This is just a general question for my information. I know how to create standard Android apps, but I was wondering: How is it possible/how do people enhance Android core functions and dig deeper into the system?
For example:
Let's assume I want to adapt the DownloadManager class, which is used by many apps. So, for example, one can adapt the class so that the download-text, which is displayed in the Notification bar under the download progress, is somehow changed.
Excuse me the following stupid questions, but I have no idea of these advanced topics, that's why I'm asking here ;-)
It is possible to change (for example) the DownloadManager class, so that it has extended functionality which will then be used by 3rd party apps, right?
Can the patched class then be put in the Play Store for other people to download/extend their DownloadManager functionality?
Will people need Root to be able to install such a change?
At most important: How can someone alter an Android API class? I'm really a noob here: I don't know where to get the source-code from, how to replace the standard with the enhanced class, what's needed for that, etc. Is there even a tutorial on advanced topics like this?
Please enlighten me a little bit :-)
is possible to change (for example) the DownloadManager class, so that
it has extended functionality which will then be used by 3rd party
apps.
Yes, of course, Android source code is opened under Apache license, you can modify this source code, and public into the world. For some detail about DownloadManager class and many other class, in Android OS Structure, those class is programmed on upper layer, often totally in Java.
Can the patched class then be put in the Play Store for other people
to download/extend their DownloadManager functionality?
I don't understand your question so much. In Play Store (and another android app store), people upload their application (in funny sentence, upload the source code has been compiled), so how can you upload a source code for user extends their apps ?
You can public your source code to github, or another place that programmers often meet, so they can view your source code, and often give you valuable ideas and comments :)
Will people need Root to be able to install such a change?
if advanced user, they can install new Android OS for their device. But I think, this answer is further than you really need.
Where to get the source-code from, how to replace the standard with the
enhanced class, what's needed for that, etc. Is there even a tutorial
on advanced topics like this?
In Android SDK folder, there is a folder named "Source", you can go there and see many Android source code. You can take that, read, and modify what you want. some part of Android is not here, you should google for this, it easy to find on internet.
But you should remember, when you modified this class or that class, it not belong to Android OS again, you must import this class file to your project as normal class.
So, if you want to modify base Android APIs : those APIs often write all in Java, and you read them and understand carefully, modified some part if you want, and import this class into your project.
And last word, why you should do that :) Because you can extends the class you want, and put some additional features for this class. It's easier and nicer.
Hope this help :)
Related
The internet is full of solutions where someone with no coding experience can design an app, and then have it deployed to their phones via another app. So for example you can log on to appsheet, create all the parameters for an application, then download appsheet to your phone. from there, you log into your appsheet account, and download any of the apps you have created.Does anyone know how this is accomplished?
My use case is that I have an app that I would like to offer to Universities, but would like each universities' mobile application to be custom built for their needs. I have developed web, android and ios apps in the past, and have a Software Engineering background, so I am looking for the right methodology to accomplish something like this. Are there any specific frameworks or technologies you would advise me look at to accomplish this tasking? If you have any questions or concerns for me, please do not hesitate to ask!
I work at AppSheet. There are two basic approaches an app builder can follow: (a) act as a code generator, or (b) implement an intepreter. In the former case, it spits out code that gets compiled into an executable package that can be installed and run on a device. In the latter case, the "app" you define is meta-data in a higher-level definition that is interpreted in a host wrapper app. Each has its strengths and weaknesses. AppSheet uses the latter approach.
My bet is that they just have one universal, configurable app which they configure for your specific needs by generating a config file or something like that, and then packaging it all up into an apk.
Your idea is great but that is not possible. We cannot imagine every scenario to build such app. We have to imagine for each scenario and have to code for such scenarios.
So I published my android app, I proguarded it, applied LVL and even changed some of the LVL code but offcourse, I found it cracked somewhere using a tool called Lucky Patcher. I am not going to ask how can I protect against 1 click tools like that, as I guess there is no single answer ( unless you have an idea and can point me toward).
I need to ask you to help figure out how my code was cracked. I understand that this tool takes APK file and removes licensing. Now given that, how can I take this APK file and reverse engineer it back to Java files to see how the tool cracked my code (so I fix it)
Please help me
Thanks
After Proguard, there's no way to decompile your code into humanly-readable Java.
While it makes the reverse engineering process more difficult, it's not impossible for a clever reverser to figure out the hidden algorithm.
As for tools,
Use android-apktool to decompile to smali and extract all the encoded xml resources.
Use dex2jar to translate Dalvik into jar
and finally jd-gui to see the resulting reversed java code
There's a lot of info here on how to go from a DEX file back to Java source. Also, have you looked at this blog post which addresses many of the ways to protect your source?
piracy is a big issue , and i don't think that any platform or OS can be fully protected from it .
however , google already made some tutorials regarding protection against it , for example:
http://www.google.com/events/io/2011/sessions/evading-pirates-and-stopping-vampires-using-license-verification-library-in-app-billing-and-app-engine.html
also:
http://android-developers.blogspot.co.il/2010/09/securing-android-lvl-applications.html
i think that you can also put some sophisticated obstacles using C instead of java.
also , as google suggests, consider using a different approach : make the core features free , and make the rest purchaseable via in-app billing . you can also add ads and a feature to remove them by in-app billing as well .
I was thinking about this and it seems like if you really wanted to secure your application from hackers there is really only 1 way to do it. You can implement all kinds of fancy methods of insuring your application is licensed and paid for as described in the google article but all it takes is a good hacker to decompile your application and find where the code is and then comment it out or change a function to always return true.
Instead, implement some portion of your application that is required for use in jni/ndk, and check for validation in that code. It doesn't have to be extremely complicated code but you can't just put something like a function (eg. checkValidity) as a user could easily comment the java call that calls into the ndk. Instead you should make some call to your ndk to actually do something that is non-trivial for your application to run -- something the user can't just comment out or switch out with a defined function that does the same thing. From within the ndk code do the verification of your application's integrity/licensing and if it fails kill the application or whatever you need to do.
In order to bypass this the hacker would need to re-implement the ndk code or reverse engineer it.. Which should be much more complicated and not worth while.
This obviously isn't a simple solution and still won't guarantee your application never gets hacked, but it should be much harder to break than the other methods..
I personally think that Obfuscation {Proguard, Dexguard} and native {.so} are pretty effective way to go if used properly.
It definitely deters less experienced 'players' and definitely complicates the life of even experienced 'players'
Don't simply copy/paste the Google android example codes....
I'm quite the beginner to programming in general (and esp. Java!), so I'm having trouble figuring out how to interact with the unofficial Android API library, shown here:
http://code.google.com/p/android-market-api/
One of the snippets of example code say "see AppsResponse class definition for more info". However, how am I supposed to do this? There are two .jars provided, one of which corresponds to the Android Market API. Upon extraction with WinRAR (I'm on Windows, by the way), I go in a few folders deep and find a bunch of .class files. How do I open this to read, and figure out how to interact with the API? Thanks!
You can just look at it from the source?
http://code.google.com/p/android-market-api/source/browse/trunk/AndroidMarketApi/src/com/gc/android/market/api/model/Market.java
alright so I've searched for quite sometime on this and I can't seem to find just the kind of answer that answers my questions...so here goes nothing! And mind you, I'm new to android dev soooo I may have stupid questions that some of you may get irritated at, but we all have to learn some how right?
I'm trying to develop an application that will allow users to scan in a QR code and then display the information that is encoded into it in a nice organized way.
It seems like ZXing doesn't like the idea of integrating their code with other applications e.g. you have to use their application from the market and point to it via intents... well if I do it this way, can I decode the contents so that I can have access to the content and do as I want with it?
What would I have to include in my project from the ZXing folder that I downloaded to make it all work? And would I have to build all of the objects with in that folder in order to use them in my project?
Any help would be greatly appreciated. Thanks!
I have decided to go other routes.
The "Android way" is to do everything via intents.. However, zxing is a special case. You can follow the intent route, or you can (as it's apache licensed), download the source code and adapt as necessary. We did that for the game Barcode Beasties ( mandatory self promoting download link here : https://market.android.com/details?id=com.fawepark.android.barcodebeasties ) and that meant we could also brand the scan page as well.
If you want use the software integrated, then just download the source and either compile it as a library or just include it in your source folder as another folder.
I am a new developer for android programming. I understand android SDK does not contain all classes from android source code. For example, AtCommandResult.class is missing (hiding) from android.bluetooth package in the SDK.
Sometimes, however, I want to use the hidden code in my app and I wonder what would be the best way to do that. One approach I can think of would be to include its corresponding source code in my project with different package name to avoid conflict with existing core. But problem with this approach would be I have to maintain the code by myself from that point. One or two classes are OK but you know where I am going.
Is there any better way other than bothering google to include the code in the SDK? Thanks in advance.
You may want to use a .AIDL file:
http://developer.android.com/guide/developing/tools/aidl.html
Those can already be used to access for example in Telephony functions.
Code example here:
http://code.google.com/p/auto-answer/source/browse/trunk/src/com/android/internal/telephony/ITelephony.aidl?r=13