Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
So I recently published an app that I made with App Inventor. It is a very simple App. However, I have received complaints that it is marked to have Viruses or Malware by multiple Android Security Apps on other people's phones. However, I am not really sure why. I saw a thread similar to mine, except he actually wrote the physical code for his app, he didn't use App Inventor. My Android app is reported to have a virus
I'm confused because I truly didn't put anything in the app that would harm any device. Does it have something to do with App Inventor? I've downloaded and used the app on many devices and it works perfectly fine.
Thanks!
All apps made by AppInventor look a lot alike, and there's a ton of boilerplate code. If a malware analyst was lazy or in a rush, it would be easy to write a detection signature that was too broad and hit on most AppInventor apps. This is my guess.
Also, once an AV company says your app is malware, others will assume it's true and write detection signatures for your app as well, with even less scrutiny than the original analyst.
I've analyzed malware made with AppInventor and personally know how difficult it is to write concise signatures for it. ;)
You should contact the company directly and explain your situation. You can periodically upload your app to VirusTotal to check if it's been removed from their signature databases.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 months ago.
Improve this question
I don't know if it's a stupid question but there are lots of free public APIs in this github repository: https://github.com/public-apis/public-apis
Is it safe to make apps with such free APIs and publish them in play store, app store? What I mean is that maybe the person who created the API will make a mistake and send an image for adults against the rules. Or can they complain for copyright reasons? I mean, I don't question the reliability of APIs of huge companies like Riot games. I'm mostly wondering if it's okay to use APIs from indie developers?
I've heard that many people play console and apple developer accounts have been closed. I was wondering if using the public API can cause our developer account to be terminated due to a mistake or complaint. Or should we not use free public APIs just in case?
No it is not safe to do so. You're trusting that some random code written by some random person works as expected, is secure, is well written, and isn't malicious. Would you trust your safety and security on that? If I handed you a file and told you "trust me, it isn't a keylogger, run it on your computer" would you do that?
Heck, look at major scandals of the past few years like leftpad (when a developer deleted a very commonly used library from github, and caused everyone who used it to stop compiling). Or there was an instance where someone inserted a Christmas time easter egg a few years back and websites started snowing. You can't just trust them.
I'm not saying that you can't use any github library. But be smart about it. You should only consider it under 3 conditions:
It's from a source you trust. Google probably isn't going to purposefully put a trojan in their code. Similar for other large orgs.
It's a well known, highly used library. Of course even this isn't perfect. People have managed to slip exploits into open source before.
You've security audited the exact version of the library you plan to use.
If it passes one of these 3, it's probably ok. But if it hasn't, you shouldn't touch it with a 10 foot pole.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 years ago.
The community reviewed whether to reopen this question 1 year ago and left it closed:
Original close reason(s) were not resolved
Improve this question
I came across an application named GBWhatsapp.It is developed by some unknown people and there are many sites from where you can download the apk. It's not officially on playstore for some reason.
It was a big surprise to me to see that using this app I can actually chat with the people who are using official WhatsApp application.
I did Some googling and found out that it is a Modded app of the original whatsapp application. It is built on top of the original application. Means some people/developers/engineers decompiled the original apk and inserted their code and published it with another name.
My Question is, Is Whatapp APK is so much less secure that some engineers were able to decompile it's java code succesfully? and they provided a lot of new features which are not there in original app?
I know apk can be decompiled but if the original developers team has obfuscated the code (proguard etc). then it's almost impossible to reverse engineer the java code. how did this happen?
Also, If it not a modded app. means they build their own app which is similiar whatsapp, then how they are able to send messages to the official app
Is Whatapp APK is so much less secure that some engineers were able to decompile it's java code succesfully? and they provided a lot of new features which are not there in original app?
Whatsapp for Android contains both Java and native code. Code obfuscation makes it difficult for an attacker to understand the code, but does not prevent decompilation and modification on its own. In order to prevent that, Whatsapp developers should had used additional tools providing runtime self-protection.
how they are able to send messages to the official app
There are several ways to do so. First, is that indeed they could have modified the original app. Alternatively, they could have figured out the network protocol and implemented that in their app. As soon as the network protocol is clear, you don't have to have an original app anymore, unless it uses techniques to only authorize messages from the original app.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I know how to design and develop android application which works offline.But now i want to move towards dynamic android app,which works totally online like facebook,quora,newshunt.Where should i start please give me a way.
Thanks
I personally am completely self-taught when it comes to android, and, well, its been a journey.
For me, a big turning point was
"http://www.androidhive.info/2012/05/how-to-connect-android-with-php-mysql/"
It really gives you a good idea of what it takes to create an app that is connected to the internet, and it isn't hard to implement yourself. Mind you, before, you were working with just android, but once you integrate network connectivity and a server backend, the levels of complexity multiply.
If you're a solo-developer, just getting started, the Google App Engine does a pretty good job of making everything very easy to use, so I might recommend that. It has a free trial of all their cloud services which is $300 for 2 months.
https://cloud.google.com/appengine
Amazon AWS also is attempting to create a similar system, but they are seemingly geared to more enterprise-level operations.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
I want to run many apps on the same emulator at the same time. Then get the i/o streams of these apps, and allow them to be controlled to through web browsers, or an applet.
Is it possible?
Basically, I want to build a similar service like Amazon that allows user to see apps running on emulator through browser. Now, if only one activity is shown on the screen at a time, I would need to create a emulator for every user. That wouldn't be feasible. So I need a workaround. And if multiple apps could be run on emulator and their I/O could be programaticaly handled, it would solve the problem.
You can't do what you want to do. In Android, you can run several applications at the same time, but only one at a time will be on the foreground (visible to the user). But yes, you can have several applications running in the background syncing, downloading data, logging stuff, etc.
For what you want, you might consider using live android project as it is a much lighter solution to run.
It seems the one Pedro Loureiro posted is about to (or is already) stopped production. Right now the best program for this job would be this: link.
Yes, that's why you also have task killers.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I read that Google App Inventor went live, not just invitation today. If I make an app with Google App Inventor is there some way I can sell it? Thanks.
edit: when you create something you do you keep it on your computer like an executable? I don't have android phone but I thought I could still make something for it. (seems to be answered by faq Can you share project code with other App Inventor users?)
Some folks have got App Inventor apps into the Market. They had to mess with the apk.
The apk does not have some of what the Market requires.
It's a complied apk that works with a Scheme engine on the phone.
I'm a moderator on their forums. Come ask there. It's a friendly bunch.
(well most of us. I sometimes slip ;-))
Gary
http://appinventor.googlelabs.com/forum/
http://www.theairepository.info/
From the faq:
Currently there are technical
limitations preventing an App Inventor
app from being uploaded to the Android
Market, but we are actively working to
resolve this.
It's probably due to the fact that it doesn't generate Java source code. Doesn't mean that you can't use other app markets though...
If you google apptomarket you will find a program that will edit the apk for you. You enter your certificate details and then you change the settings in the apk like the version number, change the app name, make it resizeable, icons, and orientation. Then you package it for the android market. I have used it already and haven't had any complaints yet. It is easy to use and its free. What more could you want.... apart from an iphone version of the app inventor but me thinks that Steve Jobs would hunt me down for just thinking of such blasphemy, oh well.