Android Dev - Weekly Who's Hiring Thread - May 24, 2021

We're working in an application that has the normal MVVM architecture, single-activity and a few fragments. We're using the Navigation Component to glue everything, between fragments and also with a Bottom Navigation bar.

Each time we navigate between fragments, nothing is preserved. I'm trying to work this so we don't have to call the services each time a fragment is reached (for example, the dashboard with a RecyclerView and a couple of TextViews with information), so the information stays, and also the position at the RecyclerView, and the same with the rest of the fragments.

Did anybody manage to make this work somehow? I tried to use the data in the LiveData, but it doesn't work :(

Thank you for your time!

submitted by /u/adolpwned
[link] [comments]

[KMM/KMP] I'm want to make a simple cross-platform project. Any things to consider?

Posted: 24 May 2021 12:53 AM PDT

I've been writing Android apps for about 2 years now, both as a hobby and professionally. Right now I'm fiddling with KMM for an iOS and Android app, but want to extend the project to desktop and maybe web in the future, but I did not find any posts, tutorials about this.
I know that KMM stands for Kotlin Multiplatform Mobile and is made only for iOS and Android. But for me, a KMM project (from Android Studio) is just a Kotlin Library that has build targets for iOS and Android. So for me it seems that you can simply add a build target for a desktop application and that's it, but I did not find anyone talking about this. Is this not possible from Android Studio?

If this is possible, could you recommend me some blog posts/tutorials about this? Or at least a sample project.

submitted by /u/stfmygod
[link] [comments]

Problem: Gesture conflict with MIUI 12 partial screenshot

Posted: 24 May 2021 04:21 AM PDT

I am creating a piano application for android and I stumbled upon one cool/disturbing MIUI feature I didn't know about before - partial screenshot.
Namely, when I simultaneously press 3 keys on my keyboard, the system steals the gesture and treats it as if I wanted to take a partial screenshot. I have no idea what to do about it. I noticed that Facebook, Reddit or Instagram apps somehow don't allow Android to intercept the gesture. I would be grateful for any help!

submitted by /u/krystiano353
[link] [comments]

How to Make a React Native Android App with In-app Purchases using RN-IAP package

Posted: 24 May 2021 07:41 AM PDT

It took me way too long to implement an in-app purchase to my React Native Android app, so I decided to make a fully-explained tutorial on how to do it - to save my future self and others the headache.

Video: https://www.youtube.com/watch?v=nLBoVrAMF04&ab_channel=DoableDannyDoableDanny Article: https://www.doabledanny.com/react-native-iap-example-android

The tutorial covers: - Making a simple app - Setting up your Google Play Console - Generating a release APK in React Native - Adding licensed testers so people can test purchase your app without paying for it - Adding an in-app purchase to our Android app and awarding the product to the user

Hopefully this helps a few of you out!

submitted by /u/DoableDanny
[link] [comments]

How To Secure Your Android App?

Posted: 23 May 2021 11:00 PM PDT

In this digital world, people use mobile apps for a wide range of purposes, from transfer of funds to investments, order food and groceries online etc. Security of mobile applications is one of the most prominent concerns. According to the study, 35% of communications over mobile phones are unencrypted. This shows that more than one third of data transmitted by mobile devices is exposed to threat.

The Android operating system has many built-in security features like application sandboxing, protection against buffer and integer overflow attacks and segregated memory areas for program instructions and data. When you develop a complex app, it is your responsibility to make it secure and protect the privacy of your users. Organizations should protect their apps while enjoying the benefits that these apps provide. Here we discuss the android app security best practices to refer while building your mobile applications.

You should also know the considerations to build mobile app at- 7 Important considerations when building a mobile app

Android App Security Best Practices-

1. Keep the native code secure-

So as to keep the native code secure, android app developers should use android SDK for mobile app development, instead of Android NDK. Whenever you collaborate with one of the developers, ensure that experts use Android SDK. When the native code is integrated during the development process, app receives data over the network. This can come from files or an IPC, that might be exposed to security factors. Hence you should secure the native code by using Android SDK during the development process.

2. Use HTTPS-

All communication between your app and servers must be over HTTPS connection, mostly using the HttpsURLConnection class. Many android users connect to several open Wi-Fi hotspots in public areas every day. Some of those hotspots could be malicious and malicious hotspot can easily change the contents of HTTP traffic to make your app behave in an unexpected manner or worse still, inject ads or exploits into it.

Using HTTPS, as long as the server is configured with a certificate given by a trusted certificate authority, like DigiCert or GlobalSign, you can be certain that your network traffic is secure against attacks. If app has huge networking code and you are anxious about the possibility that you may accidentally be sending some data as cleartext, you should consider using nogotofail, an open source tool built by Google to find such mistakes.

3. Secure The Data-in-transit-

Sensitive data that is transmitted from client to server should be protected against privacy leaks and data theft. If you lose a device, or it gets stolen, the whole application containing business data should be deleted. This ensures that important data does not go to the wrong hands. Selective removal of data enables the IT department or users to wipe off the company data in devices. It is recommended that use either an SSL or VPN tunnel, which ensures that user data is protected with strict security measures.

4. Encrypt Data On External Storage-

Internal storage capacity of android devices is generally limited. So, you you may have no option except to store sensitive data on external storage media, like, a removable SD card. As the data on external storage media can be directly accessed by both users and other apps on device, it is important to store it in an encrypted format. Most popular encryption algorithms among developers is AES(Advanced Encryption Standard), with a key size of 256 bits. Writing a code to encrypt and decrypt your app's data using package javax.crypto that is included in Android SDK can be confusing. So mostly developers prefer use of third-party libraries like Facebook's Conceal library, that are usually easy to work with.

5. Use GCM Instead Of SMS-

A while ago when GCM(Google Cloud Messaging), didn't exist, many developers were using SMS to push data from their servers to their applications. But now, this practice is largely gone. If you still doesn't switch from SMS to GCM, you must know that SMS protocol is neither encrypted nor safe against spoofing attacks. Also, SMS can be read by any app on the user's device that has the READ_SMS permission. GCM is more safe and is best way to push messages to an app because all GCM communications are encrypted. They are authenticated using consistently refreshed registration tokens on the client side and a unique API key on the server side.

6. Be Extra Cautious With Libraries-

When you use third-party libraries, be careful and test code thoroughly before using it in your app. However valuable as they are, some libraries can be extremely insecure for your application. The GNU C Library, for example, had a security flaw that could allow attackers to remotely execute malicious code and crash a system. And, this vulnerability went unseen for more than seven years. Developers should use controlled internal repositories and exercise policy controls during acquisition to protect their apps from vulnerabilities in libraries.

7. Use Authorized APIs Only-

APIs that are not authorized and are loosely coded can grant a hacker privilege that can be misused gravely. For instance, getting authorization information locally helps programmers to easily reuse that information when making API calls. It eases programmers life by simplifying the use of APIs. Also it gives hackers a loophole through which they can hijack privileges. Specialists suggest that APIs be authorized centrally for more security.

8. Code Obfuscation-

In the android app development process, source code should be protected. So developers should make it unintelligible for both decompilers and humans. During compilation, the entire operation must be preserved. Obfuscation process gives a code that is impenetrable. It uses the level of confidentiality for the intellectual assets and prevents reverse engineering. All the while, it improves the security of the Android application.

9. Secure The Server-

These days, server remains vulnerable to hackers. Mostly they try to attack the API of the server. This shows that you have to keep the server and API secure to keep away attacks. You can add a firewall for web apps or take code reviews that will help you to deal with this challenge.

10. Validate User Input-

With android, invalid user input doesn't generally makes security issues like buffer overruns. But, if you allow users to interact with SQLite database or a content provider internally uses a SQLite database, you should rigorously sanitize user input or use parameterized queries. It you failed to do so makes your data vulnerable to SQL injection attacks. Similarly, sanitization and user input validation is also important, when you're using user input to dynamically generate code to run on an embedded scripting engine.

11. Security And Confidentiality-

As a part of the AES (Advanced Encryption Standard), the encryption key should be of at least 128 bits. Reputed application developers use the pinning certificate and the hash key to support the security. It incorporates the returning of the complete request, that appears as a hashed string with a secret key. This string is compared by the server with request that it gets, verifying any modification or change in the process.

Some Other Security Measures-

Most of the security issues are due to issues during the development and configuration of android apps. For this,

Integrate security teams upstream, do a risk analysis and set up mobile security management approach on the project.
Identify the essentials concerning personal data protection
Identify relevant security standards and regulations
Analyse and monitor deployments of antivirus and firewalls on the phone that control illegal installation of code on device.
Use architecture standards of QWASP
For critical apps in sensitive locations, consider deploying a biometric authentication
Perform regular code reviews and in-depth audits
Customize factory default settings

submitted by /u/SolaceInfotech
[link] [comments]

Android Jobs Job Board maintained by Donn Felker

Posted: 23 May 2021 10:49 AM PDT

submitted by /u/throw_cs_far_away
[link] [comments]

Effective Kotlin Item 38: Use function types or functional interfaces to pass operations and actions

Posted: 24 May 2021 12:11 AM PDT

submitted by /u/KatarzynaSygula
[link] [comments]

What are some examples of unnecessarily making Android app development complex?

Posted: 23 May 2021 08:53 AM PDT

submitted by /u/jaroos_
[link] [comments]

Would it be an acceptable reason to leave my job in less than a year to pursue native Android development? I'm currently a Junior Mobile Dev using Flutter.

Posted: 23 May 2021 08:10 PM PDT

I really want to pursue native Android development but I already have a history of leaving a job in less than a year so I wanted to stay a bit longer in my current job (been here for 6 months now). But I really want to switch. My company is all in on Flutter. I was told during the interview that there are still plenty of opportunities to do native Android or iOS devt in the company but that turned out to be false. The company doesn't have any native devt work anymore because they already migrated every project to Flutter.

I feel like the longer I stay, the less likely I'll be considered for native work and I might have to start over as a junior from scratch if I stay for 3 years or so. If you're a part of a hiring committee, would you consider a junior who has previously job hopped for this reason?

submitted by /u/throwawaypoorartist
[link] [comments]

About cookies on Android

Posted: 23 May 2021 10:57 PM PDT

I have a question that, can any android application access any other Application's cookies data if the first application have no storage permission on my device or is it just possible that any application access other application's cookies data on Android??

submitted by /u/Techmeal
[link] [comments]

Realm or Room database?

Posted: 23 May 2021 07:53 PM PDT

Hey guys,

What database do you prefer using in your projects? Room or Realm?

One dev just said that Realm's a litte easiest syntax than Room. What's your opinion about that?

Thank you in advance!

submitted by /u/jluizsouzadev
[link] [comments]

Can I submit an update, while the previous one still under review?

Posted: 23 May 2021 12:02 PM PDT

Hi, I've submitted an update to Google Play this morning, now I would like to submit another update (because the previous one has a critical issue), can I?

submitted by /u/Heromimox
[link] [comments]

Guys,I need some advice !!

Posted: 23 May 2021 11:25 PM PDT

I have started my app dev with Flutter, now I realized its a waste of time. And now I started learning native android dev with java, now I'm thinking is it worth it to learn native app dev? or should I go for react native or something else 🙁 My purpose of learning app dev is to earn some passive income

submitted by /u/saicharansigiri
[link] [comments]

Professional deformation and Compose

Posted: 23 May 2021 01:05 PM PDT

Professional deformation is so professional: got asleep for a half an hour and dreamt I was saying to my 5yo son that if he doesn't behave I'll take away Compose from him and will make him write recycleview adapters and viewholders by himself...

submitted by /u/caesar_84
[link] [comments]

How to make a step counter with the Android Sensor.TYPE_ACCELEROMETER?

Posted: 23 May 2021 04:39 PM PDT

I want to make a step counter for my application. As you can see in the code, I will use 3 different sensors because some devices do not have TYPE_STEP_COUNTER or TYPE_STEP_DETECTOR. That's why I want to use whatever step counter sensor is in that device. Although there are no sensors used for step counting, I do not understand, how it can count Samsung health steps.

Anyway, my position is this; How can I count steps using TYPE_ACCELEROMETER. I could not find any articles or helpful resources about this.

 SensorManager sensorManager = (SensorManager) getSystemService(Context.SENSOR_SERVICE); Sensor countSensor = sensorManager.getDefaultSensor(Sensor.TYPE_STEP_COUNTER); Sensor detectorSensor = sensorManager.getDefaultSensor(Sensor.TYPE_STEP_DETECTOR); Sensor accelerometer = sensorManager.getDefaultSensor(Sensor.TYPE_ACCELEROMETER); if (countSensor != null) { Toast.makeText(this, "Step counter started.(TYPE_STEP_COUNTER)", Toast.LENGTH_LONG).show(); sensorManager.registerListener(this, countSensor, SensorManager.SENSOR_DELAY_UI); } else if (detectorSensor != null) { Toast.makeText(this, "Step counter started.(TYPE_STEP_DETECTOR)", Toast.LENGTH_LONG).show(); sensorManager.registerListener(this, detectorSensor, SensorManager.SENSOR_DELAY_UI); } else if (accelerometer != null) { Toast.makeText(this, "Step counter started.(TYPE_ACCELEROMETER)", Toast.LENGTH_LONG).show(); sensorManager.registerListener(this, accelerometer, SensorManager.SENSOR_DELAY_UI); } else { Toast.makeText(this, "Your device is not compatible.", Toast.LENGTH_LONG).show(); }

submitted by /u/emptyfiles
[link] [comments]

Line Graph using MpAndroidChart in Android Kotlin. How to achieve this type of graph functionality using this library. I asked in stack overflow but i didn't get the solution. Please someone know how to achieve this

Posted: 23 May 2021 02:53 PM PDT