By John Severinson, News Partnerships Upsala Nya Tidning (UNT), a Swedish paper serving the city of Uppsala, wanted a better way to gain insight into the daily lives of their community. Specifically, they heard rumblings that the highly-touted train system…
By Tamara Hrivnak, Head of Music Business Development and Partnerships, Facebook Independent artists and labels are an important part of a rich music tapestry. Each of their voices and sounds matter to people. And people matter to Facebook. We are excited…
Few things capture the way we think and feel like the memes, GIFs and silly emojis; all of these have transformed the way we communicate and turned us into
Designed to make your every touch, tap and swipe on the phone more purposeful, Galaxy S9 and S9+’s intuitive UX seamlessly translates simple gestures into
The Galaxy S9 has attracted worldwide attention since its March launch. To celebrate this, Samsung is displaying its latest flagship smartphone on billboards
Samsung Electronics today announces its first participation in the biennial EuroCucina 2018 in Milan, as part of its commitment to strengthening its
Next Monday, Microsoft will once again have a major presence at the Digital Factory Hall at Hannover Messe, the world’s largest annual manufacturing exhibition in Hannover, Germany. As we started planning, it struck me that the reason our booth is one of the largest in the Digital Factory Hall is because our most important manufacturing partners will join us and our customers to showcase innovations that are transforming decades-old businesses and opening doors to revenue streams, new business models and service offerings that didn’t exist five years ago.
The post Partners make industrial IoT factories more capable than ever at Hannover Messe 2018 appeared first on The Official Microsoft Blog.
When it comes to the state of the current TV market, it’s clear that consumers are after larger screens, a trend driven by rising income levels and changing
Samsung Electronics has been the world’s number one TV manufacturer for 12 consecutive years now. During that time, Samsung TVs have continuously raised the
Posted by Nate Fischer, Software Engineer
Since 2007, Google Safe Browsing has been protecting users across the web from phishing and malware attacks. It protects over three billion devices from an increasing number of threats, now also includin…
Samsung Electronics today announced partnerships with BuzzFeed and The Dodo to make everyday moments epic with the Samsung Galaxy S9 and S9+’s Super Slow-mo
We are living in a world where almost everything is becoming connected, whether it’s the electrical grid, phone system, our cars, or the appliances that heat our home or chill our food. As this Internet of Things (IoT) continues to proliferate, so does the threat of debilitating cyber-attacks, like last year’s devastating ransomware attacks that…
The post Using intelligence to advance security from the edge to the cloud appeared first on The Official Microsoft Blog.
By Carlin Scrudato, CrowdTangle Partnerships The Indianapolis Colts demonstrate exactly what it looks like when a club leverages CrowdTangle to its fullest. Amber Derrow is the Social Media Coordinator for the Colts, and a team of exactly one. What you’ll…
By Joseph Lichterman, Senior Business Associate, The Lenfest Institute Executives from 14 U.S. metro news publishers gathered at Facebook New York on March 28th and 29th to learn and share best practices for building and growing digital subscriptions, as part of…
Posted by Dave Smith, Developer Advocate for IoT
Earlier this year at CES, we showcased consumer products powered by Android Things from partners like Lenovo, LG, JBL, iHome, and Sony. We are excited to see Android Things enable the wider developer ecosystem as well. Today we are announcing the final preview release of Android Things, Developer Preview 8, before the upcoming stable release.
Feature complete SDK
Developer Preview 8 represents the final API surface exposed in the Android Things support library for the upcoming stable release. There will be no more breaking API changes before the stable v1.0 release of the SDK. For details on all the API changes included in DP8, see the release notes. Refer to the updated SDK reference to review the classes and methods in the final SDK.
This release also brings new features in the Android Things developer console to make building and managing production devices easier. Here are some notable updates:
Production-focused console enhancements
With an eye towards building and shipping production devices with the upcoming LTS release, we have made several updates to the Android Things developer console:
- Enhanced OTA: Unpublish the current OTA build when issues are discovered in the field.
- Visual storage layout: Configure the device storage allocated to apps and data for each build, and get an overview of how much storage your apps require.
- Font/locale controls: Configure the set of supported fonts and locales packaged into each build.
- Group sharing: Product sharing has been extended to include support for Google Groups.
The new app library enables you to manage APKs more easily without the need to package them together in a separate zipped bundle. Track individual versions, review permissions, and share your apps with other console users. See the app library documentation for more details.
On mobile devices, apps request permissions at runtime and the end user grants them. In earlier previews, Android Things granted these same permissions automatically to apps on device boot. Beginning in DP8, these permissions are granted using a new interface in the developer console, giving developers more control of the permissions used by the apps on their device.
This change does not affect development, as Android Studio grants all permissions by default. Developers using the command line can append the
-g flag to the
adb install command to get the same behavior. To test how apps on your device behave with certain permissions revoked, use the
$ adb shell pm [grant|revoke] <permission-name> ...
App launch behavior
Embedded devices need to launch their primary application automatically after the device boots, and relaunch it if the app terminates unexpectedly. In earlier previews, the main app on the device could listen for a custom
IOT_LAUNCHER intent to enable this behavior. Beginning in DP8, this category is replaced by the standard CATEGORY_HOME intent.
<activity android:name=".HomeActivity"> ... <!-- Launch activity automatically on boot, relaunch on termination. --> <intent-filter> <action android:name="android.intent.action.MAIN"/> <category android:name="android.intent.category.HOME"/> <category android:name="android.intent.category.DEFAULT"/> </intent-filter> </activity>
Apps that contain an
IOT_LAUNCHER intent filter will no longer be triggered on boot. Update your apps to use CATEGORY_HOME instead.
Thanks to all of you in the developer community for sharing your feedback with us throughout developer preview. Join Google’s IoT Developers Community on Google+ to let us know what you’re building with Android Things and how we can improve the platform in future releases to help you build connected devices at scale!
Posted by Erik Kline, Android software engineer, and Ben Schwartz, Jigsaw software engineer
The first step of almost every connection on the internet is a DNS query. A client, such as a smartphone, typically uses a DNS server provided by the Wi-Fi or cellular network. The client asks this DNS server to convert a domain name, like www.google.com, into an IP address, like 2607:f8b0:4006:80e::2004. Once the client has the IP address, it can connect to its intended destination.
When the DNS protocol was designed in the 1980s, the internet was a much smaller, simpler place. For the past few years, the Internet Engineering Task Force (IETF) has worked to define a new DNS protocol that provides users with the latest protections for security and privacy. The protocol is called “DNS over TLS” (standardized as RFC 7858).
Like HTTPS, DNS over TLS uses the TLS protocol to establish a secure channel to the server. Once the secure channel is established, DNS queries and responses can’t be read or modified by anyone else who might be monitoring the connection. (The secure channel only applies to DNS, so it can’t protect users from other kinds of security and privacy violations.)
DNS over TLS in P
The Android P Developer Preview includes built-in support for DNS over TLS. We added a Private DNS mode to the Network & internet settings.
By default, devices automatically upgrade to DNS over TLS if a network’s DNS server supports it. But users who don’t want to use DNS over TLS can turn it off.
Users can enter a hostname if they want to use a private DNS provider. Android then sends all DNS queries over a secure channel to this server or marks the network as “No internet access” if it can’t reach the server. (For testing purposes, see this community-maintained list of compatible servers.)
DNS over TLS mode automatically secures the DNS queries from all apps on the system. However, apps that perform their own DNS queries, instead of using the system’s APIs, must ensure that they do not send insecure DNS queries when the system has a secure connection. Apps can get this information using a new API:
With the Android P Developer Preview, we’re proud to present built-in support for DNS over TLS. In the future, we hope that all operating systems will include secure transports for DNS, to provide better protection and privacy for all users on every new connection.
As more people enjoy music and video through their smartphones, even greater importance is placed on the multimedia capabilities of our mobile devices. In the
With months of ideation, research, creation and pitching behind them, three schools have been named national winners in the $2 million* Samsung Solve for
Originally posted by Jen Person on the Firebase Blog.
In 2016, we unveiled Firebase Cloud Messaging (FCM) as the next evolution of Google Cloud Messaging (GCM). Since then, we’ve been working hard to make Firebase Cloud Messaging even more powerfu…
Offering a cord-free, ergonomic design, standalone music playback, automatic activity tracking and a built-in Running Coach, Samsung’s Gear IconX earbuds were
Posted by Chad Brubaker, Senior Software Engineer Android Security
Android is committed to keeping users, their devices, and their data safe. One of the ways that we keep data safe is by protecting all data that enters or leaves an Android device with Transport Layer Security (TLS) in transit. As we announced in our Android P developer preview, we’re further improving these protections by preventing apps that target Android P from allowing unencrypted connections by default.
This follows a variety of changes we’ve made over the years to better protect Android users.To prevent accidental unencrypted connections, we introduced the
android:usesCleartextTraffic manifest attribute in Android Marshmallow. In Android Nougat, we extended that attribute by creating the Network Security Config feature, which allows apps to indicate that they do not intend to send network traffic without encryption. In Android Nougat and Oreo, we still allowed cleartext connections.
How do I update my app?
If your app uses TLS for all connections then you have nothing to do. If not, update your app to use TLS to encrypt all connections. If you still need to make cleartext connections, keep reading for some best practices.
Why should I use TLS?
Android considers all networks potentially hostile and so encrypting traffic should be used at all times, for all connections. Mobile devices are especially at risk because they regularly connect to many different networks, such as the Wi-Fi at a coffee shop.
All traffic should be encrypted, regardless of content, as any unencrypted connections can be used to inject content, increase attack surface for potentially vulnerable client code, or track the user. For more information, see our past blog post and Developer Summit talk.
Isn’t TLS slow?
How do I use TLS in my app?
Once your server supports TLS, simply change the URLs in your app and server responses from http:// to https://. Your HTTP stack handles the TLS handshake without any more work.
If you are making sockets yourself, use an SSLSocketFactory instead of a SocketFactory. Take extra care to use the socket correctly as SSLSocket doesn’t perform hostname verification. Your app needs to do its own hostname verification, preferably by calling
getDefaultHostnameVerifier() with the expected hostname. Further, beware that
HostnameVerifier.verify() doesn’t throw an exception on error but instead returns a boolean result that you must explicitly check.
I need to use cleartext traffic to…
While you should use TLS for all connections, it’s possibly that you need to use cleartext traffic for legacy reasons, such as connecting to some servers. To do this, change your app’s network security config to allow those connections.
We’ve included a couple example configurations. See the network security config documentation for a bit more help.
Allow cleartext connections to a specific domain
If you need to allow connections to a specific domain or set of domains, you can use the following config as a guide:
<network-security-config> <domain-config cleartextTrafficPermitted="true"> <domain includeSubdomains="true">insecure.example.com</domain> <domain includeSubdomains="true">insecure.cdn.example.com</domain> </domain-config> </network-security-config>
Allow connections to arbitrary insecure domains
If your app supports opening arbitrary content from URLs over insecure connections, you should disable cleartext connections to your own services while supporting cleartext connections to arbitrary hosts. Keep in mind that you should be cautious about the data received over insecure connections as it could have been tampered with in transit.
<network-security-config> <domain-config cleartextTrafficPermitted="false"> <domain includeSubdomains="true">example.com</domain> <domain includeSubdomains="true">cdn.example2.com</domain> </domain-config> <base-config cleartextTrafficPermitted="true" /> </network-security-config>
How do I update my library?
If your library directly creates secure/insecure connections, make sure that it honors the app’s cleartext settings by checking isCleartextTrafficPermitted before opening any cleartext connection.
Samsung Electronics today announced that Samsung Tomorrow Solution 2018, a competition to find the ideas for solutions that can change the future for the