Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 months ago.
Improve this question
I don't know if it's a stupid question but there are lots of free public APIs in this github repository: https://github.com/public-apis/public-apis
Is it safe to make apps with such free APIs and publish them in play store, app store? What I mean is that maybe the person who created the API will make a mistake and send an image for adults against the rules. Or can they complain for copyright reasons? I mean, I don't question the reliability of APIs of huge companies like Riot games. I'm mostly wondering if it's okay to use APIs from indie developers?
I've heard that many people play console and apple developer accounts have been closed. I was wondering if using the public API can cause our developer account to be terminated due to a mistake or complaint. Or should we not use free public APIs just in case?
No it is not safe to do so. You're trusting that some random code written by some random person works as expected, is secure, is well written, and isn't malicious. Would you trust your safety and security on that? If I handed you a file and told you "trust me, it isn't a keylogger, run it on your computer" would you do that?
Heck, look at major scandals of the past few years like leftpad (when a developer deleted a very commonly used library from github, and caused everyone who used it to stop compiling). Or there was an instance where someone inserted a Christmas time easter egg a few years back and websites started snowing. You can't just trust them.
I'm not saying that you can't use any github library. But be smart about it. You should only consider it under 3 conditions:
It's from a source you trust. Google probably isn't going to purposefully put a trojan in their code. Similar for other large orgs.
It's a well known, highly used library. Of course even this isn't perfect. People have managed to slip exploits into open source before.
You've security audited the exact version of the library you plan to use.
If it passes one of these 3, it's probably ok. But if it hasn't, you shouldn't touch it with a 10 foot pole.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 years ago.
The community reviewed whether to reopen this question 1 year ago and left it closed:
Original close reason(s) were not resolved
Improve this question
I came across an application named GBWhatsapp.It is developed by some unknown people and there are many sites from where you can download the apk. It's not officially on playstore for some reason.
It was a big surprise to me to see that using this app I can actually chat with the people who are using official WhatsApp application.
I did Some googling and found out that it is a Modded app of the original whatsapp application. It is built on top of the original application. Means some people/developers/engineers decompiled the original apk and inserted their code and published it with another name.
My Question is, Is Whatapp APK is so much less secure that some engineers were able to decompile it's java code succesfully? and they provided a lot of new features which are not there in original app?
I know apk can be decompiled but if the original developers team has obfuscated the code (proguard etc). then it's almost impossible to reverse engineer the java code. how did this happen?
Also, If it not a modded app. means they build their own app which is similiar whatsapp, then how they are able to send messages to the official app
Is Whatapp APK is so much less secure that some engineers were able to decompile it's java code succesfully? and they provided a lot of new features which are not there in original app?
Whatsapp for Android contains both Java and native code. Code obfuscation makes it difficult for an attacker to understand the code, but does not prevent decompilation and modification on its own. In order to prevent that, Whatsapp developers should had used additional tools providing runtime self-protection.
how they are able to send messages to the official app
There are several ways to do so. First, is that indeed they could have modified the original app. Alternatively, they could have figured out the network protocol and implemented that in their app. As soon as the network protocol is clear, you don't have to have an original app anymore, unless it uses techniques to only authorize messages from the original app.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
So I recently published an app that I made with App Inventor. It is a very simple App. However, I have received complaints that it is marked to have Viruses or Malware by multiple Android Security Apps on other people's phones. However, I am not really sure why. I saw a thread similar to mine, except he actually wrote the physical code for his app, he didn't use App Inventor. My Android app is reported to have a virus
I'm confused because I truly didn't put anything in the app that would harm any device. Does it have something to do with App Inventor? I've downloaded and used the app on many devices and it works perfectly fine.
Thanks!
All apps made by AppInventor look a lot alike, and there's a ton of boilerplate code. If a malware analyst was lazy or in a rush, it would be easy to write a detection signature that was too broad and hit on most AppInventor apps. This is my guess.
Also, once an AV company says your app is malware, others will assume it's true and write detection signatures for your app as well, with even less scrutiny than the original analyst.
I've analyzed malware made with AppInventor and personally know how difficult it is to write concise signatures for it. ;)
You should contact the company directly and explain your situation. You can periodically upload your app to VirusTotal to check if it's been removed from their signature databases.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I'm developing an Android app and publishing it in Google Market. The problem is that the difference between v1.x and v2.x is huge, and like most products I wouldn't like to automatically provide Major upgrade for free for user of v1.
Is there any way to "separate" the payment for v1 and v2, and provide "upgrade license" for users of v1?
I must say admins on this forum are idiots, closed for a reason: "Questions on Stack Overflow are expected to generally relate to programming or software development in some way". How is it not related to software development? :)
Upgrades nope; kind of irritating that the market has no option for coupon codes or developer discounts etc. but that's the way it currently is.
Kind of a hack, but you could leave the name the same and add Pro or Plus and change your package name so for instance
com.myapplication.v1
becomes
com.myapplication.v2
Then to promote it you can use admobs inhouse promotion facility (assuming you have put admob v1) it's not perfect but it would work, then just turn on the add when you are ready with a new version.
An alternative is to structure the newer application so that the new features are in app payments, that would probably be the most user friendly approach, let them use them for N days then shut them down and offer the users the ability to pay for the newer features
I have also not looked at their licensing service much, it might be possible to do something with that I suppose but I suspect not.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
As a thesis for my graduation I'm going to start an open source project: My idea is to port a complete set of mathematical libraries to Android, to perform numeric and symbolic operations, in the form of a programmable calculator like matlab or sage.
I want to release this project under GPL, because I believe that ideas need to be free to work, but I also know that i will spend a lot of money to buy multiple device to do debug and fine tuning.
I thought about selling the prepacked app on the market for 0.99, while giving the source to compile on the site for free. It would be like a small tax on laziness.
What do you think? How do you think I could fund this project?
Note: Feel free to correct my poor grammar and remove this note.
Making money out of open source projects is not an easy task, but it is possible. Clojure's creator Rich Hickey made a wonderful post covering ways to do it. Good luck.
check out Pledgie. There are thousands of open source projects on there, which are getting funded.
http://pledgie.com/categories/open-source
Probably you are already done with your master thesis' , but still though I love the question. I think that open source projects that have more or less an link to academia, there is another opportunity to fund it. National funds are often financing projects, often these are PhD projects but I would assume that there are also possibilities for master thesis' projects.
Another possibility is to try to find a commercial sponsor. As long as you do not need to make a living out of it, it should be comparatively easy to find a company to pay a couple of devices (maybe even HTC, Samsung, Google or any other droid phone manufacturer).
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 9 years ago.
Improve this question
Good afternoon,
with all the buzz around the iPhone / AppStore etc, I felt it to be a no-brainer to create a nice iPhone application for the web-application I've been putting together, but how's your experience with the Android Platform so far - is it interesting already from a sales & user-volume?
I've had a quick look at the T-Mobile G1 and from an end-user perspective I didn't think it is all to appealing and to me it seems it'll take a while until all this takes off.
Does anyone of you already have an or multiple apps finished for the platform? How's your take on this.. are sales lower/higher than you expected them to be? Is it worth investing the time & money (right now) to build an android version of my app? Being 'worth' obviously is a very flexible term and depends on someone's point of view, but basically right now every hour I don't work on the webapplication itself basically 'has' to pay off fairly quickly.. and that's why I'm reaching out for some real-life experience.
Cheers and thanks,
-J
Regarding making money by charging for your applications:
"Starting in early Q1, developers will also be able to distribute paid apps in addition to free apps."
[Source: http://android-developers.blogspot.com/2008/10/android-market-now-available-for-users.html ]
I have studied the API of both platforms. If I went to make a two-sentence comparison, I would say that:
iPhone focuses on providing a consistent user experience.
Android focuses on providing freedom to developers to implement or improve whatever they want.
You should also consider weather your particular app benefits from either. E.g. is it text-entry heavy (android) or browsing based (iPhone)?
Is it suitable as an add-on to a basic app, e.g. maps? (android)
AFAIK it's not possible to publish "non-free" application through Android Market right now. All apps in AM are free at the moment.
Though Google is working on this feature intensively and release is expected soon.
My experience is that Android is pretty much a beta platform at the moment, even if Google doesn't want to admit it... I reckon if you want to sell your Android apps for money, you should probably wait a little bit until the whole platform stabilizes and gains more users (and of course, Google introduces non-free applications in Android Market).
But you could start the development now.
Yeah that's my conclusion after another day of digging and searching, too. I'll get myself accustomed to the platform every now and then but not pursue it extensively just right now.
Thanks!
According to Shopsavvy in their first 75 days, more G1's have been sold than iPhones.. Just a thought to consider.