Huawei AppGallery vulnerability gives away paid apps for free

A vulnerability has been discovered in Huawei’s AppGallery that enables paid apps to be downloaded for free.

Huawei claims that AppGallery is now the third-largest app store in the world—serving over 600 million Huawei device users in over 170 countries/regions.

Dylan Roussel, an Android developer, wanted to know how Huawei’s APIs worked. He figured out that one API took an app’s package name as a parameter and returned a JSON object with the details of the...

Web3: Ethereum leads in developers, falling behind in activity

According to a16z’s 2022 State of Crypto report, Ethereum is maintaining its lead in web3 developers but rivals are overtaking in activity.

The report opens with some history of the various web eras and why web3 has many people excited:

Web1 (~1990-2005) – Based on open protocols, decentralised, and community-governed. However, relatively basic in terms of functionality.Web2 (~2005-present) – Siloed, centralised services with value and content ownership granted to a...

Apple allows subscription price increases without explicit consent

Apple is changing its policy around auto-renewing subscriptions; allowing them to be increased in price without explicit user consent.

Under the previous policy, a user would be alerted to the price change and have to manually accept any increase. Failing to accept the new pricing would result in the subscription being automatically cancelled at the next renewal.

The new approach still alerts users to price changes but no longer requires the user to opt-in before it...

Apple begins notifying developers invited to WWDC22

Apple is sending out RSVPs to developers invited to attend its first in-person WWDC since the COVID-19 pandemic.

With Google I/O now behind us, Apple’s conference will be the next big event in many developers’ diaries. The annual event is normally packed to the rafters but over the pandemic had been relegated to online-only affairs.

This year’s event is returning to having a physical presence and the company has invited a limited number of developers to...

ARCore Geospatial API helps developers build immersive experiences

During I/O 2022, Google launched its ARCore Geospatial API to help developers build more immersive, richer, and more useful experiences.

Augmented reality experiences are beginning to gain traction beyond Pokémon Go. Now there are AR apps for making floorplans, seeing how furnishings will look in your home, understanding the world around you, and even getting real-time information about the night sky.

Google showed off enhancements to its own AR solution, Lens, during...

Android Studio will soon help developers fix broken UIs on Chromebooks

Android Studio will soon make it much easier for developers to fix broken UIs when their apps are used on Chromebooks.

Chromebook users have suffered from all sorts of issues since Google enabled support for Android apps. Many of these problems stem from how apps designed for Android respond when confronted with freeform windows and other desktop features.

The ‘Electric Eel’ release of Android Studio will bring with it the new Desktop Android Virtual Device...

Play Store blocks users in Russia from purchasing or updating paid apps

Google is blocking users in Russia from purchasing or updating paid applications as the fallout continues from the country’s invasion of Ukraine.

The company paused billing for Russian users on 10 March 2022 due to sanctions imposed on the country. That decision impacted new app purchases, as well as in-app purchases and subscription payments.

However, Google has now updated its policy and says that it is “blocking the downloading of paid apps and updates to paid...

As demand for enterprise apps booms, agility can be found in low-code solutions

For the modern business, the ability to adapt to rapidly shifting changes within your industry, supply chain and workforce is crucial to long-term success. How quickly a business can pivot to make the most of trends and adapt to changing circumstances is made easier by embracing digital transformation and seeking out tools to make your business more flexible and scalable and therefore more effective, sustainable and profitable. 

As Gartner predicts that low-code will account...

Building a new execution platform for Redis clients

Over the last decade, Redis has become a popular, widely used in-memory cache.

Unlike most distributed caches, it offers a compelling set of built-in data structures that enhance its capabilities beyond just storing serialised objects. Created in 2009 as a single-server store to assist in the design of a web server, Redis gives applications numerous useful options for organising and retrieving stored data, including sets, lists, hashes, and sorted sets.

A few years on...

GitHub will mandate 2FA to help secure the software supply chain

GitHub will require all users who contribute code on the platform to use 2FA as part of its latest security improvements.

Attacks on the software supply chain are on the increase. GitHub, which has over 83 million code-contributing users, is stepping up to the plate to protect developers and the software supply chain with this major policy change announcement.

“At GitHub, we believe that our unique position as the home for all developers grants us both an opportunity...