Mobile and Backend Development

In this post I would like to explain how to do the SSL Pinnig from  Android. First of all we will get a little idea about what is SSL and Pinnig means. In this post I did referred the OWASP( Open Web Application Security Project )  page, where we can gain knowledge in common security risks of our software. Mostly in client-server communication, we uses TCP/IP protocol. Based on TCP/IP there are application layer protocols, which are well known to the world(Such as HTTP, SMTP, FTP etc...) Widely used client-server communication protocol is HTTP. HTTP is an unsecured protocol and any one can interfere the communication between clients-server. Well know security risk in HTTP is Man-In-The-Middle attack, where attacker can read/update data inside  a HTTP request/response. To overcome this kinds of attack HTTPS protocol is used, which will create a secure channel for client-server communication(This uses a X509 Certificate provided by Certificate Authority[CA] and asymmetric cryptography

In a previous post, I have explained how to access the Linkedin API's using Scribe . But luckily Linkedin have introduced their Mobile SDK for Android recently. This will save lot of times for developers and hope in the future will have lot of functions over the SDK. In this post I'm going to give some hints and important steps to integrate Linkedin SDK for existing linkedin integrated(Using Scribe) application. When using Scribe for OAuth authentication, linkein returned us an AccessToken and we saved that in shared preferences for future use. With the new SDK we can use the previously saved AccessToken to access linkein API's without creating new token. I have added that example in SDKIntergrationActivity.java class and it's being commented. You can refer  this project and previous project in Github.(Find the below code snippet in SDKIntergrationActivity.java) LocalSharedPreferenceStorage localSharedPreferenceStorage = LocalSharedPreferenceStorage.getInstance(c

In Android Operating system, there are lots of security features which will protect your applications. The common security threat of Man in the middle attack, will help attackers to initiate an attack from a mobile application. This may of a small mistake like adding log of sensitive data. After development of an application it is better to do a Penetration testing . There are lots of tools and services for penetration testing and vulnerability testing. In this post I would like to give small idea about how to avoid vulnerabilities and security holes in our android application while development. As developers we should aware about the best practices of secure application development. Android developer page  contains the security best practices and security tips, the developers should follow while development. The best thing is to keep these basic tips in mind throughout the development. Then we can reduce the number of vulnerabilities and security issues inside the application. Th

As Linkedin is one of the professional social media network, most of us needs to access there web services to collect data. In this post I would like to give simple examples on how to get logged in user information such as email, full name, friends list. And I'm planning to update this post with the sending messages and share posts. There is no official SDK provided by the Linkedin developer support. They have recommended to use  Scribe  library (By Pablo Fernandez ), which will helpful to do the OAuth authentication with Linkedin web services. This library can be used for most of the web services, where they use OAuth authentication. In this example still I'm using OAuth 1.0 as default authentication. First we have to add the Scribe dependancy to build.gradle dependencies { compile ' org.scribe:scribe:1.3.+ ' } We have to create an application to access Linkedin API's. For that go to  Developer Console  and Add New Application. After creating the ap

As android developers we face difficulties on decoupling different parts in android application. To overcome this difficulties, the Square has introduced an event bus for android called Otto . In this post I will demonstrate how to use Otto event bus with IntentServices in Restful android client. This code can be more optimized. This publish-subscribe style can be used to decouple many other components except the Services. This is just a sample implementation to demonstrate Event Bus concept with IntentService, except ResultReceiver usage with Services. This is more interesting when it comes to event bus. Because the same results set will be available to multiple components by publishing it on event bus. The required component should subscribe to receive the results. This is more robust than the traditional java event listners and will provide more flexibility. We can initiate the Bus object according to the requirement of our application. It is not required to be singleton or a

Bluetooth is a wireless protocol for exchanging data over short distances from fixed and mobile devices, creating personal area networks(PANs).When any two devices need to talk to each other, they have to agree on a number of points before the conversation can begin.The Bluetooth protocol is used to communicate with mobile devices in wireless media.It is a well known and popular technology that is being used by many mobile device manufactures. Mainly the Bluetooth technology is used in mobile phones.Here is some code examples to search for Bluetooth devices near to your device. Start Inquiring for Bluetooth Devices LocalDevice localDeviceData = LocalDevice.getLocalDevice(); DiscoveryAgent bluetoothDiscoveryAgent = localDeviceData.getDiscoveryAgent(); bluetoothDiscoveryAgent.startInquiry(0x9e8b33, this); After finishing the inquiry of Bluetooth devices,the deviceDiscovered(RemoteDevice rd, DeviceClass arg1) method will be invoked. Vector remoteDevices; Li