Sunday, March 1, 2015

How to Make Sure an App Works with Android for Work

Google has announced Android for Work, a program making it possible for users to take their Android devices and use in an enterprise environment.
On Android Lollipop, enterprise administrators can create a managed profile (a.k.a work profile) that is then deployed to their employees’ smartphones and remotely administered. This profile co-exists in parallel with the user’s personal profile and the user does not have to switch between profiles. The IT department decides what applications are to be pushed to the managed device, what are the profile settings and device capabilities available on that profile. For example, using the camera with the managed profile could be turned off. Also, IT admins can remove the apps and the entire profile at any time.

The managed profile can be installed only on encrypted devices. The settings and the data are encrypted and kept separately. Users have full privacy and control of their personal data, while administrators control the enterprise data. The work apps and their notifications are visually marked by a badge. Administrators can install any app from the Play Store but it is recommended to test them before pushing them to devices.
For devices with Android Ice Cream Sandwich, Jelly Bean or KitKat, enterprises can make use of the Android for Work app which provides secured services –email, calendar, contacts, browsing, etc. – through a limited number of approved apps that are managed by the IT department.
Free apps are available for enterprises to be deployed on managed profiles as they are. For paid apps, developers will need to choose during the publishing process if they want to sell their apps in bulk to enterprises.
If developers have followed the best practices in developing Android apps by the letter, their apps should work with Android for Work without any problem. If they didn’t, there may be some issues to address. They are related to the limitations attached to managed profiles and the profile settings that administrators can enforce.
Developers need to be aware that Android Intentions do not cross profiles unless the admins specifically allow them. A managed profile may contain a limited number of apps, and, as a result, it is possible that there is no app to handle an intent on the managed profile, resulting in missing functionality and even app crash if this is not cared for properly. To avoid that, developers have to check if there is a handler for their intent by callingIntent.resolveActivity(), failing cleanly and possibly informing the user. They also, do not have to assume that all device features are available because the admins can disable some of them in the managed profile.
Another issue stems from the fact that profiles have separate storage areas. That means file URIs can’t be passed across profiles. It doesn’t work if a managed app fires an intent and passes a file URI that is handled by an app from the user’s personal profile. A file URI can be passed though if it is encapsulated into a Content URI using FileProvider.getUriForFile().
To make sure an app works with managed profiles it is recommended to test it using theBasicManagedProfile (download zip file) provided by Google. For detailed advice on creating enterprise apps, we recommend the site Building Apps for Work.

Courtesy:- INFOQ

7 Sublime Text Packages For Front End Developers

Sublime text is a powerful code editor. Front end developers often use sublime text editors for writing code. Sublime text editor comes with number of powerful plug-ins and packages. These added functionalities to editor packages fulfill all coding needs. Today we have listed top seven Sublime Text packages.

1. AlignTab:

AlignTab as the name suggests takes care of alignment of your code. This tool comes with user-friendly Preview Mode that helps you see how alignment is applied. This tool also offers Table Mode that lets you define alignment for tables in markdown language. This tool comes really handy to make your code easy to read.

2. ColorHighlighter:

This tool shows selected colour codes with visual colour. You can select the colour and preview live version. ColorHighlighter supports all CSS colour formats like Hex, RGB, HSV and HSL. You can include colour keywords for easy use. 

3. MultiEditUtils:

This plugin brings much more improved features like multi-cursor and multi-selection to SublimeText, which helps in saving time for editing lengthy lines of code. You can easily merge or swap codes between selected lines. This is a must have tool for pro-coders.

4. Git Gutter:

Git Gutter is the best Sublime Text plugin to work with Git version control system. The tool shows flags in gutter area. You can edit, ad or remove tools in your code using Git Gutter. The tool is useful to instantly compare your code with commit, branch or head repository.

5. Modific:

This tool has best integration of Git and SVN. You can mark changes in your code using Modific. The tool can be used to compare differences between current and changed code by pressing Ctrl+Alt+D. You can easily revert code modifications using Modific.

6. Inc Dec Value:

You can easily increase or decrease numbers using Inc Dec Value. You can change date, HEX colors and numbers of different lines simultaneously using Inc Dec Value. Increasing or decreasing values using this tool is quite easily. Simply press Alt + (up arrow) to increase or Alt + (down arrow) to decrease the number. The tool also supports mouse wheel.

7. FileBrowser:

File Browser lets you easily navigate your files and folders in your project directory. This tool supports number of keyboard shortcuts that you can use to easily navigate through your project directory. The plugin can boost your workflow very easily. You can install this plugin, you can easily access your project directory. 

 Courtesy:- EFYTIMES News Network

6 Ways How Hackers Can Exploit IoT Products

The world is moving to the Internet of Things (IoT), the concept promises better and simplified future. All industry leaders are entering in IoT. However there is a reason for caution. Researchers have provided that IoT is not very secure. A team of researchers from HP Fortify reviewed ten IoT connected home security systems and found that all of them are vulnerable. Today we have listed six reasons why IoT is not as secure.

1. More Connections: 

IoT is spreading exponentially. According to statistics, there will be over 4.9 billion IoT users this year. The predicted growth is 25 billion by 2020. This large number of users means there is a lot of different doorways in same system. Fortify researchers researches for months to find out what issues enterprises are facing with the rise of IoT, they tested 10 devices on multiple platforms and found 20 vulnerabilities per system. 

2. Not Secure: 

IoT also involves connected home security systems that provide all security features for home. This includes door, lock, window sensors, motion detectors, video cameras and their recording mechanism. All these systems are connected via cloud to a mobile device or web. Hackers can easily access home video cameras or control security systems remotely with such provision in IoT. 

3. Authentication and Authorisation: 

Poor authentication methods is another important reason why IoT devices can be target of hackers. Weak passwords, insecure PINs, poor credentials and other weaknesses can be used to gain access to the system. Fortify researchers also found out that systems cannot lock accounts after failed attempts of access. Hackers can guess credentials multiple times to gain access to the account. Implementation of two-factor authentication is important in IoT.

4. Transport Encryption: 

Transport Encryption is referred to the data encryption while it is traveling. Transport encryption is very important in today’s age of internet where we often share personal information and sensitive data. In case of IoT, all the information and data being transmitted is personal and sensitive. Transport encryption is very important in IoT products, without it, all home related cloud connections are open to all kinds of attacks.

5. Insecure Cloud Interfaces: 

Most of the IoT products are cloud based or they use cloud as communication server. 70 per cent of cloud interfaces for IoT that are being used have numerous issues. Hackers can easily identify the valid accounts using feedback received from reset password mechanism, credential input and sign up pages.

6. Insecure Mobile: 

Mobile application interfaces are widely used in IoT products. Mobile interfaces have same issue as cloud interfaces, they are potentially vulnerable for identifying valid user account though feedback received from reset password functionality. Statistics show that 50 per cent of IoT products involve insecure mobile interface. 

9 Characteristics Of A Bad Software Engineer

A software engineer is an important part of any IT project. His work can either create wonders or ruin the entire focus of the project. Software engineers are genius coders. There are certain qualities of good software engineers. Today we have listed nine characteristics of a bad software engineer.

1. Stackoverflow Bot:

If the program that a software engineer runs into an error, the first thing some software engineers do is Google for the solution. They mostly head to Stackoverflow, copy-paste the patch and voila. Copying from Stackoverflow is not bad, it is a great resource but some engineers directly copy-paste the patch without understanding context of it. This often leads to bigger problem that what they were trying to fix.

2. Testing: 

Some software engineers think that testing is the job of a tester. They need not test their code. But, in age of mature Agile software development methodology, this attitude is very bad. Software engineers are little hesitant when it comes to testing their code. However, if software engineers start testing their code while writing it, they can save lot of resources and help in building better products.

3. Documentation: 

Some people think that code documentation is boring. A good software is not the software that provides number of cool features but, it is the software that can be used by many people and can be modified by thousands. Great developers believe in precise and detailed documentation. 

4. Excuses: 

Some software engineers give very lame excuses when their code doesn’t work. A bad code is not the source of the problem, the excuses are. Only bad software engineers give excuses when their code doesn’t work. A good software engineer would rather try to fix the error than giving excuses.

5. Short-term Investor: 

Some software engineers pay minimal attention to the program or problem statement. They code, deploy and move on to the next project. They are like robotic coders. They are good people to get the work done but you cannot expect quality work from them. All they care about is the amount of hours they put in for the project and the project deadline.

6. Protestor: 

There are always these kind of software engineers in a team. They are always trying to defend themselves. “I didn’t do this”, “This looks bad”, “This is not my problem.” They always blame colleagues for the bad output. 

7. Dictator: 

Some software engineers always try to lead the team. They are never working as a team. They try to imply their own ideas and solution in the project. This kind of people affect the productivity of the team. Irrespective of experience and skills, this kind of software engineer is always bad for the team.

8. Overcautious: 

Developers need to be risk taking and challenging. Some coders avoid getting out of their comfort zone. They never touch other part of the system other than their responsibility. Good developers have tendency to try new challenging tasks. 

9. Carelessness: 

These kind of software engineers can be harmful for the project. They forget to backup a system. They leave system out somewhere and print in production code too early. Mostly newbie coders are careless, they get better with more professional exposure. 

 Courtesy:- EFYTIMES News Network

Google Releases gRPC, a HTTP/2 RPC Framework for Microservices

Google has opened sourced gRPC, a RPC framework used internally to connect cloud microservices. gRPC comes with support for 10 languages, making it attractive for creating back-end cloud services for mobile applications.
gRPC is a language and platform-neutral RPC system developed and used internally by Google in many areas including cloud computing services, and they are going to expose most of their public APIs through such endpoints. Google considers gRPC a “bandwidth and CPU efficient, low latency way to create massively distributed systems that span data centers, as well as power mobile apps, real-time communications, IoT devices and APIs.”
While it can be used in many scenarios, gRPC is targeted primarily at microservices. A service interface and the data types it handles is defined using the Protocol Buffers IDL, and with the help of compilers one can generate client and server stubs in 10 languages: CC++C#Go,JavaNode.jsObjective-CPHPPythonRuby. The Java implementation seems to be mature, while the others are in Alpha (ready for early adopters) or pre-Alpha. Except for the Go and Java implementations, the others are wrappers around a C implementation of the core library. There is not yet an implementation for the browser, but Google is “actively exploring” such an option and invites for feedback...

The default data serialization format is Protocol Buffers, a new version Proto3 being just released. Besides a simplified syntax, Proto3 supports more languages and JSON encoding. gRPC can be extended to support other data formats as desired.
Answering to a question on why one would use gRPC over REST for microservices, Google writes:
gRPC largely follows HTTP semantics over HTTP/2 but we explicitly allow for full-duplex streaming. We diverge from typical REST conventions as we use static paths for performance reasons during call dispatch as parsing call parameters from paths, query parameters and payload body adds latency and complexity. We have also formalized a set of errors that we believe are more directly applicable to API uses cases than the HTTP status codes.
Providing support for generating client libraries for iOS and Android and running on HTTP/2, Google hopes developers will use gRPC to build back-end services for mobile applications. They consider that “bidirectional streaming, flow control, header compression, and multiplexing requests over a single TCP connection“ will “save battery life and data usage on mobile devices while speeding up services and web applications running in the cloud.”
The gRPC source code has been made available on GitHub under a BSD license..

 Courtesy:- INFOQ

9 Factors Why Bugzilla Is The Best Bug Tracking Tool

 The open source bug management framework by Mozilla, Bugzilla, is gaining lot of popularity these days. The framework is extensively used by open source communities for Linux Kernel, Mozilla, OpenBSD, GNOME, Webkit, Apache, LibreOffice, Red Hat and Apache. Developers are using this framework for over 20 years now. The framework is developed in Perl and it is compatible with various databases like MySQL, Oracle, PostgreSQL and SQLite.

Developers prefer Bugzilla over other bug tracking options like JIRA, Mantis, Trac, Redmine, Fossils due to its integrated reports, charts, schedules, email reports and test integration. Bugzilla is full of unique features. Let’s take a look at important features of the framework.

1. Persona Login: 

Developers usually have Persona Login. Bugzilla let’s you login with your Persona account. This saves efforts of replacing multiple passwords after some interval for privacy concern. You can login at Bugzila with any existing Persona login and start using it.

2. Installation: 

Installing Bugzilla is fairly simple. You need only one installation per organisation. You can manage, add and combine multiple installations for different projects and also add project sub-components from administration panel.

3. Flags: 

Bugzilla offers variety of rescue flags that you can use for taking action. If you want to get user information or get your code reviewed by someone else, you can use rescue flags like needinfo, sec-review, review and sec-bounty. Using flags for review is fairly simple in Bugzilla. You can add the username and they will get notification for the review.

4. Patches and Comments: 

You can comment on bugs using Bugzilla. This gives an ability to developers to have conversation with managers regarding the bug. Developers can add attachment to bug too. You can add images, patches and code samples to the bug. These code samples or patches get merged into the main database.

5. Whiteboard: 

You can separate bugs from feature requests using custom dropdown list or whiteboard in Bugzilla. It is as simple as adding tag in database. You can use whiteboard for many other purposes too. Using the tag, ‘feature-request’ indicates that, a bug has been filed for feature request. Some admins use the tag ‘goodfirstbug’ for easy bugs. So, new comers can easily solve them.

6. Accesible Forms: 

Bugzilla is quite user-friendly. It can be used by anyone to file a bug in seconds. Users can select an option to File a Bug > Select the Product > Fill the bug details > Submit. It is as easy as that. You can also create custom fields for bug forms. There is a guide for users to submit the bug in Bugzilla Helper.

7. Member Profile: 

Each Bugzilla member has a profile that shows details of the user. This profile shows user statistics that include Bugs filed, Comments made, Bugs assigned to the member, QA-Contact, Patches submitted, Patches reviewed and Bugs poked. This helps the management team to evaluate the work of individual developer.

8. Assigning Bugs and QA-Contact: 

You can assign bugs to other users by using a tag called ‘QA-contact’. You can tag a user for specific bug. When you assign a bug to a user, they can see that bug has been assigned to them in their dashboard as well as profile. After the bug has been closed, he can be contacted for Quality Assurance for particular area.

9. Product Dashboard: 

Bugzilla has quite interactive dashboard that lets you keep track of your work in simpler manner. The product dashboard that bugzilla has makes it pretty easier to priorities your work. You can check total bug count filed, the bar charts shows the percentage of bugs by Status Priority, Severity and Individual Assignee. It also keeps you alerted by sending notifications regarding the changes in bug. 

Courtesy:- EFYTIMES News Network

Goodbye Gtalk! It's Time For Hangouts Now!

Google's nine year old instant messaging service GTalk is officially discontinued now. The service will be replaced by Google Hangouts, launched in 2013. The two messaging platforms have co-existed ever since Hangouts came into being.

Google had announced the retirement of GTalk earlier this month via a blog post by Google's product manager for Voice and Hangouts, Mayur Kamat. Google has put an end to the service but for all those who think old habits die hard, GTalk can be accessed via third-party applications including Jitsi, Psi, Instantbird, Miranda IM and many others.

Announcing the retirement of the service, Google has sent out an email to users saying, "Please bear in mind that these aren't Google products, so exercise caution when signing in with your Google account."

One of the prominent features of GTalk was its invisibility mode, which is not available in Hangouts. Also file sharing was much easier in GTalk as compared to the Hangouts.

Google is positioning Hangouts as its important tool against popular messaging apps like WhatsApp. However, Hangouts offer a more consistent user experience as compared to GTalk. Hangouts offer a browser extension, mobile app and Gmail integration. Yet another impressive feature of Hangouts is that it integrates the Internet-based messages with text messages, along with GTalk features like voice and video calling.

Here's what Google wrote to its GTalk users:

Hi User,

We noticed that you recently tried using the Google Talk app for Windows. We wanted to let you know that this was discontinued on 23 February 2015. We recommend giving Hangouts a try so that you can chat with all of your Google contacts. Hangouts supports people's favourite features from Google Talk, including text chat, presence, contact lists and status messages. In addition, Hangouts lets you have group video chats, make phone calls, express yourself with emojis and keep your conversations going across Android, iOS and your computer.

If messaging right from your desktop is important to you, try the Hangouts Chrome app or Hangouts in Gmail. If you're not ready to make the switch to Hangouts quite yet, you can continue using Google Talk on Windows with a range of compatible third-party chat apps. (Please bear in mind that these aren't Google products, so exercise caution when signing in with your Google account.)

As a loyal Google Talk user, we thank you for your support and we hope that you give us the opportunity to provide an even better communications experience with Google Hangouts.

If this sign-in attempt was not made by you, please check details on your Devices and Activity page

Sincerely, The Google Talk and Hangouts team

Courtesy:- EFYTIMES News Network