Month: June 2018

Samsung Builds Connectivity into the Kitchen at the 2018 Pacific Coast Builders Conference

Samsung Newsroom June 29, 2018 Chef Collection, Cortland Partners, Flex Duo, FlexZone, Home Appliances, Medallion Home, PCBC, Samsung Chef Collection, Virtual Flame™

Homes are getting smarter. According to ABI Research, the number of residences with at least one smart home device is projected to increase to 280 million over

China Mobile, Tencent, and Huawei Jointly Complete Verification of 5G eMBB Slice with stable latency in AR Games

Huawei Latest Updates June 29, 2018

China Mobile, Tencent, and Huawei jointly announced the completion of the verification of 5G network slices which designed for enhanced mobile broadband (eMBB) services requiring stable network latency in augmented reality (AR) games during the Mobile …

Samsung System LSI Showcases Innovative Semiconductor Technology at 2018 MWC Shanghai

Samsung Newsroom June 28, 2018 Dual Pixel, Exynos 7 Series 9610, Exynos 9 Series 9810, ISOCELL Fast 2L9, ISOCELL Plug and Play solution, ISOCELL Plus, NFC, Semiconductors, Smart Speaker, Tetracell

The 2018 Mobile World Congress Shanghai (MWCS) sees Samsung Electronics’ System LSI Business (“S.LSI”) showcase its innovative semiconductor

Automating your app releases with Google Play

Android Developers June 28, 2018 API, Google Play, Play Console, Releases

Posted by Nicholas Lativy, Software Engineer

At Google I/O we shared how Google’s own apps make use of Google Play for successful launches and updates and introduced the new Google Play Developer Publishing API Version 3.

The Publishing API enables you to integrate publishing operations into your existing release process or automated workflows by providing the ability to upload APKs and roll out releases. Here’s an overview of some of the improvements you can now take advantage of in Version 3 of the API.

Releases in the API

The Publishing API now uses the release model you are familiar with from the Play Console.

{
  "track": "production",
  "releases": [
    {
      "name": "Release One", 
      "versionCodes": ["100"],
      "status": "completed"
    }
  ]
}

This gives you full control over releases via the API allowing a number of operations which were previously available only in the Play Console. For example, you can now control the name of releases created via the API, and we have now relaxed the constraints on what can be rolled out via the API to match the Play Console.

Additional testing tracks

The API now supports releasing to any of the testing tracks you have configured for your application as well as the production track. This makes it possible to configure your continuous integration system to push a new build to your internal test track as soon as it’s ready for QA.

Staged rollout

Staged rollouts are the recommended way to deploy new versions of your app. They allow you to make your new release available to a small percentage of users and gradually increase this percentage as your confidence in the release grows.

Staged rollouts are now represented directly in the API as inProgress releases.

{
  "track": "production",
  "releases": [
    {
      "versionCodes": ["100"],
      "status": "completed"
    },
    {
      "versionCodes": ["200"],
      "status": "inProgress",
      "userFraction": 0.1
    }
  ]
}

You can now halt a staged rollout via the API by changing its status to halted. This makes it possible to automatically respond to any problems you detect while performing a rollout. If it turns out to be a false alarm, the API now also allows you to resume a halted release by changing its status back to inProgress.

Release notes

Release notes are a useful way to communicate to users new features you have added in a release. In V3 we have simplified how these are specified via the API by adding the releaseNotes field to release.

{
  "track": "production",
  "releases": [
    {
      "versionCodes": ["100"],
      "status": "completed",
      "releaseNotes": [
        {
          "language": "en-US",
          "text": "Now it's easier to specify release notes."
        },
        {
           "language": "it-IT",
           "text": "Ora è più semplice specificare le note sulla versione."
        }
    }
  ]
}

Draft releases

We know that while many developers are comfortable deploying test builds automatically, they like using the Play Console when rolling out to production.

So, in the V3 API we have added the ability to create and manage Draft Releases.

{
  "track": "production",
  "releases": [
    {
      "name": "Big Launch",
      "versionCodes": ["200"],
      "status": "draft"
    }
  ]
}

This allows you to upload APKs or App Bundles and create a draft release from your continuous integration system, and then have your product manager log in, check that everything looks good, and hit “Confirm and Rollout”.

We hope you find these features useful and take advantage of them for successful launches and updates with Google Play. If you’re interested in some of the other great tools for distributing your apps, check out the I/O sessions which have now been posted to the Android Developers YouTube Channel.

How useful did you find this blogpost?


Huawei’s Wi-Fi Network with High Bandwidth and Low Latency Supports the Migu Health and Fitness Festival

Huawei Latest Updates June 28, 2018

At MWC Shanghai 2018, as the sole partner for Wi-Fi network coverage in the Migu Health and Fitness Festival exhibition hall, Huawei uses the CloudCampus solution to provide high-quality Wi-Fi network access for various services such as VR E-Sports and…

Samsung Receives the Industry’s First Environmental Product Declaration Certificate for 512Gb V-NAND and 860 EVO 4TB SSD

Samsung Newsroom June 28, 2018 512Gb V-NAND, 860 EVO 4TB SSD, DDR3 DRAM, EPD, LPDDR, NAND flash, Press Release, Semiconductors, SSD

  Samsung Electronics, the world leader in advanced memory technology, today announced that it is being recognized for its environmental reliability by

Compiler-based security mitigations in Android P

Android Developers June 27, 2018 android p, security

Posted by Ivan Lozano, Information Security Engineer

Android’s switch to LLVM/Clang as the default platform compiler in Android 7.0 opened up more possibilities for improving our defense-in-depth security posture. In the past couple of releases, we’ve rolled out additional compiler-based mitigations to make bugs harder to exploit and prevent certain types of bugs from becoming vulnerabilities. In Android P, we’re expanding our existing compiler mitigations, which instrument runtime operations to fail safely when undefined behavior occurs. This post describes the new build system support for Control Flow Integrity and Integer Overflow Sanitization.

Control Flow Integrity

A key step in modern exploit chains is for an attacker to gain control of a program’s control flow by corrupting function pointers or return addresses. This opens the door to code-reuse attacks where an attacker executes arbitrary portions of existing program code to achieve their goals, such as counterfeit-object-oriented and return-oriented programming. Control Flow Integrity (CFI) describes a set of mitigation technologies that confine a program’s control flow to a call graph of valid targets determined at compile-time.

While we first supported LLVM’s CFI implementation in select components in Android O, we’re greatly expanding that support in P. This implementation focuses on preventing control flow manipulation via indirect branches, such as function pointers and virtual functions—the ‘forward-edges’ of a call graph. Valid branch targets are defined as function entry points for functions with the expected function signature, which drastically reduces the set of allowable destinations an attacker can call. Indirect branches are instrumented to detect runtime violations of the statically determined set of allowable targets. If a violation is detected because a branch points to an unexpected target, then the process safely aborts.

Assembly-level comparison of a virtual function call with and without CFI enabled.

Figure 1. Assembly-level comparison of a virtual function call with and without CFI enabled.

For example, Figure 1 illustrates how a function that takes an object and calls a virtual function gets translated into assembly with and without CFI. For simplicity, this was compiled with -O0 to prevent compiler optimization. Without CFI enabled, it loads the object’s vtable pointer and calls the function at the expected offset. With CFI enabled, it performs a fast-path first check to determine if the pointer falls within an expected range of addresses of compatible vtables. Failing that, execution falls through to a slow path that does a more extensive check for valid classes that are defined in other shared libraries. The slow path will abort execution if the vtable pointer points to an invalid target.

With control flow tightly restricted to a small set of legitimate targets, code-reuse attacks become harder to utilize and some memory corruption vulnerabilities become more difficult or even impossible to exploit.

In terms of performance impact, LLVM’s CFI requires compiling with Link-Time Optimization (LTO). LTO preserves the LLVM bitcode representation of object files until link-time, which allows the compiler to better reason about what optimizations can be performed. Enabling LTO reduces the size of the final binary and improves performance, but increases compile time. In testing on Android, the combination of LTO and CFI results in negligible overhead to code size and performance; in a few cases both improved.

For more technical details about CFI and how other forward-control checks are handled, see the LLVM design documentation.

For Android P, CFI is enabled by default widely within the media frameworks and other security-critical components, such as NFC and Bluetooth. CFI kernel support has also been introduced into the Android common kernel when building with LLVM, providing the option to further harden the trusted computing base. This can be tested today on the HiKey reference boards.

Integer Overflow Sanitization

The UndefinedBehaviorSanitizer’s (UBSan) signed and unsigned integer overflow sanitization was first utilized when hardening the media stack in Android Nougat. This sanitization is designed to safely abort process execution if a signed or unsigned integer overflows by instrumenting arithmetic instructions which may overflow. The end result is the mitigation of an entire class of memory corruption and information disclosure vulnerabilities where the root cause is an integer overflow, such as the original Stagefright vulnerability.

Because of their success, we’ve expanded usage of these sanitizers in the media framework with each release. Improvements have been made to LLVM’s integer overflow sanitizers to reduce the performance impact by using fewer instructions in ARM 32-bit and removing unnecessary checks. In testing, these improvements reduced the sanitizers’ performance overhead by over 75% in Android’s 32-bit libstagefright library for some codecs. Improved Android build system support, such as better diagnostics support, more sensible crashes, and globally sanitized integer overflow targets for testing have also expedited the rollout of these sanitizers.

We’ve prioritized enabling integer overflow sanitization in libraries where complex untrusted input is processed or where there have been security bulletin-level integer overflow vulnerabilities reported. As a result, in Android P the following libraries now benefit from this mitigation:

  • libui
  • libnl
  • libmediaplayerservice
  • libexif
  • libdrmclearkeyplugin
  • libreverbwrapper

Future Plans

Moving forward, we’re expanding our use of these mitigation technologies and we strongly encourage vendors to do the same with their customizations. More information about how to enable and test these options will be available soon on the Android Open Source Project.

Acknowledgements: This post was developed in joint collaboration with Vishwath Mohan, Jeffrey Vander Stoep, Joel Galenson, and Sami Tolvanen

Launching the Indie Games Accelerator in Asia – helping gaming startups find success on Google Play

Android Developers June 27, 2018 android developers, Featured, Google Play, Indie Games Accelerator, Launchpad Accelerator

Posted by Anuj Gulati, Developer Marketing Manager, Google Play and Sami Kizilbash, Developer Relations Program Manager, Google

Emerging markets now account for more than 40% of game installs on Google Play. Rapid smartphone adoption in these regions presents a new base of engaged gamers that are looking for high quality mobile gaming experiences. At Google Play, we are focused on helping local game developers from these markets achieve their full potential and make the most of this opportunity.

Indie Games Accelerator is a new initiative to support top indie game startups from India, Indonesia, Malaysia, Pakistan, Philippines, Singapore, Thailand and Vietnam who are looking to supercharge their growth on Android. This four month program is a special edition of Launchpad Accelerator, designed in close collaboration with Google Play, featuring a comprehensive gaming curriculum and mentorship from top mobile gaming experts.

Successful participants will be invited to attend two all-expense-paid gaming bootcamps at the Google Asia-Pacific office in Singapore, where they will receive personalized mentorship from Google teams and industry experts. Additional benefits include Google Cloud Platform credits, invites to exclusive Google and industry events, and more.

Visit the program website to find out more and apply now.

How useful did you find this blogpost?


New team assembled to unlock the innovation potential in healthcare data

Peter Lee June 26, 2018 Featured, Healthcare, Microsoft Healthcare, The Official Microsoft Blog

It’s an exciting time to be working shoulder-to-shoulder with our healthcare partners and customers, who represent some of the brightest minds in this important industry. We have been approaching the complexities of the healthcare industry with a growth mindset, and for the past two years our team has worked across Microsoft to accelerate healthcare innovation…

The post New team assembled to unlock the innovation potential in healthcare data appeared first on The Official Microsoft Blog.

The Best Advice for How Non-Technical Founders Can Skyrocket Their Business

Vinay Koshy June 25, 2018 Business Growth, non technical founders, scaling a business

Apple, Alibaba, Amazon and Airbnb and more, all had non-technical founders. Founders that have been able to build tech startups into what are now well-respected tech giants.
So how do they do it? How do these famous non-technical founders scale their b…

It’s almost time! Imagine Cup 2018 Championship judges and special guest announced

Charlotte Yarkoni June 25, 2018 Featured, Imagine Cup, The Official Microsoft Blog

This year’s Imagine Cup host is Corey Sanders, the corporate vice president for Azure Compute. Corey’s no stranger to innovation — he holds four patents and was the creator of the Infrastructure-as-a-service offering for Azure. And, last year’s emcee, Kate Yeager, is making a return appearance to call the action.

The post It’s almost time! Imagine Cup 2018 Championship judges and special guest announced appeared first on The Official Microsoft Blog.

How to Send Money to Colombia: Here Are the 8 Best Ways to Do It

Dave Nevogt June 24, 2018 management, Outsourcing, Pay contractors in colombia, Pay contractors in Columbia, send money to colombia, send money to Columbia

Leading a remote team opens up a new world of possibilities. What was once limited to one office building can now be done from almost anywhere on the planet. It’s pretty amazing when you think about it. However, like most things, managing remote team isn’t without its challenges. One of those challenges being, of course,…

The post How to Send Money to Colombia: Here Are the 8 Best Ways to Do It appeared first on Remote Team Management, Startup Marketing & Growth Blog by Hubstaff.

Page 1 of 4
Scroll Up