Tag Archives: Android Developer

Wear OS by Google: final API 28 emulator with new redesigned UI

Posted by Hoi Lam, Lead Developer Advocate

Today, we are launching the final API 28 emulator image for developers. This image will also contain the UI redesign we announced in August. You should verify that your app's notification works well with the new notification steam, and that your apps work well against changes previously announced for API 28.

What's new in API 28?

Here are the highlights of the API 28 emulator:

  • New notification stream - You should make sure that your notifications are branded correctly, using color, and that the notification is sufficiently concise to fit into the new layout. Custom notification layout is no longer supported.
  • App Standby Buckets - Wear OS prioritizes app requests for resources based on how recent and how frequently the apps have been used. Developers are advised to follow best practices to ensure that their app behaves well, whichever bucket the apps are in.
  • User input and data privacy - To enhance user privacy, API 28 introduced new changes which limit background apps' access to device sensors. Depending on app requirements, developers may need to use a foreground service to enable continual access to sensor data.

Please note that changes related to the new notification stream are being rolled out to devices supporting API 25 and up. You can test how your notification will behave now, before roll-out is complete, by using the API 28 emulator image.

Keep your feedback coming

Just because we are now in release build does not mean that our work stops here. Please continue to submit all bug / enhancement requests via the Wear OS by Google issue tracker.

Finally, we are grateful for all of your valuable feedback during the developer preview. It played an important role in our decision making process - especially concerning App Standby Buckets. Thank you!

The Android Dev Summit app is live! Get ready for November 7-8

Posted by Matt Pearring, Associate Product Marketing Manager, Developer Marketing

In just a week, we'll be kicking off Android Dev Summit 2018, broadcasting live from the Computer History Museum in Mountain View, CA on November 7 and 8. We'll have two days of deep technical sessions from the Android engineering team, with over 30 sessions livestreamed. The app just went live; download it on Google Play and start planning.

With the app you can explore the conference schedule with details on keynotes, sessions, and lightning talks. You can also plan your summit experience by saving events to your personalized schedule. This year's app is also an Instant app, so you can try it out first before installing it!

Android Dev Summit app screenshots

If you can't join in person, you can always join us online — we'll be livestreaming all of the sessions on the Android Dev Summit website or app and making them available on YouTube throughout the conference so you can watch at your own pace. Plus, we will share updates directly from the Computer History Museum to our social channels, so be sure to follow along!

Make the most of Notifications with the redesigned Wear OS by Google

Posted by Hoi Lam, Lead Developer Advocate, Wear OS by Google

Today we announced that we are evolving the design of Wear OS by Google to help you get the most out of your time - providing quicker access to your information and notifications. Notifications can come from the automatic bridging of the phone's notification or be generated by a local Wear app running on the watch. Whether you are a phone developer, a Wear app developer, or both, there are a few things you will need to know about the new notification stream.

The new notification stream

Until now, each notification took up the entire screen in Wear OS. Although this provided more space to include things like inline action, it also meant it took a long time for the user to go through all their notifications. The new notification stream is more compact, and can display multiple notifications on the same screen. This means users can process their notification streams more quickly.

What this means for developers

  • Concise notification content is even more important. The new unexpanded notification on Wear will show up to three lines of text. Because this is already more information than a single line unexpanded notification on the user's phone, if your notification works on the phone unexpanded, it should be fine on Wear.
  • Brand notification with color. The default title and icon color for notification is white. Developers can now convey their brand identities by customizing the color of the title and icon tint using setColor.
  • Custom notification layout will no longer be supported. Previously developers used setDisplayIntent to inflate a custom activity inside the notification stream. We have found that the custom layout often does not take into account of the device form factor, and is difficult to keep up to date as Wear OS's notification experience evolves. As a result, we will no longer support this in notifications.
  • Inline action is being reviewed. To save space, the new layout no longer display inline action in the stream and setHintDisplayActionInline will be ignored. Users can continue to access notification actions including inline action when they tap to expand the notification. Our design team is reviewing whether we should include inline action in a future release. As a result, before a decision is made, we are not deprecating the related APIs. We will keep the developer community updated in due course.

As always, the current best practices for notification still apply. In particular, for messaging apps developers, we strongly encourage the use of MessagingStyle notification and enabling on-device Smart Reply through setAllowGeneratedReplies.

We will start rolling these changes out in the next month, so watch for updates on your Wear OS by Google smartwatch!

AndroidX Development is Now Even Better

Posted by Aurimas Liutikas, software engineer on AndroidX team

AndroidX (previously known as Android Support Library) started out as a small set of libraries intended to provide backwards compatibility for new Android platform APIs and, as such, its development was strictly tied to the platform. As a result, all work was done in internal Google branches and then pushed to the public Android Open Source Project (AOSP) together with the platform push. With this flow, external contributions were limited to a narrow window of time where the internal and AOSP branches were close in content. On top of that, it was difficult to contribute -- in order to do a full AndroidX build and testing, external developers had to check out >40GB of the full Android platform code.

Today, the scope of AndroidX has expanded dramatically and includes libraries such as AppCompat for easier UI development, Room for database management, and WorkManager for background work. Many of these libraries implement higher-level abstractions and are less tied to new revisions of the Android platform, and all libraries are designed with backwards compatibility in mind from the start. Several libraries, such as RecyclerView and Fragment, are purely AndroidX-side implementations with few ties to the platform.

Starting a little over two years ago, we began a process of unbundling -- moving AndroidX out of Android platform builds into its own separate build. We had to do a great deal of work, including migrating our builds from make to Gradle as well as migrating all of our API tracking tools and documentation generation out of the platform build. With that process completed, we reached a point where a developer can now check out a minimal AndroidX project, open it in Android Studio, and build using the public SDK and public Android Gradle Plugin.

The Android developer community has long expressed a desire to contribute more easily to AndroidX; however, this was always a challenge due to the reasons described above. This changes today: AndroidX development is moving to public AOSP. That means that our primary feature development (except for top-secret integrations with the platform 😀) and bug fixes will be done in the open using the r.android.com Gerrit review tool and changes will be visible in the aosp/androidx-master-dev branch.

We are making this change to give better transparency to developers; it gives developers a chance to see features and bug fixes implemented in real-time. We are also excited about receiving bug fix contributions from the community. We have written up a short guide on how to go about contributing a patch.

In addition to regular development, AOSP will be a place for experimentation and prototyping. You will see new libraries show up in this repository; some of them may be removed before they ship, change dramatically during pre-alpha development, or merge into existing libraries. The general rule is that only the libraries on maven.google.com are officially ready for external developer usage.

Finally, we are just getting started. We apologize for any rough edges that you might have when contributing to AndroidX, and we request your feedback via the public AndroidX tracker if you hit any issues.

Google Play security metadata and offline app distribution

Posted by James Bender, Product Manager, Google Play

In December last year we announced that we would be making updates to app security to help verify product authenticity from Google Play. We are now adding a small amount of security metadata on top of APKs to verify that the APK was distributed by Google Play.

One of the reasons we're doing this is to help developers reach a wider audience, particularly in countries where peer-to-peer app sharing is common because of costly data plans and limited connectivity.

In the future, for apps obtained through Play-approved distribution channels, we'll be able to determine app authenticity while a device is offline, add those shared apps to a user's Play Library, and manage app updates when the device comes back online. This will give people more confidence when using Play-approved peer-to-peer sharing apps.

This also benefits you as a developer as it provides a Play-authorized offline distribution channel and, since the peer-to-peer shared app is added to your user's Play library, your app will now be eligible for app updates from Play.

No action is needed by developers or by those who use your app or game. We're adjusting Google Play's maximum APK size to take into account the small metadata addition, which is inserted into the APK Signing Block. In addition to improving the integrity of Google Play's mobile app ecosystem, this metadata will also present new distribution opportunities for developers and help more people keep their apps up to date.

How useful did you find this blogpost?

#IMakeApps – Celebrating app makers worldwide

Posted by Patricia Correa, Director, Developer Marketing, Platforms & Ecosystems

The Android developer ecosystem is made up of exceptional individuals with different backgrounds, interests, and dreams. To celebrate the people who make up our community, starting today, and over the coming months, we'll be meeting with developers, founders, product managers, designers, and others from around the world to hear more about their passions and discover what they do when they step away from their computers.

Watch stories featuring adventurer Niek Bokkers from Polarsteps (Netherlands), artist Faith Ringgold from Quiltuduko (USA) and chair restorer Hans Jørgen Wiberg from Be My Eyes (Denmark). You can also read more about them and their apps on g.co/play/imakeapps.

Share your story

We'd love to hear from you too. Use the hashtag #IMakeApps on your social channels, sharing the app or game you work on, your role in its creation, and an image that best depicts who you are outside of work. We will regularly select and share some of our favorites on our channels.

If you also want to get featured in an upcoming #IMakeApps film, tell us more about yourself and your app or game, by completing this self-nomination form.

Stay tuned for more #IMakeApps stories by following us on Twitter, YouTube and LinkedIn.

How useful did you find this blogpost?

Time to celebrate the 2018 Google Play Award nominees

Posted by Purnima Kochikar, Director, Apps and Games Business Development, Google Play

This year's Google Play Awards will take place on Monday, May 7th, kicking off the week of Google I/O. Celebrating our third year, we're excited to highlight nine categories; some you may recognize from previous years, along with new additions highlighting growth areas and trends we're focused on, such as building for emerging markets.

Each year, the Google Play Awards recognize top apps and games on Google Play. They represent some of the best experiences available on Android, with an emphasis on overall quality, strong design, technical performance, and innovation. The nominees were selected by various teams across Google, and all meet criteria thresholds covering high star rating, Android vitals, and have had a launch or major update since April 2017.

Congratulations to this year's nominees below and don't forget to check them out on the Google Play store at g.co/play/gpa2018.

Standout Well-Being App

Apps empowering people to live the best version of their lives, while demonstrating responsible design and engagement strategies

Best Accessibility Experience

Apps or games enabling device interaction in an innovative way that serves people with disabilities or special needs

Best Social Impact

Apps or games that create a positive impact in communities around the world (focused on health, education, crisis response, refugees, financial health & fundraising functions)

Standout Indie

Games from indie developers that focus on artistic design, gameplay mechanics, and overall polish

Best Community Building Game

Games built to connect gamers, encouraging social interaction and community building

Best AR or VR Experience

Apps or games offering highly engaging and immersive experiences with optimal use of ARCore or Daydream UI

Standout Build for Billions Experience

Apps or games with optimized performance, localization, and culturalization for emerging markets

Standout Startup

Apps from new developers that offer a unique experience while achieving strong organic install growth.

Best Breakthrough Hit

New apps or games with excellent overall design, user experience, engagement and retention, and strong organic install growth

Come back on Monday, May 7th when we announce the winners, and until then, make sure to try out some of these great apps and games on Google Play at g.co/play/gpa2018.

How useful did you find this blogpost?

Introducing new Android Excellence apps and games on Google Play

Kacey Fahey, Developer Marketing, Google Play

Congratulations to the latest apps and games featured in the Android Excellence program on Google Play. As a reminder, these collections are refreshed every three months and recognize apps and games that set the bar for high quality, great user experience, and strong technical performance.

If you're looking for some new apps, here are a few highlights.

  • Adobe Photoshop Lightroom CC: Capture, edit, and share your photos with the power of Lightroom on your mobile device. Use presets for quick and easy edits, or dive in with the advanced editing tools.
  • Seven - 7 Minute Workout Training Challenge: Use this app to fit seven minute workouts into your busy lifestyle. Grab your phone, or even your Wear OS device to work out anywhere and anytime. Keep it up to earn achievements and join the 7 Club for even more support.
  • SoloLearn: Learn to Code for Free: Learn one of many new coding languages by joining a community of millions. Tap in to the 24/7 peer support, or create your own lessons to become a community influencer.

Here are a few of our favorite new games joining the collection.

  • CodyCross: Crossword Puzzles: Try this game for a fun new style of crossword puzzles. Play for free on adventure mode or subscribe for special themed packs, varying difficulty levels and fresh content added weekly.
  • MARVEL Contest of Champions: Play with your favorite Marvel Super Heroes and Super Villians in iconic locations from the Marvel Universe. Assemble your team of champions to play through the exciting storyline and even build alliances with your friends.
  • Orbital 1: Test your skills in this real-time multiplayer game with beautiful 3D graphics. Collect and upgrade fighters and weapons to build out your perfect squad for quick battles and new daily quests.

See the full list of Android Excellence apps and games.

New Android Excellence apps New Android Excellence games
Adobe Photoshop Lightroom CC

Dashlane

Holstelworld

iCook

Keeper Password Manager

Keepsafe Photo Vault

Mobisystems OfficeSuite

PhotoGrid

Runtastic Results

Seven - 7 Minute Workout Training Challenge

SoloLearn: Learn to Code for Free

Tube Map

WPS Office

Angry Birds 2

Azur Lane アズールレーン

CodyCross

Into the Dead 2

Little Panda Restaurant

MARVEL Contest of Champions

Orbital 1

Rooms of Doom

Sky Dancer Run

Sling Kong

Soul Knight

Explore other great apps and games in the Editors' Choice section on Google Play and discover best practices to help you build quality apps and games.

How useful did you find this blogpost?

Double Stuffed Security in Android Oreo

Posted by Gian G Spicuzza, Android Security team

Android Oreo is stuffed full of security enhancements. Over the past few months, we've covered how we've improved the security of the Android platform and its applications: from making it safer to get apps, dropping insecure network protocols, providing more user control over identifiers, hardening the kernel, making Android easier to update, all the way to doubling the Android Security Rewards payouts. Now that Oreo is out the door, let's take a look at all the goodness inside.

Expanding support for hardware security

Android already supports Verified Boot, which is designed to prevent devices from booting up with software that has been tampered with. In Android Oreo, we added a reference implementation for Verified Boot running with Project Treble, called Android Verified Boot 2.0 (AVB). AVB has a couple of cool features to make updates easier and more secure, such as a common footer format and rollback protection. Rollback protection is designed to prevent a device to boot if downgraded to an older OS version, which could be vulnerable to an exploit. To do this, the devices save the OS version using either special hardware or by having the Trusted Execution Environment (TEE) sign the data. Pixel 2 and Pixel 2 XL come with this protection and we recommend all device manufacturers add this feature to their new devices.

Oreo also includes the new OEM Lock Hardware Abstraction Layer (HAL) that gives device manufacturers more flexibility for how they protect whether a device is locked, unlocked, or unlockable. For example, the new Pixel phones use this HAL to pass commands to the bootloader. The bootloader analyzes these commands the next time the device boots and determines if changes to the locks, which are securely stored in Replay Protected Memory Block (RPMB), should happen. If your device is stolen, these safeguards are designed to prevent your device from being reset and to keep your data secure. This new HAL even supports moving the lock state to dedicated hardware.

Speaking of hardware, we've invested support in tamper-resistant hardware, such as the security module found in every Pixel 2 and Pixel 2 XL. This physical chip prevents many software and hardware attacks and is also resistant to physical penetration attacks. The security module prevents deriving the encryption key without the device's passcode and limits the rate of unlock attempts, which makes many attacks infeasible due to time restrictions.

While the new Pixel devices have the special security module, all new GMS devices shipping with Android Oreo are required to implement key attestation. This provides a mechanism for strongly attesting IDs such as hardware identifiers.

We added new features for enterprise-managed devices as well. In work profiles, encryption keys are now ejected from RAM when the profile is off or when your company's admin remotely locks the profile. This helps secure enterprise data at rest.

Platform hardening and process isolation

As part of Project Treble, the Android framework was re-architected to make updates easier and less costly for device manufacturers. This separation of platform and vendor-code was also designed to improve security. Following the principle of least privilege, these HALs run in their own sandbox and only have access to the drivers and permissions that are absolutely necessary.

Continuing with the media stack hardening in Android Nougat, most direct hardware access has been removed from the media frameworks in Oreo resulting in better isolation. Furthermore, we've enabled Control Flow Integrity (CFI) across all media components. Most vulnerabilities today are exploited by subverting the normal control flow of an application, instead changing them to perform arbitrary malicious activities with all the privileges of the exploited application. CFI is a robust security mechanism that disallows arbitrary changes to the original control flow graph of a compiled binary, making it significantly harder to perform such attacks.

In addition to these architecture changes and CFI, Android Oreo comes with a feast of other tasty platform security enhancements:

  • Seccomp filtering: makes some unused syscalls unavailable to apps so that they can't be exploited by potentially harmful apps.
  • Hardened usercopy: A recent survey of security bugs on Android revealed that invalid or missing bounds checking was seen in approximately 45% of kernel vulnerabilities. We've backported a bounds checking feature to Android kernels 3.18 and above, which makes exploitation harder while also helping developers spot issues and fix bugs in their code.
  • Privileged Access Never (PAN) emulation: Also backported to 3.18 kernels and above, this feature prohibits the kernel from accessing user space directly and ensures developers utilize the hardened functions to access user space.
  • Kernel Address Space Layout Randomization (KASLR): Although Android has supported userspace Address Space Layout Randomization (ASLR) for years, we've backported KASLR to help mitigate vulnerabilities on Android kernels 4.4 and newer. KASLR works by randomizing the location where kernel code is loaded on each boot, making code reuse attacks probabilistic and therefore more difficult to carry out, especially remotely.

App security and device identifier changes

Android Instant Apps run in a restricted sandbox which limits permissions and capabilities such as reading the on-device app list or transmitting cleartext traffic. Although introduced during the Android Oreo release, Instant Apps supports devices running Android Lollipop and later.

In order to handle untrusted content more safely, we've isolated WebView by splitting the rendering engine into a separate process and running it within an isolated sandbox that restricts its resources. WebView also supports Safe Browsing to protect against potentially dangerous sites.

Lastly, we've made significant changes to device identifiers to give users more control, including:

  • Moving the static Android ID and Widevine values to an app-specific value, which helps limit the use of device-scoped non-resettable IDs.
  • In accordance with IETF RFC 7844 anonymity profile, net.hostname is now empty and the DHCP client no longer sends a hostname.
  • For apps that require a device ID, we've built a Build.getSerial() API and protected it behind a permission.
  • Alongside security researchers1, we designed a robust MAC address randomization for Wi-Fi scan traffic in various chipsets firmware.

Android Oreo brings in all of these improvements, and many more. As always, we appreciate feedback and welcome suggestions for how we can improve Android. Contact us at security@android.com.

_____________________________________________________________________

1: Glenn Wilkinson and team at Sensepost, UK, Célestin Matte, Mathieu Cunche: University of Lyon, INSA-Lyon, CITI Lab, Inria Privatics, Mathy Vanhoef, KU Leuven

Making Pixel better for Drivers

Posted by Marc Stogaitis and Tajinder Gadh, Software Engineers

Driving is an essential part of our daily activities. So at Google we spend a lot of time thinking how we can make Android devices better and safer for our users. How we can prevent distracted driving and together build an open ecosystem to enable safety first smartphone experiences.

Recently we launched Driving Do-Not-Disturb on the newly announced Pixel 2 generation of devices. Once enabled, Driving Do-Not-Disturb automatically puts your device into a do not disturb mode while driving. During this mode any incoming messages and notifications are silenced while you can still receive incoming calls, navigation directions and voice interactions using a connected Car bluetooth. The product is designed to limit distractions during driving while at the same time not getting in the way so users can continue to use navigation or other similar apps with minimal friction.

Behind the scenes, it uses AI powered on-device Activity Recognition that detects when a person is driving using low power signals from multiple sensors, bluetooth and WiFi. Activity Recognition uses the Android Sensor Hub to ensure low latency, low power and accurate driving detection.

This is a next step in our journey, but we are far from done. Early next year we are introducing the Activity Recognition Transition Api, which is the same Api used by Driving Do Not Disturb to build distraction-free driving experiences.

We appreciate the feedback, and will continue to listen to your feedback as the product evolves.

If you have questions about setting up the Driving Do-Not-Disturb, check out our Help Center.