// Find the camera device with flash (if it exists) String[] cameraIds = manager.getCameraIdList(); for (String cameraId : cameraIds) { CameraCharateristics cc = manager.getCameraCharacteristics(cameraId); if(cc.get(CameraCharacteristics.FLASH_INFO_AVAILABLE )) { manager.setTorchMode(cameraId, true); return true; } } return false; } OR set screen brightness to the max <uses-permission android:name="android.permission.WRITE_SETTINGS"/> Settings.System.putInt(context.getContentResolver(), Settings.System.SCREEN_BRIGHTNESS, 255 ); Thoughtful use of peripherals
accurate) String locationProvider = LocationManager.NETWORK_PROVIDER; Location lastKnownLocation = locationManager.getLastKnownLocation(locationProvider); Location - accurate (but takes some time) String locationProvider = LocationManager.GPS_PROVIDER; LocationListener locationListener = new LocationListener() { public void onLocationChanged(Location location) { makeUseOfNewLocation(location); } locationManager.requestLocationUpdates(locationProvider, 0, 0, locationListener); // Make a best estimate of location … // Remove the listener you previously added locationManager.removeUpdates(locationListener); Enter it for me
◦ Apps uploaded for Managed Play via the API • New apps - August 2018 • App updates - November 2018 • TONS of documentation • NEW! Google Play API Level Requirement
Trust preinstalled CAs --> <certificates src="system" /> <!-- Additionally trust user added CAs --> <certificates src="user" /> </trust-anchors> </domain-config> </network-security-config> Be conscious of support for user-added CAs Android 7.0+
result to your server Validate JWS A. Validate SSL cert chain B. Verify signature of JWS Check nonce, timestamp and APK information fields. Use basicIntegrity & ctsProfileMatch 1. 2. 3. 4. 5. 6. byte[] nonce = getRequestNonce(); SafetyNetApi.attest(mGoogleApiClient, nonce) .setResultCallback( new ResultCallback<AttestationResult>() { @Override public void onResult( AttestationResult result) { ... // JSON Web Signature response. String jws = result.getJwsResult(); // Send result to server and validate. sendSignInRequest(..., jws); } }); CLIENT SIDE Sample code on Github: googlesamples / android-play-safetynet
result to your server Validate JWS A. Validate SSL cert chain B. Verify signature of JWS Check nonce, timestamp and APK information fields. Use basicIntegrity & ctsProfileMatch 1. 2. 3. 4. 5. 6. JSON Web Signature message: { "nonce": "R2Rra24fVm5xa2Mg", "timestampMs": 9860437986543, "apkPackageName": "com.mycompany.example", "apkCertificateDigestSha256": ["SHA-256 hash of signing certificate"], "apkDigestSha256": "SHA-256 hash of the APK", "ctsProfileMatch": true, "basicIntegrity": true } SERVER SIDE Sample code on Github: googlesamples / android-play-safetynet
currently installed. Use the Google API client classes to connect to the SafetyNet API. PendingResult<HarmfulAppsResult> result = SafetyNetApi.listHarmfulApps(mGoogleApiClient); result.setResultCallback( new ResultCallback<HarmfulAppsResult>() { @Override public void onResult( HarmfulAppsResult harmfulResult) { // Last time all apps were scanned. long lastScanTimeMs = harmfulResult.getLastScanTimeMs(); // List of any PHAs installed. List<HarmfulAppsData> appList = harmfulResult.getHarmfulAppsList(); } });
Android apps • Runs a full, CTS-compatible Android image • Access to the full Play Store • Apps “just work” without code changes (including native code!) Android apps on ChromeOS More on this topic at 2:05PM!
Intent.resolveActivity() - result should be non null. Share data with other apps Use content URIs for sharing data between apps Grant other apps in same profile with Context.grantUriPermission() Don’t use file URIs
public void onReceive(Context context, Intent intent) { // Get the current configuration bundle Bundle appRestrictions = myRestrictionsMgr.getApplicationRestrictions(); } }; this.registerReceiver( restrictionsReceiver, new IntentFilter( Intent.ACTION_APPLICATION_RESTRICTIONS_CHANGED));
installs Managed configuration No need for a Google Account Full set of APIs for EMM integration Google Play benefits Secure: authenticated and encrypted delivery of signed apps Global server footprint Patch updates APK scanning Publishing tools such as alpha/beta testing and rollout management Reporting tools Automatic updates *dependent on EMM support Why?