Skip to content

Instantly share code, notes, and snippets.

Avatar

Scott Alexander-Bown scottyab

View GitHub Profile
View gist:b4b9db988568b5e93c05
Verifying that +scottyab is my openname (Bitcoin username). https://onename.io/scottyab
@scottyab
scottyab / Installer
Created Sep 17, 2014
Tamper checks
View Installer
import android.content.Context;
import android.content.pm.ApplicationInfo;
import android.content.pm.PackageInfo;
public class InstallerCheck{
private static final String PLAY_STORE_APP_ID = "com.google.android";
public static boolean verifyInstaller(final Context context) {
View remove2x.sh
#!/bin/bash
#rename file names to remove the "@2x"
for i in *@2x.*; do
mv "$i" "${i/@2x/}"
done
@scottyab
scottyab / .gitignore
Last active Aug 29, 2015
My .gitignore file for Android development
View .gitignore
# gimpy mac thingy
.DS_Store
# IDEA Ignores
*.iml
*.ipr
*.iws
.idea/
# Local configuration file (sdk path, etc)
@scottyab
scottyab / IntentExtraEample.java
Created May 14, 2014
When using Intent extras, pass an Id rather than the object as Intent extras 'could' be intercepted and read be a malicious app.
View IntentExtraEample.java
//bad passing the whole paracable object
public static Intent getStartingIntent(Context context,
User user) {
Intent i = new Intent(context, UserDetailsActivity.class);
i.putExtra(EXTRA_USER, user);
return i;
}
//better to pass just the ID to lookup the user details
public static Intent getStartingIntent(Context context,
@scottyab
scottyab / SafePendingIntent.java
Created May 14, 2014
Creating an explicit pending intent is safer than implicit
View SafePendingIntent.java
//explicit (to MyService)
Intent intent = new Intent(context, MyService.class);
PendingIntent pi = PendingIntent.getService(getApplicationContext(), 0, intent, PendingIntent.FLAG_UPDATE_CURRENT);
//implicit
Intent intent = new Intent("com.my.app.action")
PendingIntent pi = PendingIntent.getService(getApplicationContext(), 0, intent, PendingIntent.FLAG_UPDATE_CURRENT);
View SaferWebViewClient.java
/**
* Implements whitelisting on host name
*/
public class SaferWebViewClient extends WebViewClient {
private String[] hostsWhitelist;
public SaferWebViewClient(String hostsWhitelsit){
super();
this.hostsWhitelist = hostsWhitelist;
@scottyab
scottyab / Installation.java
Last active Aug 29, 2015
Code from http://android-developers.blogspot.co.uk/2011/03/identifying-app-installations.html -- For the vast majority of applications, the requirement is to identify a particular installation, not a physical device. Fortunately, doing so is straightforward. There are many good reasons for avoiding the attempt to identify a particular device. Fo…
View Installation.java
package com.vf.tools
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.RandomAccessFile;
import java.util.UUID;
import android.content.Context;
View keybase.md

Keybase proof

I hereby claim:

  • I am scottyab on github.
  • I am scottyab (https://keybase.io/scottyab) on keybase.
  • I have a public key whose fingerprint is 88AE 289F 03AE 3684 94BA B89F A056 9F94 AD10 76CD

To claim this, I am signing this object:

@scottyab
scottyab / QuickInstallScript.sh
Last active Aug 29, 2015
From article http://www.vkalchev.co.uk/content/quickinstallapk/ Spoke to Val and he clarified the Licensed under the Apache License, Version 2.0
View QuickInstallScript.sh
#!/bin/bash
#Licensed under the Apache License, Version 2.0 (the "License");
#you may not use this file except in compliance with the License.
#You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
#Copyright 2013 Valentin Kalchev
#Date: 26/02/2013
#Target: Mac OS X Terminal + Android ADB + AAPT
sharePackageName=""
You can’t perform that action at this time.