Let Firebase Cover the Basics For You

Share if the site was helpful

Let Firebase Cover the Basics For You

When it comes to writing code, the less you have to do the better.  You want control over how your applications behave, but if you can piggy back off of other developer’s work then that’s generally a good thing.  And if you’re hoping to be an app developer, then one of the best tools for piggy backing is Firebase.

Using others to your advantage:

If you think about it even developing the most basic app takes the work of countless others.  Someone else had to develop the programming language you’re writing in, someone else had to build the IDE (probable Android Studio) that you’re developing on, and someone had to…well you get the point.  Any modern-day invention was not created from nothing, it came about thanks to the ground work being done by something that came first.

This doesn’t mean you can’t be innovative.  It means that there’s nothing wrong with using 3rd party libraries and tools to make your development journey easier.  If you don’t have to worry about the basics then you can focus on what makes your app great.  Ok enough justification, let’s talk about how you should use Firebase to make life easier.

Authentication and Data Management:

How many apps do you have that require you to sign in to fully use features?  Of those how many let you create and account through Facebook?  Users hate having to create sign-in info, a decent percentage won’t even go through the process because of the extra 10 seconds it takes.  So including an option for one-click sign in makes it more likely your app will succeed from the start.  Firebase makes this feature easy to leverage allowing you to create a sign in screen with companies like Facebook, Twitter, and Google. 

When users sign up Firebase keeps track of their info and allows user management to be easily configured.  If a user gets a new phone they can log in and Firebase will associate them with the same account.  Firebase also has a database feature allowing you to create and store JSON info, so users can interact with one another and store information easily.  Let’s say you wanted to create that new social media app which lets people post pictures and message one another:  Firebase should be your go to.

Analytics:

When you release an app it’s best to have a game plan for what’s next.  What if users love one part of the app but never use another?  Well if that’s the case then you should aim for a redesign that either brings in new features or directs the users attention to things they are more interested in.  Of course if you release an app and people in other countries start downloading it you can’t exactly track them down and ask them how they’ve been using the app.

This is where analytics come in.  Firebase gives you the capability to monitor user events (anonymously) so you can see which features are getting the most interaction.  If you have a search bar in your app that no one ever clicks on, it’s either time to drop it or move it elsewhere to try again.  Analytics can keep you in know for how your app is behaving and what should change.

Crashlytics:

And on the topic of what should change in app behavior, crashes are about the worst thing a user can experience.  You may be getting 1 star ratings in the app store because your app shuts off randomly for some users and you don’t know why.  Firebase offers Crashlytics to look at the stack trace details for every crashed application.  If there’s one button in your app that is broken and slipped through your checks when publishing, now you’ll be able to see that it’s responsible for the crashes and act accordingly.

Firebase offers a ton of other features that can make development easier and the user experience more fluid.  These are just the tip of the iceberg and features I enjoy using on a daily basis.  If you want to learn how to incorporate Firebase into your apps then checkout Phonlab’s Android Development Course!

 

That Missing Guide To Kotlin Part 2

Share if the site was helpful

That Missing Guide To Kotlin Part 2

In part one of our Kotlin series we began exploring the newly adopted language.  We saw a few examples of how it can make our code more concise and user friendly than Java including type inference and inline constructors.  In part two we’ll continue to show how Kotlin can make your code easier to work with while focusing on one dreaded Java roadblock: The NullPointerException.

If you’ve written anything in Java before then you’re familiar with NPE’s.  It occurs when you attempt to interact with a variable’s value, but it turns out there is no value to interact with.  Your compiler can’t see that there’s no value available, but at run-time your system checks for it and then crashes when it can’t be found.

Kotlin to the rescue

While Kotlin is 100% interoperable with Java (99% really as we’ll see soon) it’s fundamentally different in a few aspects.  One of these is nullability.  In Java every variable has a default value.  This is the value it can fall back on if you never explicity say what value it contained.  For example when you declare a boolean variable, unless you specify its value, it will be false.  For any variable that isn’t a primitive type, the default value will be null.  This can be really useful at times, but it allows us to accidentally try to grab a value when there isn’t one.

In Kotlin its possible to completely avoid this situation. Every variable that is declared is either a nullable type or a non-null type.  What this means is that along with declaring what type of value (Int, Boolean, custom class) your variable holds, you declare whether it is ever allowed to be null or not.  Here are two varaibles declared in Kotlin.  The first can never be null, while the second is nullable.

As you can see, the question mark is used to show a variable has the possibility of being null.  If there’s no question mark in the variables declaration, then you are safe to use it in every situation without risking it throwing an NPE.  This means that you’ll never have to write if statements checking if a variable is null to play things safe. Goodbye useless lines of code

Nullablility In Action

When using non-null type variables, we don’t have to check if there is a value present.  But for other situations we still must take precautions.  One way that Kotlin allows us to do this concisely is through safe calls.  A safe call looks similar to the traditional method of retrieving a value, except we include a question mark at the end of the variable.  So

Becomes

By doing this we can almost read the code as if it’s English.  We’re asking “does the pet exist?”, and if the answer to that question is yes then we move on to the name characteristic of our pet.  If there is no pet that has been created at this point in our code, instead of the app crashing our variable will be given a value of null.

This becomes incredibly powerful when we start chaining safe calls.  Let’s say we want to check if a company has an HR department with an employee name Toby who at tuna for lunch.  Instead of writing a null check for each of these before interacting with them we can write

If along the way any of these things doesn’t exist, then the code will finish the statement returning null and not interacting with any of the variables past the break.  Without an HR department the code won’t crash, but instead our employee variable will be set equal to null.

Control Is A Good Thing

This is probably the most common feature of Kotlin that you see people talk about, and it’s because of how powerful it is.  Not having to deal with null values is amazing, but even when we have to our code can be concise and clean.

The language can also smart cast nullable variables into non-null given the proper verification at first.  So if you had a nullable variable and then explicitly check if it wasn’t null, then you wouldn’t need to use any ?’s moving forward when accessing that variable.

Kotlin isn’t perfect, but when it comes to dealing with null values it has everything that Java has to offer with some additional perks and changes.  We’ll continue exploring some of Kotlin’s advantages in part 3.  In the mean time if you have any questions about how nullability works let us know in the comments below!

That Missing Guide To Kotlin

Share if the site was helpful

That Missing Guide To Kotlin

 

In 2017 Kotlin began taking the Android community by storm.  Google adopted it as a first class language, and shortly afterwards developers everywhere renounced Java in favor of the newer, sleeker language.  That change isn’t going away.

I won’t lie, when I first was exposed I didn’t see what all the fuss was about. There were tons of articles that talked about how revolutionary Kotlin was compared to Java, but other than avoiding NullPointerExceptions they didn’t seem to go in depth at all. Because of this all I saw was slightly different syntax.  Boy was I wrong.

Kotlin is not perfect, but it does have a lot to offer that you don’t really notice until you start writing code with it.  This is part 1 of a 3-part piece will dive deeper into some of the things Kotlin has to offer.  Ideally after reading these posts you’ll have a better idea of how Kotlin can make your codebase shorter, more efficient, and easier to read.

Let’s start with the basics

Before we get into anything fancy, let’s explore a very basic concept that Kotlin offers: type inference.  In Java when you’re declaring a variable you have to do two things.  First you have to say what type your value is going to be (String, int, byte, etc.).  Second you have to name your variable.  Additionally you can set the variable to a value, or if it’s a member variable you can let it default to null, 0, or false depending on its type.

Kotlin tries to alleviate this (even if it’s not that painful) with type inference.  The compiler is smart enough to know what kind of value you’re working with based on what you set it to. Instead of writing

You can write

var is the generic term for variable in Kotlin, and the compiler knows that we’re dealing with a String because the value “hello” is a string.  Ok, that’s really not very cool. But compare these three lines in Java and Kotlin:

A small difference, but once you start writing with it you’ll be surprised how nice it is to not have to give that split second to declaring the right type.  The var keyword will work for any type that we attempt to put in it, even customized classes.  The keyword val functions the same way except its value is final.  In fact, everything in Kotlin is declared final by default unless otherwise specified (more on that later).

Saving Space

Ok, so we can replace a type declaration with the words var or val.  That doesn’t really save us a ton of time or space in our code.  Let’s look at something a little more impressive: Constructors.

Let’s say the app your building has a database that you need to get into to provide users with information.  To manage this data you’ve built the class DataManager.  Here it is in Java:

And here it is in Kotlin.

What’s happening here?  Well we’re declaring the class the same way with the words “class DataManager”, but Kotlin allows for an inline constructor.  This means we can create our constructor inside of the class declaration by adding our parameters “variable1” and “varaible2”.  Notice that we had to declare the types of each of these two variables along with the word val.

But…Type Inference

This seems to go against what we just learned about type inference, but don’t worry its not.  Along with the type inference we’ve seen so far you can declare the type.  There are some situations where both are necessary/appropriate (such as an inline constructor).  What this code is doing is saying that our class will have two var’s that are Strings, but since we haven’t actually created an instance of the class yet there’s no way our compiler would be able to know the values are Strings unless we explicitly declare them to be.

By including val before each parameter we ask Kotlin to both use it as a constructor argument as well as declare it as a member variable for the class.  And Kotlin classes also take care of getters/setters for us automatically, so we don’t need to write those.

From 20 to 2

So by declaring my two member variables inline I’ve knocked my code down from 20 lines to 2.  Yes, 10 times less code.  Obviously not everything changes this drastically, but this is a great example of how Kotlin can both speed up your coding as well as make it neater.  And really by no means does the readability suffer here.  Reading this Kotlin code we can see clearly that DataManager takes 2 parameters in its constructor, and unless we specify otherwise, Kotlin will always take care of our getters and setters.

Again, this is just one instance where Kotlin saves code, but we could take this example even farther by overloading our constructor with default values.  That’s an example for another Kotlin post down the road, but hopefully even this one gives you a taste of how your codebase can shrink when you convert it.

If you want to go DEEP down the Kotlin rabbit hole, then Phonlab offers classes on it in the Android App Development course.  I’d highly recommend you check it out, as well as stay tuned for part #2 of this!

Will Fuchsia be Android’s Usurper?

Share if the site was helpful

Will Fuchsia be Android’s Usurper?

Android is the world’s most popular mobile operating system, and for good reason.  It’s created both high end and affordable options for users worldwide to experience what it has to offer.  And what is has to offer has been time and time again improved upon.  That being said, improvements are always happening in the tech world, and 5 years from now Android might not hold it’s place as #1.  Here’s a curve ball for you: I’m not talking about Apple.  Android’s upcoming replacement may be Fuchsia.

Wait…what the heck is Fuchsia?

For a few years now a stealthy group on engineers at Google have been working on Fuchsia.  The project came into existence as a potential solution to Android’s limitations.  It’s being designed with voice interactions and security updates in mind where the current Android platform falls short.  And while this has been quiet, it hasn’t been locked down.  Some of the code has been open source since 2016 and outside app developers have been allowed to experiment with it.

The Fuchsia team has a higher goal than just more efficient software though.  They’re attempting to design something that will make interaction with all in-house gadgets a fluid experience.  Imagine a single operating system that controls all your speakers, tv, and other residential tech.  Now imagine also being able to interact with all of these devices by speaking to them.  Your house becomes a sentient being, somewhat like this post we wrote a few months back.

So Android will be gone in 5 years?

No, I definitely exaggerated in that first paragraph.  5 years would be an insanely quick turnaround for Android to completely fall off the map.  Android currently dominates as king with roughly 75% market share compared to Apple’s 15%.  Still, it’s far from perfect.  There are performance, privacy, and security concerns with out of date Android phones that need to be addressed, and a new software like Fuchsia could help jump that transition forward.  All the same we’ll be seeing Android phones for quite some time still, and P hasn’t even reached the market!

Fuschia is being developed with audio interactions at its core.  There haven’t been any apps built on it at a serious commercial level yet, but rumors are flying that we’ll be seeing a YouTube app with voice command soon.  My prediction is that over the next year or two Fuchsia is going to grow in the open source community until its eventual official launch, at which point we’re going to see a boom (hopefully a quicker boom than new Android version adoption rates!).  I’ll be keeping a close eye on it, so stay tuned for more updates.  And if you have any thoughts about Fuchsia or it’s potential let us know here!

 

Android P Releases Its Final Beta

Share if the site was helpful

Android P Releases Its Final Beta

While Android Oreo is just starting to hit its stride, Android P is making news too.  This week Google released the final beta preview of Android P before it’s official launch.  We’ve seen a few beta previews so far this year, and this one should be even closer to what P will look like when it launches.

According to Android VP Dave Burke this beta includes “final system behaviors” meaning Google’s new gesture-based navigation will be locked in and shipping with Android 9.0.  Of course there’s always room for improvement, and that’s a large reason betas exist, but this should be stable for installation on your main phone.  Google hasn’t mentioned any known bugs, so if you have a phone that can handle it out get the beta and let us know what you think!

What’s new in P?

We’ve talked before about Android P and what features it has to offer.  Spoiler: they’re awesome.  P offers a series of features that revolve around the idea of predictive analytics.

There’s an adaptive battery that takes into account what time of day you typically are running your apps, and if it doesn’t think you’ll be using them any time soon it shuts them off to save energy.  Couple this with the screen brightness which auto adjusts based on what you typically set it to throughout the day, and you’re looking at a much longer lasting battery life.

Apart from performance improvements, we also have completely new features that enable us to experience things differently.  One I’ve talked about before at length is Wi-Fi RTT.  Round Trip Time is a method of really getting to know your exact current location.  It’s accurate within about a meter, and does so by triangulating between multiple Wi-Fi access points nearby.  This improved location methodology offers some cool opportunities that just depend on how creative developers want to get.

Privacy Improvements:

There are also security improvements that come with P, and in an everchanging world of privacy that’s a key improvement.  Have you ever gotten a notification saying an app was running in the background when you didn’t think you’d been using it?  How about having an app crash in the background even though you haven’t opened it in ages?  That’s never a good thing to see.  P will prevent idle apps from performing actions such as accessing your camera (yes this is a thing!!).  P offers a series of security upgrades that limit what apps can do in the background in an effort to help protect user privacy.

How to get P?

First off, I’m so ready to stop calling it P and use it’s actual name. Unfortunately we’ll have to wait a little longer for that.  But if you want to get the beta on your phone today you can check it out on Android’s developer website here.  Give it a try and let us know your thoughts on it!  We’ll be sure to continue writing about developments in the software, so stay tuned for more.

 

 

 

Oreo: Coming Soon To A Phone Near You?

Share if the site was helpful

Oreo: Coming Soon To A Phone Near You?

It’s been just over 10 months since Android’s newest version (Oreo) began rolling out to devices. Almost a year, so let’s take a second to see how it’s doing. Well…it may be performing really well in terms of quality, but quantity is lacking.

How bad are we talking?

Every month Google releases Android’s distribution numbers showing how many devices are running each version of their operation system, and according to July’s numbers this year Oreo is active on 12.1% of active devices. As a point of reference, that puts Oreo at the 4th place position behind Nougat, Marshmallow, and Lollipop. There’s no denying this is a pretty sluggish speed for rolling things out (but to be fair it’s 0.4% ahead of where Nougat was during it’s growth phase).

So the trends show that new Android versions typically take more than a year to become the most used release, but this begs the question of why? Oreo offers some pretty cool new features such as picture in picture app usage and notification channels. Apart from battery life there aren’t too many reasons user’s would want to avoid upgrading to the newly offered software. But the issue is that it’s not actually offered to all users. There have been rollout calendars following which phones have adopted Oreo since it’s release, and the list of devices has grown slowly up until this month.

It’s Not The User’s Fault

A large part of why device updates are so slow is how fragmented the Android market currently is. Manufacturers often won’t bother with updating older pieces of hardware because it takes time and energy on their part that isn’t being put towards everything new. The end result is user’s being left high and dry. Even some new devices are hesitant to adopt the new software until it’s tried and true. User’s are able to flash their devices and test out other softwares if they so desire, but it’s not exactly mainstream to do so (as cool as it is!)

The bright side is that if you look at things over time they’re starting to ramp up exponentially. 5 months ago Oreo’s adoption rate was hovering around 1% (5 months after it’s release). Things were looking abysmal then even compared to other version’s growth rates, but thanks to a wave of updates this past month things are starting to look back on track.

Statistics Aren’t Perfect

It’s also important to note that the Android Developer dashboard I linked above relies heavily on Google’s Play Store to collect its data. This means that not every device running a version of Android is actually being accounted for in these numbers. The Play Store currently isn’t available in China (A $35 billion/year app market to be missing), and there are a few other factors at play attributing to uncounted devices. All the same it’s clear that Oreo is at about the same speed of rolling out as Nougat was, and we’ll likely see it enter the top 3 within the next few months. I for one am already looking forward to Android P though 🙂

Have you gotten Oreo on your device yet? What are your thoughts on either it’s performance or it’s rollout speed? Let us know in the comments below!

Apps Need Room To Breathe!

Share if the site was helpful

Apps Need Room To Breathe!

Android is a complex operating system.  There’s a lot more variable when developer for Android.  Things are unpredictable when it comes to knowing what phone your user will be on.  There’s literally no limit to how many different kinds of phones could be running Android on a given day.  If you don’t know what you’re doing this can be dangerous for your layouts.

How so?  Doesn’t everything work the same from phone to phone?  Well, no actually.  Things function very similarly, but different phones have different characteristics that can drastically change a user’s experience.  Take screen size for example.  You could design an app and have one user download it on a phone with a 4’’ screen and another on a 6’’ screen.  This may not sound like a huge difference (2 inches is rarely a big decider life), but when it comes to a screen size that’s literally 50% more screen space on one device than another!

How things can go very, very wrong:

If you don’t take different screen sizes into account, then users will most likely miss out on important info. When you’re first learning about how to develop Android apps you’ll most likely use LinearLayout a lot to organize your apps.  This layout takes one view (text, image, button, etc.) and then lines up the next one in a list side by side.  Or you can change it to go vertically.  Either way the end result is a neat row/column of views.  Here’s an image to help you visualize:

But what happens if when your developing you only test the layout on your phone (let’s assume its huge).  Things may look great to you, but when you publish the app and someone with a smaller phone uses it this is what they might see:

How we can prep for things to go very, very wrong:

Trust me as I made this mistake on the first app I ever published: It’s not a fun mistake to make.  Your app is a work of art.  It’s something that you created from nothing and want to show off to your friends, family, and the world.  So when you have someone download it and instantly their greeted with a funky looking layout…well it’s not the best feeling.  Luckily, we can learn from our mistakes and prep for them in the future!

There are situations where you want to use LinearLayout and there are situations where its best to avoid it.  Sometimes you may want to keep the row/column but add scrolling capability to it instead.  Android developers have experienced all these scenarios, and that’s why there’s more options than just LinearLayout.

Layouts like ConstraintLayout and RelativeLayout allow you to position views in relation to one another as well as to their parent.  So you could position pictures on your screen to “attach” to the right or left side, and make your layout look a lot more professional.  That’s of course just the tip of the iceberg though.  There are different screen densities to account for when choosing what images to use.  And you can also have portions of your screen appear/disappear by using fragments. Don’t worry we’ll have posts on both of these topics coming up soon!

If you’re interested in learning more about styling your apps for different screen sizes and how to make your layouts ready for professional use, checkout Phonlab’s Android App Developer course!

 

The Six Degrees Of Activity Lifecycles

Share if the site was helpful

The Six Degrees Of Activity Lifecycles

As an Android developer, one of the most fundamental concepts that you’ll learn about is Activities.  Activities are a Java class that focus on a single thing that users can do.  Many involve user interactions, and in most apps on your phone you can think of each page of the app as an activity.  Open Gmail and see your list of recent messages? Activity.  Click on one of those messages to open it in a new page?  Activity.

Activities are everywhere in Android development, yet many developers that are just starting out don’t fully understand how they function.  You might be able to get by without a full understanding, but this can be lethal to your app as it expands and becomes more complicated.  Lack of understanding opens up Pandora’s box for things to go wrong with memory leaks and debugging errors down the road.

Diving In:

So let’s take a blog post to discuss the Activity Lifecycle in a little detail.  We won’t get stuck in the weeds, but cover the basics enough that you understand what’s going on under the hood and can prep for smooth app development.

Just like humans have a lifecycle from birth to death, apps have a lifecycle they follow from when their first launched to when the user closes them.  There are six methods that can be called to change the state of an activity in Android:  onCreate(), onStart(), onResume(), onPause(), onStop(), and onDestroy().  At first glance these may seem similar if not identical to one another, but understanding the differences is key to a successful user experience.

onCreate():

This is the first of the 6 lifecycle methods called in an activity, and its invoked when (you guessed it) the activity is created.  In this method startup logic that should only happen once during an activity’s life takes place.  Examples of this might be to bind data to a list, or to instantiate class-scope variables.  The bottom line is that this is called once and only once.

onStart():  

Immediately after onCreate() comes onStart(). The start state of an activity occurs when it is made visible to the user.  This is where logic goes to prep the activity to enter the foreground and become interactive.  In other words the User Interface (UI) is taken care of here.

onResume():

Yes I know, it’s three different methods whose names make it sound like they all do the same thing.  Here’s the key difference with onResume() though.  onResume is called when an app has already been created and comes into (or back into) the foreground.  An activity is constantly interactive as long as it’s in the foreground for the user.

But what if your app includes a pop up message over the activity?  Well now that pop up has the foreground.  Your activity from before will enter the onPause() state (keep reading!) until that pop up goes away.  Once it does your app will resume, and thus the onResume() method will be called again.   For example, let’s say your playing a game and an alert interrupts it.  Obviously we don’t want the game to keep going when the user can’t see it, because that would be incredibly frustrating when the user returns and finds out they died while they were way.   So we call onPause() when an activity loses focus and certain resources need to either be cleared or put on hold.

onPause():

There’s really not too much more to this one other than what I said before.  It tags in and out with onResume() to create/delete resources when needed depending on if a user has focus.  It’s where the magic happens if you do things right, and where things go noticeably wrong if you don’t.

onStop():

When your activity is no longer visible, it has stopped.  This is different from onPause() in that your activity is entirely shrouded.  Instead of a pop-up that might cover half of the screen, a new activity may have taken place and covered your current one completely.  This is essentially where the app has can completely remove unused resources that the user won’t need when returning to the activity again.

onDestroy():

And finally comes our 6th method that wraps everything up.  This is called right before an Activity is destroyed, and as such you want nothing left hanging around.  If you forget to close up a loose end in onDestroy(), your app may begin to suffer from memory leaks and eventually bog things down.  Bottom line is that all resources should be released here if they weren’t in onStop().

These 6 methods essentially bounce the user between the two states of in the user’s foreground and in their background, but there are intricacies that go a lot deeper between them.  As such properly knowing when to implement each of them can be a life saver for your apps, and a huge time saver for you when you’re building things out and want to know what’s going wrong.

If you felt lost at all along the way of this blog, then you should check out Phonlab’s Android App Developer Course!  It’s a great way to go from writing your very first line of code up to publishing our own apps on the Play Store.

Making Material Design Work For You

Share if the site was helpful

Making Material Design Work For You

So you’ve built an app.  You’ve come up with a million dollar idea and you’re ready to build it and market it to the masses.  The concept is there and you know enough to develop it.  But does it look…good?

There’s a lot more to that one simple question than we initially see.  No matter what your app has to offer the world, people aren’t going to keep coming back to it unless it has a well designed interface.  This means that things should be both pleasing on the eyes and easy to use.  Users should find themselves knowing exactly where to look when they want something to happen.

So how can we design such an app?  There’s full courses for this one concept that you could enroll in, but here are some key highlights to making your app pop:

ConstraintLayout:

If you’ve taken intro to Android programming courses before then chances are you’ve done a little design with LinearLayout and RelativeLayout.  These are simple ViewGroups that you can use to organize the images and text on a user’s screen.  While these are useful at times, if used improperly they can start to bog down your app (learn why here!).

ConstraintLayout offers a more efficient way to group your apps exactly how you want them on your screen.  You can group your images in relation to one another on the screen or choose to position them a percentage away from your edges.  Really if you can think of a way you want to organize things, chances are there’s a way to do it with ConstraintLayout.  And without hurting your performance too!

Surfaces:

A simple way to think about the surfaces in your app is in terms of pieces of paper being stacked upon one another.  You can have views side by side or on top of one another, but however you organize things you want the user to know what’s important and what’s just extra.  Changing the elevation of your surfaces can bring what your want to the forefront and control where the user is looking.  It’s sneaky, but it makes a world of difference. 

By raising the elevation of a view a bit it begins to cast a shadow onto the views below it.  This way the end user gains a 3D perspective of what objects are closer to them and thus deserve attention.  Things like Floating Action Buttons (FABs) have this built into them already.  Use them wisely thought, as overcrowding your screen with elevated views can make it just look crowded and sloppy.

Custom fonts:

Style runs deep.  Deeper than just picking a font that you think looks neat.  Fonts with a very static and bold tone can give off the impression that your app is serious.  This can be great if you’re making something like a banking app that wants users to take it seriously and see it as secure.  But if you use one of those fonts with an art app it will be very unrelatable.  Likewise if you have a security based app that has fancy cursive writing users will naturally assume that the creators cares more about looks than performance and may lose faith in it.  Obviously I can’t pick for you, but I can tell you the decision matters!

Transitions With Motion:

As I said earlier your user should know what to do without even thinking about it.  This is where transitions and motion can come in handy.  Take for example a list of songs that a user can scroll through.  Well, if your user doesn’t know much about the app and their screen just so happens to load evenly (aka there are no songs cut off at the bottom), they might think they’re already looking at the whole list.  This would be tragic as they wouldn’t know to scroll down and might assume you just don’t have many songs available.

To fix this you could design your app so that when the list appears it slides in from the bottom of the screen.  This way the user sees it scroll a little upon launch, and their pattern recognizing brain will naturally assume it can keep scrolling.  It’s small, but given the right situation the impact can be huge.

What do you look for in an app when you download it?  Or more importantly what have apps lacked in that made you think twice about keeping them?  Let us know in the comments below!

Keeping Your Keys Safe

Share if the site was helpful

Keeping Your Keys Safe

At some point in your app development career, you’ll create an app that has secrets.  By this I mean there will be keys inside that you want to keep secure from prying eyes.  If someone else gets a hold of your private info, the results could be disastrous (or expensive).

Let’s say your app uses Amazon Web Services and your monthly bill runs about $350 a month. That’s fine because you’re making the money back through app usage.  That is, until a 3rd party gets a hold of your secret key and decides to use it for their own purposes.  Then when your next bill comes due you find that you’re being charged for $50,000.

Not an exaggeration.  This exact scenario actually happened.  So the lesson is painful but memorable: secrets should be kept secret!  Let’s use this blog to talk about a couple ways people tend to store their keys and what you should avoid.

Avoid pushing keys to github:

I’ll start with what may sound obvious.  That sight that you put all of your code onto so that people can publicly view it?  Yeah, don’t put your secret keys up there.  This sounds obvious, but recent studies have shown thousands upon thousands of keys are available on public git repositories.  It’s possible your using a free service and don’t care, but if you’re being charge even a dollar for the service you’re using, keep it close to your heart.

Storing keys as basic Strings:

DON’T DO THIS!  Storing a key as a simple string is just asking for trouble.  There a couple issues behind this, but first and foremost is that it’s incredibly easy to access.  If you read our primer on reverse engineering apps then you know that it’s possible for 3rd parties to decompile your app and look at its code in its (almost) original form.  Storing a key as a string means the hacker just has to glance over your code and look for something that looks like a key.  Then it’s theirs and they can do what they want until you change it. 

Defining keys in build.gradle:

This is better than storing your keys as Strings in any old file, but the end result is unfortunately similar.  A lot of people put their keys in build.gradle in such a way that it’s created in the BuildConfig file of your app.  The bright side is your gradle file isn’t decompiled along with the rest of your app, so secrets are safe in there.  The downside?  Well, that BuildConfig class they were just created in isn’t as secure.  Again, our Strings are exposed in a very simple to access way.

Securing keys with Android NDK:

Let me take a second here to say something important: There is no such thing as absolute security.  If you’re going to have a secret in your app, all you can truly do is make it incredibly difficult to find.  Take the proper precautions to keep things safe, and a hacker will have to decide if it’s worth the time/energy to get to whatever is hidden.

With that said, the Android NDK (Native Development Kit) can help us use C and C++ code with Android.  Why would we want to do this?  Well for starters NDK libraries can’t be decompiled, so the information inside is a lot harder to find.  There are ways to access this code all the same, but we won’t go into them here.  It’s not perfect, but this will throw quite a few entry level hackers off your tail.

Make your code complicated:

This one again goes to what I said earlier about complete security.  It won’t happen, but you can make a hacker’s life hell by making your keys as hard to read as possible.  Let’s take a very basic example:  If your key was 123456, instead of storing that, you could make it the sum of the strings “12”, “34”, and “56”.  How you can break this up depends on how creative you can get, but there really isn’t a limit.  It just means more work for you both upfront and down the road to ensure you understand everything your code is doing.

Keeping keys safe is crucial for a large apps success, so you need to take precautions to avoid disaster.  If you have any suggestions for great ways to hide Strings inside your app let us know in the comments below!