This will be a tricky one, I don't know it's even possible. So I am writing an application ,where after login the user can have access for some sensitive data. If the user belongs to a VIP group than she has access to more sensitive data (such as market reports). In order to provide maximum security we want to extract VIP related code (activity, layouts, backend calls) and only download, when a user really need it.
The solution should be native android, so opening a webView within the app is not a solution for us.
I am looking for something such as "Android Instant Apps", but we have to be independent from Google to provide our own service.
Any idea?
Extract functionality into a separate JAR file, convert it to DEX and load dynamically using DexClassLoader.
There are plenty of questions at SO which covers the topic. For example: https://stackoverflow.com/a/6860579/648313
Related
We are working on a secure app in which we share secure data with corporate users. Since the data needs to be secured and the user shouldn't be able to copy the data.
The issue is, using Samsung Knox, we can disable copy-paste for all apps and also block clipboard sharing between apps(https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/restriction/RestrictionPolicy.html#allowClipboardShare(boolean))
but the issue is: this is not what we want.
What we need is: users should be able to copy text from our app and use it internally in our app. but the same copied data shouldn't be accessible to other apps. and text copied in another app should be accessible to our app.
mostly this app will be having web views.
Any options I can manage this? any mechanism we can implement our own copy-paste context menu or something?
Any inputs...??
Android Enterprise has a policy that can limit clipboard sharing between the work and personal profile: CrossProfileCopyPaste.
It is not exactly what you are asking for because this will allow to use the same clipboard within the work profile, but you cannot copy content from the work profile to the personal one.
Create SEAMS container on Samsung device and apply restriction for Clipboard share. This is same concept from Linux where apps are added to categories and we can define granular policies.
https://docs.samsungknox.com/dev/knox-sdk/container-seams.htm
https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/seams/SEAMSPolicy.html
While this have been deprecated since Android 30 its still working now and i hope Google shall provide similar policies in Android in future.
I want to make an application which has a button and when it is clicked, i want to open another activity using intent and display the pdf file reading it from the local server in the phone.
But i am new to the server part of it. so it would be really helpful if someone could just eduacte me about that since am completely new to the server side.
Your question doesn't provide us with enough details towards what you want to do.
Are your users uploading these PDFs and then viewing them within the app? Does the "server" implementation for your files have to handle different users for these files and provide authentication?
There are several different ways you can handle storing and accessing files in a "server". This is often referred to as the "back-end" component of your app.
If you need to handle user authentication and users uploading and accessing these files parse.com's android sdk is a really simple and easy way to prototype and get into this with a relatively easy learning curve. parse.com starts you off with a free plan and this can get you by for a long time. They start charging for api requests when you go over 30requests/sec or go over their 20GB of provided storage for their free account (see here)
Parse isn't the only provider of such services but I've used them before and find their SDK to be very simple and easy to use. The fact that you can use them for free (with limited resources) makes it great for prototyping or small apps. Firebase is an interesting one as well.
You could learn about servers and setup your own implementation for your users and files. You could purchase your own online storage solution or server. You could use libraries such as Square's OkHTTP (Github link) to speed things up. Doing a custom implementation would definitely be interesting and opens up the playing field so you can use many different languages and frameworks to get to your goal.
If I'm making an Android app (such as a messaging app), and I want the app to be opened up so that other developers can make extensions (i.e. connections to other messaging sites/protocols, additional features, custom UI), what options do I have available to me to do this?
The answer to this question makes it seem like if the other developer makes their own app, my app is able to pull data from it? Is this the direction I should be heading in?
I know such extensions are possible, because I've seen it with other apps, such as the file manager FX that has "add-ons" called "FX Plus" and "FX Root Access". So, basically, how can I also get add-ons/extensions for my app?
Options I am aware of:
Intent API can provide some functionality (You can give developers ability to send commands and data to your app). For example you can accept some kind of XML and build your UI according to it. It's slow process, but you can create some hacks to speed it up. documentation
Content provider you can give other developers ability to work with data of your app. Databases, photos, videos. You can share your's and you can accept new ones.
documentation
AIDL Service never used it myself but sounds promising. documentation
I've never made a game for a mobile so I'm not really sure what the proper convention for level info is. Basically I'm thinking that I include an xml file that I add to local diskspace for the app then load the level details (item positions, etc) from that xml file, this way when I have to update the game, add more levels, I only have the users download a small xml file. Is this method secure or are there other ways of doing this?
The security features on the BlackBerry can be pretty complicated, check out the second half of this article for a good summary of the various security features available:
http://programming4.us/mobile/2694.aspx
Here are some official BlackBerry docs on the topic too:
http://docs.blackberry.com/en/smartphone_users/deliverables/1487/Security_26381_11.jsp
FYI, most of this information concentrates on protecting data from unauthorized users, or from other malicious apps. Personally I wouldn't be too concerned about a sophisticated hacker changing my XML, unless I was giving away prizes for achievements!
Regarding file access:
Every Android App runs in it's own sandboxed environment with it's own system username. Data downloaded or residing in it's directory can not be read from other apps.
Google Developers on Security is worth reading.
In code, you can easily use
this.getFilesDir()
From within an activity subclass.
If a device is rooted or someone uses the adb shell from the sdk to access the app data directory, of course, he will be able to manipulate it, I assume.
I like to make an android app which helps the user to share and send data from application to pc. How i can start doing this. Please help
Regards
Mohammed Suhail.
Everything is possible, but wouldn't this be re-inventing the wheel a bit ?
Unless your use-case is really specific to your domain, I would consider something like Astro or Dropbox (that has a very nice Android app) that lets user share whatever data is stored on their phone with their desktop and vice versa.
Doing custom development for this involves proper user authentication & authorization (both on phone and one backend website), user management, sharing capabilities (if required), file syncup, ....
Depending on your needs, a lot of third party apps already offer these kinds of services.
Instead of developing this yourself, I would suggest checking out third party apps that might offer you the ability to integrate with them from your own custom app.