a license key, and selected a dollar bill as our image target.  Then we downloaded our elephant 3D model and created a new project in Unity.

So now we just have to make the connection inside of our Unity app between the dollar and the elephant.  Stay tuned for the second part of this tutorial in the next few days and we’ll finish out the project so that everyone can have their own virtual elephant! Does app development have you completely lost? Check out Phonlab Android app development classes HERE

Android Adding Animated App Ads

Share if the site was helpful

Android Adding Animated App Ads

Whether you like them or not, ads are here to stay.  They’re the reason so many apps are free to us as consumers, and without them we’d have to pay a few more valuable dollars out of pocket.  That being said, the less of a nuisance an ad is the better.  Google is exploring how to make ads more interesting, and the results are pretty meta.

Google’s New Strategy:

Google is testing out two new forms of advertisements, and while they’re in beta testing right now, it’s just a matter of time before they’re rolled out to everyone.  The first of these are video ads in the Play Store’s search results.  These videos won’t autoplay, but upon searching for a game users will have to option to watch trailers for related games.  Not too complicated of an idea, but certainly more interesting than just seeing 4 screenshots of what gameplay entails.

Now the really interesting change that Google is exploring is how to interrupt user’s experiences with ads without them realizing they’ve been interrupted.  The solution?  Games within games.  Usually when you complete a level or die in an app game you’re confronted with a short video of the newest game on the Play Store.  If you’re anything like me you count down the seconds until you can click to skip and get back to what you were doing before.  Google plans to make this experience less of a hassle by creating playable ads.  So when your game/app is interrupted by an ad, that ad will actually be a mini game that can be played.

The hope behind this is to get users more involved and increase the click rate on advertisements, all the while exposing players to games of similar styles and genres.  According to Google, video ads are used in almost half of the 1,000 top-earning apps.  A big change like this is certain to get some exposure.

Impending Impact:

It’s possible that these ads have an adverse effect and cause games to become more burdened with advertisements, but I for one have a bright outlook on this new implementation.  If this change is done in a tactful way that replaces current ads rather than adding on to them, things should be fine.

And from a developer’s standpoint, this change should be welcome.  I think It’s important to emphasize that an app only has to have as many ads as its creators choose it to.  Developers can learn how to easily integrate AdMob into their apps, and then decide how apparent they want ads to be in their app.  There’s a fine line to walk between scaring away users with too many ads and bringing in revenues, so regardless of any changes that come a free market should balance this trade off out.

How do you feel about Google mixing things up in its advertising department?  Let us know in the comments below.

en English