Droidcon London is one of my favourite conferences with it’s wall to wall Android theme. I’ve spoken 3 times over the past 6 years or so and I’m super excited to be speaking this year after a break of a couple of years. I tend to speak about Android Security because it’s an area of app development that isn’t often prioritised high enough. Mobile security comes with it’s own set of challenges where devices and data are physically at more risk than traditional PC/Laptop environment.

In addition to checking out the other security talks I’m keen to learn tips and quick wins for view animations and screen transitions. Also top of my list is learning from real world experiences and lessons learnt using different architectural approaches such as MVP and Clean architecture. I’m looking forward to getting to grips with Kotlin based on the news that Kotlin is supported for build scripts in Gradle 3.0. 

whats_new_in_android_security_v3_key

My Talk – What’s NNNNNNew in Android Security?

As you might guess from the name is all about the new security features in the most recent versions of Android: Nougat aka N.

whats_new_in_android_security_v3_key_at_glance

Who should come to it?

There were several notable security updates in Android Nougat and in this talk I’ve distilled the information specially for the busy developer who don’t have a lot of time to invest in learning new APIs. I’m personally most excited about Android 7’s Network security config. It’s an easy way to increase your app’s network security without writing any code (just xml based config). I’ll show you the most likely things you’d use it for with code samples. For example allowing self signed certificates for development API and SSL pinning.

See you there!

Also watch @scottyab and speakerdeck profile for the slides 

Thanks to Matt Rollings, Niall Scott and Andy Barber proofreading feedback.

scott badgeConfConf as you might of guessed from the name is a conference about conferences (how meta!), specifically how to run them better! It’s a small single track conference based on professional event organisers sharing their top tips on making the best conferences.

Top 5 tips for running your first technical conference

At SWmobile (a meetup group which I co-run) we’ve talked a little about running our own conference. Here’s the top tips I picked up for others also looking to do this:

  • Independent and for profit – The conference should be independent financially from any non-profit group and the aim should be to make a profit with the conference. This separation helps focus the effort required to setup and run a conference. I thought a good suggestion was to aim to run it for 3 years and if it’s not profitable after 3 years to abandon.
  • Ticket price – The super secret but also simple ticket price calculator should be the total costs / total number of tickets. It’s important not to include sponsor money and so the focus of the marketing is ticket sales. Any money you get from the partners you get on board will increase the chances of it being profitable and allow you to improve things like swag, free beers etc
  • One day only – One day conferences have tended to be more popular recently as it helps keep cost down and it’s easier to convince bosses for the time off to attend.
  • WiFi – Get this right! don’t skimp or rely on the venue’s setup. Sure they’ll say they have a great network but remember this is a tech conference and most attendees will have multiple devices. Rule of thumb 2.7 devices per attendee. Great article from last years confconf.
  • Ditch lunch – Don’t bother with lunch, catering costs allot and is generally crappy quality. This really hit home for me as I cannot think of a conference I’ve attended where the food was good. It’s also one of the main things people moan about!  confconf’s lunch was fairly standard meeting food which was above average for a conference. However they did win the day by pulling out afternoon cream tea!

 

Top 5 tips for monthly meetups

This is geared up for monthly, free to attend meetup groups such as SWmobile. This list is geared more to the sorts of things I think we can improve on so your mileage may vary. 

  • Sponsors == Partners – referring to and treating sponsors as partners helps emphasise they are more than just giving money. By working together you can use their ‘reach’ to promote your events.
  • Improve speaker management – Be up front about talk timings, whether costs are covered, venue directions, uniqueness of talk, number of attendees, type of audience, who to call in emergency, and in general communicating better before and after an event. 
  • Open a CFP – have a Call For Papers [CFP] for monthly meetups where prospective speakers can easily submit talks. Allow them to indicate if they are new to speaking as this allow you to mix up evenings with pro and newbie speakers. As with the above point and speaker management, be sure to include things on the CFP things like the typical location of meetups, average number attendees, attendee skill/experience level. 
  • Create Code of Conduct policy – If you already have a code of conduct like we do at SWmobile, that’s a great start. But what happens when a complaint or issue is raised? this is where a policy comes in. Be sure to ensure all organisers/volunteers are briefed on this. 
  • Video promo reel – Recording talks are a good way to allow people who couldn’t attend to watch the talk. They also serve as a way to promote the group. However recording and editing can be costly and time consuming. A better use of video would be a promo reel to promote the group and ideally a separate video tailored to prospective speakers, members and partners. 

As in mention in my tweet above I had tons of notes and this is just a small portion of the knowledge gained. I’d definately recommend confconf.com to techincal meetup and conference organisers. Hope to attend next year! Also more tips can be found on the confconf blog.

 

Another blog on the Intohand blog, this time “How to publish your open source library to Maven central”

Have you created a great (or at least useful) Java/Android open source project that you want to enable other developers usmavene in their projects easily? have you wondered how to publish your library to Maven central? then this is the article for you!

http://intohand.com/blog/post/how-to-publish-your-open-source-library-to-maven-central

Chris (@chrisjenx) and I spoke at the BCS Bristol xmas event at @bristol last night along side Rob Mullins from Raspberry Pi. We talked about how awesome it is to work in technology as a programmer and develop apps at Mubaloo. So forgot those crappy spreadsheets they teach you at school and get cracking with the real fun stuff.

Check out App Inventor for a place to create your first Android app. http://beta.appinventor.mit.edu/
Getting started with Android development check out the official dev site here https://developer.android.com/index.html

Presentation slides after the break
Continue reading

After a recent hard disk failure I found myself hunting around for the various system config things and thought I’d blog it to ensure I knew where to look next time and to maybe save someone 5mins.

Backup Documents folder to Dropbox

An easy way to ensure you docs on mac are safe is to Create a Symlink from to Documents to a folder in Dropbox. Assuming you have Dropbox installed to the standard place in your home dir. Open the terminal type:
ln -s ~/Documents/ ~/Dropbox/MyMacDocs

That’s it, all done. You should she the files and folder start to sync

Add adb to Path so you can use it in the terminal

If like me your an android dev you know its useful to access adb from the terminal. Heres how…. Create a file called .profile in your user dir (~/ or /Users/<;user.name>;/) Open the .profile file and add the following line:

export PATH=/Users/<;user.name>;/android-sdk-macosx/platform-tools:$PATH

Now restart the terminal and type adb version

If all went ok you should get the following response Android Debug Bridge version 1.0.29

Show hidden files

Another useful thing todo on mac is to show hidden files. Open the terminal type:

defaults write com.apple.Finder AppleShowAllFiles YES

One of the reasons posting to scottyab blog as slowed to near halt is because I’ve been involved in the organising of the South west’s first mobile meetup group. My friend and colleague swmobile-temp-logoTom Spencer is chairing the group and I’m co-organising. We took over the group that initially had about ~50 members but didn’t actually have a meetup. The main aim of the group is to arrange face to face meetups and networking for mobile developers and designers .

Why so this?

  • We love mobile! and enjoy taking to others that share the same passion
  • We want to learn more
  • Sick of all the other meetups being based in London

So join the meetup group if you are interested in meeting up – http://www.meetup.com/swmobile/

Invited to talk at the Mobile 360 live conference – http://mobile360live.com/2012/

UPDATE: event was cancelled 🙁

Android is based on openiness and the development community has embraced this ideal and provided numerous solutions to common problems just waiting to be plugged in. This session focuses on the features of some of the best and freely available resources the community has to offer. You will learn how easy it is to integrate and utilise these libraries in to your application, with code examples, so you can write less and do more.

In depth look at:

  • Android query, a light-weight library for doing asynchronous tasks and manipulating UI elements in Android. By Peter Liu.
  • Actionbar Sherlock an extension of the Android compatibility library designed to facilitate the use of the action bar design pattern across all versions of Android. By Jake Wharton.
  • Ignition a support library containing UI components, diagnostic helpers and AspectJ based location finder. By Matthias Kappler and Stefano Dacchille.
  • Commons Ware – Various library and utility projects created by Mark Murphy.

The libraries demonstrated are commerically friendly Apache License 2.0.

 

 

Finally got around to creating the additional marketplace images and application signing  to publish my first android app findr.

It’s still a beta so expect a few issues.findr feature graphic mosaic

I’m working on:

  • better storage to cache downloaded data
  • allow saving to SD card
  • better compression when setting as wallpaper
  • Live wallpaper

Why not give this a whirl and resist the 1 star ratings (if you can) and instead post some feedback or feature requests below or tweet me.

Dropbox allows you to sync your files online and across computers. 2GB account is free! http://db.tt/Tk9RpcD (Shameless referral alert)

I struggled to find time to preform code reviews around projects and tight deadlines? However I found if you are using RAD? then the Analyse tool can help your team be more efficient and reduce the code review time.

There is a cut down version of Rational Software Analyzer that is integrated into Rational Application Developer (RAD) 7.5 that allows you to improve code quality and decrease the time it takes to perform a code review. Initially you’ll probably find a fair few items identified, but trust me this reduces as you move forward and start using the analyser as part of your daily routine or even better nightly build. It’ll also help developers start coding to the same standards.

Our development team took the approach that you don’t ‘have’ to fix all the issues identified in a given project/component, but as a rule you should be running the Software Analyzer on the methods and classes you’ve created or edited. So if you edit a method with an issue (e.g missing java doc) it is your duty to correct it. If it’s more complex refactoring we treated on a case by case basis (normally down to experience of the developer). The pros as that all the developers gained more exposure to Java code standard and we were able to tidying some of the older code as we went along rather than a big block of refactoring.

For our first pass analysis I selected the most critical rules plus a few extra around javadoc.  Some might be not be applicable for example there’s a critical rule states you should check a objects type before casting it, a valid rule indeed however all the RAD generated code in the JSF backing beans breaks this rule, so you’ll want to ignore it for classes in the pagecode.* package. Example of RAD generated code that breaks the casting analysis check.

protected HtmlPanelGrid getNewPremiumdetailsbox1() {
if (newPremiumdetailsbox1 == null) {
newPremiumdetailsbox1 = (HtmlPanelGrid) findComponentInRoot(“newPremiumdetailsbox1”);
}
return newPremiumdetailsbox1;
}

The idea is that you Analysed your code before submitted for code review and that if you haven’t fixed the raised issue they should be a comment explaining why. All developers were asked to pay particular attention to the Java Doc rules – can’t really think of an excuse for not adhering to those rules?

My only gripe is that Rational Software Analyzer doesn’t contain explanation of the issue raised? why is not checking an object’s type before casting just an issue? obvious to some but not others.  This enhanced functionality is included in the standalone paid Rational Software Analyzer product. However found a quick google or question on Stackoverflow explains why certain issues have been flagged.

Here’s a few screen shots on how to kick it off:

Firstly go to Run > Analysis

Screenshot of launching the Analysis tool

This will launch the Software Analyzer config window, create a new configuration and import the rule set (or select a predefined one)

Screenshot Config window

Here’s the rules with there various priority levels these can be edited. Once your happy click Analyse to start.

Screenshot of the Code Analysis Rules

This is what you code will look like after the see the blue underlines and ticks and crosses to the left of the code.

screenshot showing the Rules flagged in code