A few months ago, I wrote a blog explaining the power of the command line
adb backup
To summarize, “adb backup” is an official way to leak private data in certain apps. I said “official” because it’s designed and allowed by Android’s creator and there are also other unofficial ways to do it such as rooting a device.
With the Android 12 preview release, Google has announced a strong restriction (even a permanent removal in the future) of this command. It says that:
To help protect private app data, Android 12 changes the default behavior of the
adb backup
command…
Android OS is designed to isolate the access to data of an application from others. Through linux-permission base, Android encloses application data and protects them from other users.
In other word, we can’t get data without launching the owner app or other apps which are allowed by the owner one.
Android inherits the set of features in Linux, including the power of a root user. However, unlike the root user in Linux which is normally assigned to the possessor of the device, the root user in Android doesn’t really “exist”.
To be more specific, by default, there is no way…
In Android, when a phone is powered on but the user has not unlocked the device yet, most user applications and user data are not accessible.
Prior to Android 7, the system was designed to be inactive during this state; no user action can take place, only system services could be launched normally. Fortunately, from Android 7, to respond to the demand of some particular functionalities like alarms or reminders, Google has introduced Direct Boot mode that enables a quick access to these components.
The purpose of Direct Boot mode is to get access to data when device is not…
At ModuloTech, on Friday afternoons, Android Team often organizes a team building session where we play, compete, have fun and also learn new things together.
The topics of the sessions are diverse : coding games, tech talks, Android quizzes or Capture The Flag sessions(CTFs).
In this article, I will introduce one of the CTFs that we did at ModuloTech.
Since this was our first CTF session, we started with something simple to get to know the reverse engine and to see how our codes can be vulnerable.
You can download the apk at our github repo.
The requirement for this…
As an engineer, our ability is not limited to making codes but it is also finding solutions for problems we encounter in our daily working.
Development is a process to bring digital solutions to a problem in real life. However, it also poses issues that we have to deal with.
In this article, we will discuss some tips to solve these issues in Android development.
A common situation we often encounter is working simultaneously on two multi-module projects A and B, both of which depend on module C.
However, A and B work with different commits or branches of module…
Since location has now become sensitive data, Android restricts its usage, especially in background apps.
Before Android 9, there was no diversion of location permission. Foreground and background apps used the same resource.
However, Google started to realise that apps were abusing this type of data, they decided to add a few layers to protect users by separating location resources into background and foreground.
As a result, this adds a few extra work for Android developers to require location permission in their apps.
Before going into detail, let’s take a look at the changelogs in several latest Android versions.
We, as Android developers, should be quite familiar with layout xml file. There is no doubt that the skill we master the most in Android development is doing layout xml because we do it everyday, in every feature and for every single UI piece. Back to the old days when ConstraintLayout had not appeared yet, layouting was still very poor and naive. Since ConstraintLayout came out as a new approach to do layout job, layouting has become sexier and more efficient. The benefits of ConstraintLayout are undeniable, however, people still often make some mistakes that undermine all these benefits.
In…
In the previous blog, I have talked about what Datastore is, why it is created and also made a quick comparison with SharePreference. In this blog, we will see how to implement it.
First, we need to configure some dependencies and plugins to our project.
Add this plugin on top of build.gradle file of the desired module:
plugins {
id "com.google.protobuf" version "0.8.12"
}
Next, add the protobuf convention to the same build.gralde file:
protobuf {
protoc {
artifact = "com.google.protobuf:protoc:3.10.0"
}
generateProtoTasks {
all().each { task ->
task.builtins {
java {
option 'lite'
}
}
}
}
}
And…
This is the first blog in a series of 2 about Datastore. You can find the next blog about the implementation of Datastore here:
Jetpack DataStore is a data storage solution that allows you to store key-value pairs or typed objects with protocol buffers.
To put it simply, Datastore is an upgraded version of SharePreference with the same purpose but new and more effective mechanisms. “The same purpose” means that Datastore only supports key-value pairs storage but not large, complex and structural datasets. …
In Kotlin, there are a bunch of modifier keywords that are very useful in some use cases. Some of them are already well-known because of their high applicability such as: inline, inner, lateinit, reified, open, override etc. In contrast, several ones are not largely known because there is not often use case that requires these features.
In this article, we will discover such a keyword: tailrec
, and what it provides.
According to the official documentation:
tailrec marks a function as tail-recursive (allowing the compiler to replace recursion with iteration)
Following this definition, there must be something wrong with a recursive…
Android Developer