Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "android certificate"
-
Apple iPhone testing without being on the app store is so annoying, I had to sign up some people to test the app I've been working on and had issues on my end, it really is this whole security bullshit, really it isn't needed.
I couldn't get the team provisional certificate thing to show up because when I clicked the account the team certificate settings would disappear, only after right clicking and hitting help then clicking the team while it was selected could I go to the right window.
I don't see why it's so damn hard to do this crap.
Yet with Android, it's so easy.
I really have issues with the testing for this iPhone app, I went through so many different ways to try and get it to work.
Anyways all done, crashlytics is an awesome testing tool if you can get around that small issue I had.4 -
Bought an ebook that turned out to be a .DRM file
...that only worked with that publisher's Android app
......that only works with Android versions < 6.0 (I use Android 9)
Tried it anyway, which among incompatibility issues, was raising a certificate error. I contacted the publisher about it
..."sorry, the author did not give us permission to sell this. You can have your money back"
What
Why are you even advertising it on your website as a publisher then??7 -
Fucking youtube ads... Showing me the same retarded ad 100s of times a day will definitely make me buy the thing, real fucking geniuses...
I am still looking for a way to block them forever on android, but I have no idea how. I've been looking for a public key or some sort of certificate in the apk so I could at least do a man in the middle, but no luck so far..14 -
Made an Android app a while ago. I needed some pet project so I decided to go with Java for Android. First time, no experience at all.
So everything went ok, I had a little help from a colleague, structuring code, and pushing to the store. Work done app was doing ok.
A year later I came back to this project. I needed to fix a bug - date time and daylight savings crap. 😥
Spent a week on it. Ready to push a new version to the store, with some extra features! Build apk. All good.
Wait. I need to sign the APK? Wtf. I had to format my hard drive. How do I recover my fucking certificate?
*Google's for a while*
No fucking way. I can't restore the certificate. Or get the keystore back. The solution is to create a new app with a brand new package name?
Thanks for nothing, I'm done with Android development.9 -
Disclaimer - Day in the life of a whitehat student.
Whitehat Whitehat Whitehat
What is this????
When I attended my first white hat jr online free trial class, I got to know that the teachers does not know the difference between java and javascript. Infact they were saying blockly as javascript. I was knowing the difference between the same. There were 3 types of courses -
***Note : - This information is taken from the whitehat official website***
1.) Introduction to Coding :-
Sequence, Fundamentals Coding Blocks, Loops
(Teach us to drag and drop blocks of code.org(blockly))
2.) App Developer Certificate:-
Events / UI,Conditionals, Complex Loop, Logic Structures, Turtle Coding
(Advanced drag and drop(blockly))
3.) Advance Coding with Space Tech -
Extended UI/UX, Rich GUI app, Space Tech simulation in Space Lab / Game Lab, Professional Game Design.
(GUI - with tkinter(python), Game Design - Blockly(code.org))
These things are rubbish ......making GUI's is simplest with tkinter and the students who make games (with code.org) submit their codes to the whitehat community (because the teacher says "they will compile it to an android app, then you can publish it to playstore" --- this is for 1% students who are able to design their own games).
The thing whitehat do with code given by 1% best students:-
Export to HTML from code.org
Download HTML to APK Convertor
Setup SDK
Successfully converted to APK!
Publish it to Whitehat Jr console account
Credits of the students
Income of the exporters
Rest all students will only think to be the CEO of google one day.
My Opinion - StackOverflow, Unity for Game Development, Android Studio, Dart, Flutter and Kivy (using google colab for compiling the python code to an apk) for app development and Flask, HTML, CSS for web development.7 -
HELP, ITS A MESS!!
Here is a thing : 30 hours ago, i was completely free nd useless .Had a lot of reminders to open source & learn new techs for upcoming summer vacations .
But day before yesterday my friend called me to say that he got a 6 month internship in web from some (not so big) startup and they were looking for some Android dev too, so he gave my name and wanted me to mail him my resume.
I did, and within half an hour he called, discussed about the work and wanted to test me.(as i said i didn't had plans for internship , leave alone a sudden test, but the company was work from home so i didn't denied ) The test was a big one but easy, he wanted me to design 15 UI activities for an app by looking at the wireframe. I asked for next 6 hours, did it in 4.5 and submitted him the repo...
THE TROUBLE STARTS NOW...
1) He seemed impressed i guess, coz the next day when he saw my message, he Created a group of 5 people within a few minutes and started assigning tasks(?!) And in the personal chat what he said was just weird : "You are the lead for this project" (WTF??!?)
2)I had already mentioned him that i currently had exams so won't be doing any much of practical work but after every few grp messages, he was trying to assign me some task and a deadline. Weirdly, the test was actually a wireframe based on the project idea from some of their client , and just to show my skills, i have designed layouts of 15 of their activities of their app.
3) The negetive part comes like this: THERE IS NO MONEY AND ITS A 6 MONTH INTERNSHIP !! Fed up of this continues indirect deadlines, i asked him What's my responsibilities as a team dev, what will be my tenure and what will be the pay to which he replies that:
"there is no stipend for this, we have multiple projects lined up in which you can contribute and your internship period is 6 months which could be increased/decreased on the basis of your performance. You will get a PPO, Internship certificate , mentor support and intellectual code rights (which i am guessing means my 2 word name in the about pages of the apps i develop for them ) .And as a lead , you will be getting an experience in leadership skills "
I am really confused. Work from home seems like a relaxing thing , and being a team lead for the first time definitely would make me a little more confident. But why does it feel to be kind of fraud plan? Plus there is no pay and i would be ignoring my creativity ideas for this (not completely but i am sure anyone giving a job would expect some work from me eceryday ).
WHAT SHOULD I DO???3 -
Spent days to setup a newer-Android version with reverse-proxy-HTTPS certificate in its CA store + one that'd support Google Play and signing in (old school man-in-the-middle).
FINALLY got the API calls of this 1 app whose unofficial client I wanted to make coz their main sucks ass. Just to get stuck on the phone-number-based OTP that they use for their login (:
They send a unique token for each OTP request, I assumed they're using some hard-coded string based function, which they decrypt on their backend to verify.
Downloaded their APK and decompiled. Went through dozens of weird-ass-named classes (coz decompiled). For the 2nd time I thought I had it!
But no -.- they call Google's Firebase messaging for the phone-num OTP n that function simply called firebase, looked into that service n ofc it's very tightly coupled with the calling API's backend
It was fun while it lasted I guess~~~1 -
!rant
I need to quickly test how my web app works on mobile
PROBLEM: some of my features require https. I can test from my pc on localhost just fine, since localhost works.
From Android, however, those features are blocked, since I reach my webapp with my IP address; it is not localhost so Chrome raises a middle finger when I try to access the camera from an unsecured website -and rightly so.
I really need to get these tests done, how am I supposed to do?
I install an SSL certificate on my pc?!?
I disable Chrome security checks on my Android?!? (is that even possible?)
I install bluestacks real quick and hope everything works fine?!?
Wwyd?4 -
My way through front end started with a simple request of changing a blog CSS.. which I knew nothing of. Looking back it feels odd starting with CSS then HTML, JS and now first PHP; but oh well what ever works?
That was a couple of years ago and lately I've done couple of minor freelance projects and have helped students at my university with it (I studied network engineer because I doubted myself..).
I never felt that I knew enough of programming or front end.. that I wasn't really "good enough" to apply for a job even though I almost finish the frontend certificate at FCC, did the Android application schoolar via Google and have worked a lot with Adobe CC overall and help people with their front end issues from school, even with library's I haven't touched (mighty power of Google search and quick learning).
Now sit here as a stockmen in my lunch break being all excited for one thing based on a conclusion I took last week.. if I never try to follow my passion for it, I'll stay a stockmen.. so I applied for s frontend job and got a call in for an interview today. I still doubt myself but figure I must try.. I do not wish to stay where I have been the whole year but to move on and work as a front end Dev. If I get it.. than Santa came early and if not.. well.. keep on evolving and trying I guess. *Holding thumbs* -
I've been since friday with my boss trying to implement bridge between an SDK of another company for Android and iOS (yes the project is in React Native).
Today I've managed to put all the code that is needed to make that bridge and made tests. But in order to test the SDK functions, we need the info that should be easy to request through a service... The service is made with soap, using a certificate .p12.
*No problem, follow the documentation and everything will be okay* I thought... Even the example request in the docs doesn't give a 200 response. And when we finally made a 200 request, it still returned and error code...
And this isn't even the best part. Today we talked to the person that has been collaborating with us, and even he says "Implementing with this company is always hard". Even their worker knows it!!!! -
Made an app for a client on both iOS and Android, published the the app on app store and google play at the same time week ago, google published the app within 2 hours, apple still though, WHY THE FUCK WE PAY THEM 99$ LER YEAR BRUH, THEY NEED A CERTIFICATE OF OWNER SHIP ON THE APP BRAND NAME SMH, CHANGE THIS AND THAT, FUCK THIS SHIT 2 WEEKS TO PUBLISH AN APP AND MY CLIENT IS YELLING WTF3
-
I have the following scenario with a proposed solution, can anyone please confirm it is a secure choice:
- We have critical API keys that we do not want to ship with the app because de-compiling will give access to those keys, and the request is done before the user logs in, we are dealing with guests
Solution:
- Add a Lambda function which accepts requests from the app and returns the API keys
- Lambda will accept the following:
1. Android app signing key sha1
2. iOS signing certificate sha1
- If lambda was able to validate them API keys are sent back.
My concerns:
- Can an attacker read the request from the original (non-tampered) apk and see what the actual sha1 value is on his local network?
- If the answer to the question above is yes, what is the recommended way to validate that the request received is actually from the app that we shipped and not from curl/postman/script/modified version of the app11 -
Looking for iOS and Android app developers to join startup in Rutherford, NJ area. Must be able to show portfolio of apps and have some published. Must be able to pull and compare data with sensitive databases (social security number, passport, birth certificate, etc) to verify user. You will be compensated hourly. Must sign NDA.