tag:blogger.com,1999:blog-48581718385882736942024-03-05T20:32:47.900-08:00iOS & Android DevelopmentTools, Apps, Tips & Trickspkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.comBlogger916125tag:blogger.com,1999:blog-4858171838588273694.post-83516397547284532522022-09-05T01:00:00.000-07:002022-09-05T01:00:00.156-07:00The Trimodal Nature of Software Engineering Salaries<p>The software engineering compensation market becoming trimodal - split into three distinct groups that "spike" and that have little overlaps. Most engineers are not aware of this third, Big Tech pillar and the compensation ranges it introduces, assuming compensation can not go beyond what is offered at the second pillar: </p><div class="separator" style="clear: both; text-align: center;"><a href="https://blog.pragmaticengineer.com/content/images/size/w1000/2021/07/Screenshot-2021-07-10-at-04.45.19.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="513" data-original-width="800" height="513" src="https://blog.pragmaticengineer.com/content/images/size/w1000/2021/07/Screenshot-2021-07-10-at-04.45.19.png" width="800" /></a></div><br /><div>Read more about salary tier strategies and competable compensations:</div><div><a href="https://blog.pragmaticengineer.com/content/images/size/w1000/2021/07/Screenshot-2021-07-10-at-04.45.19.png" target="_blank">The Pragmatic Engineer</a></div>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-21454673216107049992022-09-05T00:54:00.002-07:002022-09-05T00:54:25.928-07:00The Pragmatic Engineer: Netflix’s historic introduction of levels for software engineering<p>"Netflix is considering the following leveling system"</p>- Engineer 1<br />- Engineer 2<br />- Senior<br />- Staff<br />- Principal<div><br /></div><div>The details of the system are still being worked out, and a proposal has been circulated within engineering. The proposal, understandably, has resulted in lots of questions, especially around whether existing engineers will be getting Staff or Principal titles. The original proposal made it seem that everyone would stay Senior, and with promotions, they could get to the next levels.</div><div><br /></div><div>Read more about the history and background:</div><div><a href="https://newsletter.pragmaticengineer.com/p/the-scoop-netflixs-historic-introduction" target="_blank">The Pragmatic Engineer</a></div>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-71269499438543029972022-09-01T01:37:00.000-07:002022-09-01T01:37:40.152-07:00Optimize App Retention with the Hooked Model<div class="separator" style="clear: both; text-align: center;"><a href="https://miro.medium.com/max/500/1*rFDxItJqVzG0QkELjfFAZA.jpeg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="755" data-original-width="500" height="320" src="https://miro.medium.com/max/500/1*rFDxItJqVzG0QkELjfFAZA.jpeg" width="212" /></a></div><p>Nir Eyal explores how applying the Hooked Model drives customer retention and engagement by fostering good habits</p><p></p><ol style="text-align: left;"><li>Trigger. An event that encourages someone to act, which is either an:</li><ol><li>External trigger: something in the environment — a ping, a ding, or a ring — that alerts a person to do something.</li><li>Internal trigger: the desire to escape from an uncomfortable emotional state.</li></ol><li>Action. A behavior that anticipates a reward — opening an app, scrolling a feed, checking a dashboard, or playing a video. The simpler the behavior is to accomplish, the more likely the user is to do it.</li><li>Reward. The user gets what they came for.</li><li>Investment. The user puts something back into the product that makes it better the next time they use it.</li></ol><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/iw1x0zos8Jo" width="320" youtube-src-id="iw1x0zos8Jo"></iframe></div><br /><div><a href="https://www.amazon.de/Hooked-How-Build-Habit-Forming-Products/dp/0241184835">https://www.amazon.de/Hooked-How-Build-Habit-Forming-Products/dp/0241184835</a></div><p></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-73564429229264857602022-08-21T23:56:00.002-07:002022-09-05T01:01:59.380-07:00iOS In-App Browser JavaScript injections to spy on user behaviour on 3rd party websites<p> iOS Privacy: Instagram and Facebook can track anything you do on any website in their in-app browser</p><p>The iOS Instagram and Facebook app render all third party links and ads within their app using a custom in-app browser. This causes various risks for the user, with the host app being able to track every single interaction with external websites, from all form inputs like passwords and addresses, to every single tap.</p><p><a href="https://krausefx.com/blog/announcing-inappbrowsercom-see-what-javascript-commands-get-executed-in-an-in-app-browser" target="_blank">KrauseFX</a></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-14006344141377647792022-06-29T00:43:00.008-07:002022-06-29T00:45:22.066-07:00Judo App - Server Driven UI out of the box<p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFVfskBq-cW0GfdzdyYlQ08kxr0rO-kWLBF1VUcr2dJJyBoHfx8EIkPy3bPB91bgRW_owuVCUtdwlv_gL-w-__9Xf6iwwPIXYfHMfkcaVMLw0MJUeGuaBmimb9ozkNQa2iFt7QLi4YXXEbeZrZtqf4PM7h_WuIfN3CWecLvsqeSGjvawjtxy8I21qU/s1189/Bildschirmfoto%202022-06-29%20um%2009.44.40.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="337" data-original-width="1189" height="114" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFVfskBq-cW0GfdzdyYlQ08kxr0rO-kWLBF1VUcr2dJJyBoHfx8EIkPy3bPB91bgRW_owuVCUtdwlv_gL-w-__9Xf6iwwPIXYfHMfkcaVMLw0MJUeGuaBmimb9ozkNQa2iFt7QLi4YXXEbeZrZtqf4PM7h_WuIfN3CWecLvsqeSGjvawjtxy8I21qU/w400-h114/Bildschirmfoto%202022-06-29%20um%2009.44.40.png" width="400" /></a></div><br /><b><br /></b><p></p><p><b>Judo App</b></p><p>Judo brings server-driven UI to your iOS and Android apps. Build user interfaces visually in a fraction of time and publish them instantly without submitting to the app store.</p><p><b>Build Experiences - With No Code</b></p><p>The Judo app for macOS, available through the App Store, is built for design professionals with common keyboard shortcuts and familiar concepts like canvas, layers and inspector panel. Workflow is streamlined with the ability to drag and drop media files directly into your experiences and manage your own Judo files in Finder.</p><p><b>Manage Creative Execution</b></p><p>A Judo experience is interactive and can include text, images, video and buttons. An experience may be part of a screen, a single screen, or more typically multiple linked screens. Judo supports screen transitions, carousels, horizontal scrolling and modals. Clients can add custom fonts and define global colors and these are updates applied universally.</p><p><b>Effortlessly Deploy</b></p><p>Judo Cloud syncs your experiences with your iOS and Android apps making them instantly available to your users. Open-source lightweight SDKs on iOS and Android handle rendering. Experiences are pre-loaded and cached before your users see them to avoid loading indicators.</p><p><b>Add API-Derived Content Using Real Data</b></p><p>Judo experiences can be personalized and dynamic. Judo experiences can connect to an existing CMS or third-party APIs to display live data. Judo handles all the tricky bits like loading state and populating lists. Dynamic content can take many forms such as images incorporating personalized text, merchandise recommendations, and point of interest data.</p><p><a href="https://www.judo.app" target="_blank">Judo App</a></p><p></p><div class="separator" style="clear: both; text-align: center;"><div class="separator" style="clear: both; text-align: center;"><br /><br /></div><br /><br /></div><br /><br /><p></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-63845334303713606902022-06-14T05:39:00.003-07:002022-06-14T05:39:22.306-07:00Bundeskartellamt prüft Apples Tracking-Regelungen für Dritt-Apps (ATT, App Tracking Transparency Framework)<p>Das Bundeskartellamt hat gegen das Technologieunternehmen Apple ein Verfahren zur kartellrechtlichen Prüfung seiner Tracking-Regelungen sowie des App Tracking Transparency Framework eingeleitet. Das Bundeskartellamt geht dabei insbesondere dem Anfangsverdacht nach, dass diese Regelungen Apples eigene Angebote bevorzugt behandeln und/oder andere Unternehmen behindern könnten.</p><p><a href="https://www.bundeskartellamt.de/SharedDocs/Meldung/DE/Pressemitteilungen/2022/14_06_2022_Apple.html;jsessionid=D3AFC45303F993C5B0D2A2D07BA00896.1_cid381?nn=3591568" target="_blank">14.06.2022 Pressemeldung Bundeskartellamt</a></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-28980660408190612062022-05-13T04:17:00.000-07:002022-05-13T04:17:02.169-07:00Now in Android - a new, open source, real-world sample app<p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEjBGstuW-1UoXpV3ULE8tAVflRxUvFT3cD0rfMUC2TTpw_WFQ4cYy_GfzrZ2Df7cIjZXvEzmI-_r5a7J8UeOR30pxvV9RzTBV_1f2b4NASydEUrFCKRBydPZb872gEteZFAc9U89egfDRbUmHEe86X2XMgwJ1FV_s6_hSRGrWO65APrjjzc80dMhOXr" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="781" data-original-width="1600" height="156" src="https://blogger.googleusercontent.com/img/a/AVvXsEjBGstuW-1UoXpV3ULE8tAVflRxUvFT3cD0rfMUC2TTpw_WFQ4cYy_GfzrZ2Df7cIjZXvEzmI-_r5a7J8UeOR30pxvV9RzTBV_1f2b4NASydEUrFCKRBydPZb872gEteZFAc9U89egfDRbUmHEe86X2XMgwJ1FV_s6_hSRGrWO65APrjjzc80dMhOXr" width="320" /></a></div><div class="separator" style="clear: both; text-align: left;">For this first alpha release, the Now in Android app includes:</div><div class="separator" style="clear: both; text-align: left;"><ul style="text-align: left;"><li>UI built using Jetpack Compose</li><li>Theme components with Material3</li><li>Adaptive layouts for different screen sizes</li><li>Architecture that follows our official guidance</li><li>A reactive programming model with unidirectional data flow, implemented using Kotlin Flows</li><li>Room and Proto DataStore for local data storage, offline first</li><li>Remote/local data synchronization scheduled using WorkManager with exponential backoff</li></ul><div><br /></div><div><a href="https://android-developers.googleblog.com/2022/05/now-in-android-sample-app-alpha.html" target="_blank">Android Developers</a></div></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: left;"><br /></div><br /> <p></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-38214755594777649522022-04-19T00:47:00.002-07:002022-04-19T00:47:14.778-07:00Simple made Easy: Rich Hickey<p></p><ul style="text-align: left;"><li> Design system as simple as possible to solve the business problem</li><li>Simple system are much easier to scale and extend than complex systems</li></ul><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/kGlVcSMgtV4" width="320" youtube-src-id="kGlVcSMgtV4"></iframe></div><br /><div><br /></div><p></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-16869043018152908592022-02-18T00:00:00.001-08:002022-02-18T00:20:14.315-08:00GitLab and Dropbox: Engineering Career Frameworks, plus collection of tools!<p><b>GitLab</b></p><p>These are the expected behaviours of Engineers at GitLab. Most engineers at GitLab are Intermediate or Senior, so the priority is to address these levels first.</p><p>Moving between levels, you should see that as engineers advance in their careers, their duties should encompass a higher degree of complexity, the scope of their influence should expand, and their contributions should become more impactful.</p><p>These behaviors should not be considered as a checklist for promotion. Excellent Engineers may struggle with one or two aspects of their job and their strengths in certain areas should make up for deficits in others. However, it is important to show a significant number of strengths to be considered for promotion.</p><p>Each of these behaviors should be achievable inside of normal working hours. If you feel that you need to work additional hours to be successful in your role you should talk to your manager.</p><p>Junior engineers are still included on this framework even though we are not actively hiring at this level. Further discussion about junior engineers can be found on the career development page.</p><p><b>Value Alignments</b><br /></p><p></p><ul style="text-align: left;"><li>Collaboration</li><li>Results</li><li>Efficiency</li><li>Diversity, Inclusion & Belonging</li><li>Iteration</li><li>Transparency</li></ul><div><br /></div><div><div><b>Technical Competencies</b></div><div><ul style="text-align: left;"><li>Quality</li><li>Complexity</li><li>Security</li><li>Technical Stewardship</li><li>Performance</li><li>Open Source</li></ul><div><br /></div></div></div><div><div><b>Leadership Competencies</b></div><div><ul style="text-align: left;"><li>Growing Others</li><li>Communication</li><li>Ambiguity</li><li>Business Acumen</li><li>Process</li></ul></div></div><p></p><p><a href="https://about.gitlab.com/handbook/engineering/career-development/career-matrix.html" target="_blank">GitLab</a></p><p><br /></p><p><b>Dropbox</b></p><p>What’s a Career Framework?</p><p>The Engineering Career Framework is your source for how to achieve impact for your role and team and how to grow in your engineering career. For managers, it can help you set expectations with your teams and hold them accountable for their work.</p><p>What the Career Framework is not</p><p>This framework is not a promotion checklist for your role; rather, it’s designed to help you figure out what your impact could look like at the next level.</p><p> This framework is not an exhaustive list of examples and behaviors; each responsibility includes three to four key behaviors that serve as guide for how to think about your work. Consequently, you’ll need to meet with your manager to define your impact goals and align on the expectations for your role. </p><p>What’s in a Career Framework?</p><p>This framework is broken down into two components:</p><p>Level Expectations define the scope, collaborative reach, and levers for impact at every level; these expectations are the what that determines the difference between an IC3 and IC4, for example</p><p></p><p>Core and Craft Responsibilities define the key behaviors specific to your role and team; these behaviors help you identify how you work to deliver impact based on your level expectations.</p><p><a href="https://dropbox.github.io/dbx-career-framework/overview.html" target="_blank">Dropbox</a></p><p><b>Collection of tools</b></p><p><a href="https://www.progression.fyi" target="_blank">Collection of progression frameworks and career ladders</a></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-85209674602859209062022-01-26T02:26:00.003-08:002022-01-26T02:26:21.253-08:00Writing High-Performance Swift Code<p></p><ul style="text-align: left;"><li>Enabling Optimizations</li><li>Whole Module Optimizations (WMO)</li><li>Reducing Dynamic Dispatch</li><li>Dynamic Dispatch</li><ul><li>Advice: Use 'final' when you know the declaration does not need to be overridden</li><li>Advice: Use 'private' and 'fileprivate' when declaration does not need to be accessed outside of file</li><li>Advice: If WMO is enabled, use 'internal' when a declaration does not need to be accessed outside of module</li></ul><li>Using Container Types Efficiently</li><ul><li>Advice: Use value types in Array</li><li>Advice: Use ContiguousArray with reference types when NSArray bridging is unnecessary</li><li>Advice: Use inplace mutation instead of object-reassignment</li></ul><li>Wrapping operations</li><ul><li>Advice: Use wrapping integer arithmetic when you can prove that overflow cannot occur</li></ul><li>Generics</li><ul><li>Advice: Put generic declarations in the same module where they are used</li></ul><li>The cost of large Swift values</li><ul><li>Advice: Use copy-on-write semantics for large values</li></ul><li>Unsafe code</li><ul><li>Advice: Use unmanaged references to avoid reference counting overhead</li></ul><li>Protocols</li><ul><li>Advice: Mark protocols that are only satisfied by classes as class-protocols</li></ul><li>The Cost of Let/Var when Captured by Escaping Closures</li><ul><li>Advice: Pass var as an inout if closure not actually escaping</li></ul><li>Unsupported Optimization Attributes</li></ul><div><a href="https://github.com/apple/swift/blob/main/docs/OptimizationTips.rst" target="_blank">GitHub Apple</a></div><p></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-28701417417635548792021-11-19T02:37:00.008-08:002021-11-19T02:45:59.336-08:0020 things learned in 20 years of software development<p>Some good points:</p><p>4. Best code is no code - less code to maintain</p><p>6. Sometimes you just have to get started</p><p><b>9. Nobody asks enough about “Why”</b></p><p>11. One of the biggest differences between junior and senior devs is the latter have a well founded, dedicated opionen about tools, with the skill to come to an agreement with others what to use in which context</p><p>17. Keep processes as lean as possible</p><p><a href="https://www.simplethread.com/20-things-ive-learned-in-my-20-years-as-a-software-engineer/" target="_blank">20 Things I’ve Learned in my 20 Years as a Software Engineer</a> (Simple Thread)</p><p><a href="https://www.golem.de/news/software-20-dinge-die-ich-in-20-jahren-als-entwickler-gelernt-habe-2111-161015.html" target="_blank">20 Dinge, die ich in 20 Jahren als Entwickler gelernt habe</a> (Golem)</p><p>PS. I would add: Having a vision helps to at least roughly steer all activities in the right direction. It needs to be accepted that the vision might change and steering will be adopted!</p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-13961897167232961692021-11-16T01:10:00.000-08:002021-11-16T01:10:03.554-08:00Software Engineering Salaries at Google: A Guide<p></p><ul style="text-align: left;"><li>Google Engineer Levels</li><ul><li>Software Engineer II (L3 | 0-1 year of experience)</li><li>Software Engineer III (L4 | 2+ years of experience)</li><li>Senior Software Engineer (L5 | Manager I equivalent)</li><li>Staff Software Engineer (L6 | Manager II equivalent)</li><li>Senior Staff Software Engineer (L7 | Senior Manager)</li><li>Principal Engineer (L8 | Director)</li><li>Distinguished Engineer (L9 | Senior Director)</li><li>Google Fellow (L10 | Vice President)</li><li>Senior Google Fellow (L11 | Senior Vice President)</li></ul><li>Google Software Engineer Salary</li><ul><li>Base compensation</li><li>Bonuses</li><li>Stock</li></ul><li>Google Software Engineer Stock Options</li><li>Benefits of Working at Google</li><ul><li>Insurance & Wellness</li><li>Transportation</li><li>Home, Financial, other</li></ul><li>Google vs Other Technology Companies</li><ul><li>vs Microsoft and Amazon avg</li></ul></ul><div><a href="https://careerkarma.com/blog/software-engineering-salary-google/">https://careerkarma.com/blog/software-engineering-salary-google/</a></div><p></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-19748077753776354922021-11-15T05:54:00.002-08:002021-11-16T04:09:48.337-08:00Different takes on A/B testing with native apps in Google Play and App Store<p> A short summary of options:</p><ul style="text-align: left;"><li><a href="https://en.wikipedia.org/wiki/Synthetic_control_method" target="_blank"><b>Synthetic Control Method</b></a></li><ul><li>Find a good prediction model on current data - and compare the real data after the change with the predicted data</li></ul><li><b>Phased Release/Staged Rollouts</b></li><ul><li>Phased release of new version and compare versus old version via tracking analytics</li><li>You can then compare the same content with different app versions on same OS</li></ul><li><b>Implement feature for one OS only - and compare</b></li><ul><li>Release for one OS only and compare versus other OS via tracking analytics</li></ul><li><b>Feature Toggles</b></li><ul><li>Feature toggle via remote config and switch feature on/off defining one or more explicit success criteria via Firebase A/B Testing</li></ul><li><b>Feature toggle and config options</b></li><ul><li>Feature toggle PLUS config via firebase remote config to not only switch on/off but do more experiments with different settings (color, number of items, sizes) via Firebase A/B Testing</li></ul><li><b>Server-driven UI and dynamic endpoints</b></li><ul><li>Using server driven UI, you can provide different endpoints and serve different endpoint URLs to the clients via remote config</li><li>You can pitch completely different UIs without manually adopting or releasing apps!</li></ul></ul><div>Some links:</div><div><ul style="text-align: left;"><li><a href="https://firebase.google.com/docs/remote-config">https://firebase.google.com/docs/remote-config</a></li><li><a href="https://firebase.google.com/docs/ab-testing">https://firebase.google.com/docs/ab-testing</a></li></ul></div>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-71036536982840641182021-11-04T07:33:00.006-07:002021-11-04T07:33:55.878-07:00Staff Engineer: Leadership beyond the management track<p> <img alt="StaffEng Banner" src="https://staffeng.com/banner.png" /></p><p>Nice blog post about staff (or engineering manager) archetypes:</p><p></p>Staff Engineer: Leadership beyond the management track<ul style="text-align: left;"><li>The <b>Tech Lead</b> guides the approach and execution of a particular team. They partner closely with a single manager, but sometimes they partner with two or three managers within a focused area. Some companies also have a Tech Lead Manager role, which is similar to the Tech Lead archetype but exists on the engineering manager ladder and includes people management responsibilities.</li><li>The <b>Architect</b> is responsible for the direction, quality, and approach within a critical area. They combine in-depth knowledge of technical constraints, user needs, and organization level leadership.</li><li>The <b>Solver</b> digs deep into arbitrarily complex problems and finds an appropriate path forward. Some focus on a given area for long periods. Others bounce from hotspot to hotspot as guided by organizational leadership.</li><li>The <b>Right Hand</b> extends an executive's attention, borrowing their scope and authority to operate particularly complex organizations. They provide additional leadership bandwidth to leaders of large-scale organizations.</li></ul><div>This blog also has a nice cal overview to visualize the different working approaches for each archetype:</div><div><img alt="Example calendar for a Tech Lead archetype" height="200" src="https://staffeng.com/archetypes//TechLeadCalendar.png" width="320" /></div><div><br /></div><div><a href="https://staffeng.com/guides/staff-archetypes" target="_blank">StaffEng</a></div><div><br /></div><div>If you want to read about this, checkout the book <a href="https://www.amazon.de/Staff-Engineer-Leadership-beyond-management/dp/1736417916/ref=sr_1_1?__mk_de_DE=%C3%85M%C3%85%C5%BD%C3%95%C3%91&crid=TTTY4JKDWJ80&keywords=staff+engineer+archetypes&qid=1636036137&sprefix=jordan+cp3.12%2Caps%2C60&sr=8-1" target="_blank">Staff Engineer: Leadership beyond the management track</a>!</div><p></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-51394489691255165582021-08-03T06:28:00.003-07:002021-08-03T06:28:24.108-07:00Unidirectional Data Flow with iOS: RxFeedback and CombineFeedback<p>Unidirectional Reactive Architecture. This is a RxSwift implemetation.</p><p><a href="https://github.com/shoheiyokoyama/RxFeedback">https://github.com/shoheiyokoyama/RxFeedback</a></p><p>Unidirectional Reactive Architecture. This is a Combine implemetation of ReactiveFeedback and RxFeedback</p><p><a href="https://github.com/sergdort/CombineFeedback">https://github.com/sergdort/CombineFeedback</a></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-5056378875239680662021-08-03T05:03:00.002-07:002021-08-03T05:03:58.129-07:00Point Free: Composable Architecture<p>Architecture is a tough problem and there’s no shortage of articles, videos and open source projects attempting to solve the problem once and for all. In this collection we systematically develop an architecture from first principles, with an eye on building something that is composable, modular, testable, and more.</p><p><a href="https://www.pointfree.co/collections/composable-architecture" target="_blank">Composable Architecture - Point Free</a></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-89219148061174880762021-06-02T01:28:00.003-07:002021-06-02T01:28:35.669-07:00Firebase Remote Config now supports automatic personalization!<p>Firebase Remote Config is a great tool to enable dynamic config, feature toggles or even A/B testing with your native apps.</p><p>Only thing you need to keep in mind that default update rate is 12h, but there is an official workaround for that for emergency use cases, trying avoid to exceed the quota (<a href="https://firebase.google.com/docs/remote-config/propagate-updates-realtime" target="_blank">Propagate Remote Config updates in real time</a>).</p><p>Now Google took it a step further, allowing automatic personalization via Firebase Remote Config!</p><blockquote><p>Last but not least, we’re putting the finishing touches on a new feature of Remote Config, called personalization. Personalization will give you the ability to automatically optimize individual user experiences to maximize the objectives you care about - such as revenue or engagement - through the power of machine learning. After a simple setup, personalization will continuously find and apply the right app configuration for each user to produce the best outcome, taking the load off of you. If you want an early look at this feature and to try it out for yourself, join our Alpha program.</p></blockquote><p><a href="https://firebase.googleblog.com/2021/05/whats-new-from-firebase-at-google-io.html#Firebase" target="_blank">Firebase Google Blog</a></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-89342395992059297822021-05-27T01:20:00.000-07:002021-05-27T01:20:06.888-07:00Lean prioritization matrix<p> <img height="435" src="https://3lsqjy1sj7i027fcn749gutj-wpengine.netdna-ssl.com/wp-content/uploads/2017/07/Picture1.png" width="668" /></p><p><br /></p><p>We are sorting the stream of stakeholder request and product ideas in a KPI-weighted table.</p><p><b>The Matrix</b></p><p>This 2x2 matrix</p><p></p><ul style="text-align: left;"><li><b>low effort vs. high effort</b></li><li><b>high value vs. low value</b></li></ul><div>is a nice and easy consumable visualization model.</div><div><br /></div><div><b><br /></b></div><div><b>The Weights</b></div><div><b><br /></b></div><div>Suggested weights are</div><p></p><div><ul style="text-align: left;"><li><b>Reach</b></li><ul><li>How many customers does the feature impact?</li></ul><li><b>Customers</b></li><ul><li>New/existing target groups</li></ul><li><b>Revenue</b></li><ul><li>Will it drive revenue either direct or via extended CLV?</li></ul><li><b>Acquisition</b></li><ul><li>Will the feature help drive new customers?</li></ul><li><b>Efficiency</b></li><ul><li>Does the feature help drive efficiency in customers’ lives – be that internal customers (colleagues), or external (paying) customers?</li></ul><li><b>Brand</b></li><ul><li>Does the feature enhance your brand awareness?</li></ul></ul><div><br /></div><div><b>The classification/quadrants</b></div><div><b><br /></b></div><div>Top left to bottom right</div><div><ul style="text-align: left;"><li><b>Q1</b></li><ul><li>Do it now!</li></ul><li><b>Q2</b></li><ul><li>Break it down and put in prio sequence</li></ul><li><b>Q3</b></li><ul><li>Gap filler</li></ul><li><b>Q4</b></li><ul><li>Forget about it... for now.</li></ul></ul><div><br /></div></div><div><a href="https://www.mindtheproduct.com/enter-matrix-lean-prioritisation/" target="_blank">Andy Wicks - Mind the product</a></div><div><br /></div></div><div><br /></div>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-51542638569240149932021-04-21T04:22:00.000-07:002021-04-21T04:22:49.731-07:00Xcodes.app - The easiest way to install and switch between Xcode versions<p> </p><div class="separator" style="clear: both; text-align: center;"><a href="https://github.com/RobotsAndPencils/XcodesApp/raw/main/screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="541" data-original-width="800" height="271" src="https://github.com/RobotsAndPencils/XcodesApp/raw/main/screenshot.png" width="400" /></a></div><p></p><div class="separator" style="clear: both;">The easiest way to install and switch between multiple versions of Xcode.</div><div class="separator" style="clear: both;"><div class="separator" style="clear: both;"><br /></div><div class="separator" style="clear: both;">If you're looking for a command-line version of Xcodes.app, try <span style="font-family: courier;">xcodes</span>.</div></div><p><a href="https://github.com/RobotsAndPencils/XcodesApp" target="_blank">GitHub.com RobotsAndPencils</a></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-26309847553828354712021-04-08T01:18:00.002-07:002021-04-08T01:18:45.755-07:00iOS and iPadOS Usage<div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqPERFtV3xKBuXZFCrPPS9HdkYqc0iVLsgOcVy-_5TvpoCrIEVtOAHaqmC60ISpvyVbEicch50RI2PYlsz_wadQJ55KOfq-v7YVHStE4UGVE1l33VyJzBh-EHVJiGmB54efJxCLHdRoEc/s999/Bildschirmfoto+2021-04-08+um+09.59.47.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="999" data-original-width="331" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqPERFtV3xKBuXZFCrPPS9HdkYqc0iVLsgOcVy-_5TvpoCrIEVtOAHaqmC60ISpvyVbEicch50RI2PYlsz_wadQJ55KOfq-v7YVHStE4UGVE1l33VyJzBh-EHVJiGmB54efJxCLHdRoEc/s320/Bildschirmfoto+2021-04-08+um+09.59.47.png" /></a></div><br /><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: left;">Please find here the official Apple stats of the iOS and iPadOS update rate - of the device sold the last four years (sic!).</div><div class="separator" style="clear: both; text-align: left;"><br /></div><div class="separator" style="clear: both; text-align: left;"><a href="https://developer.apple.com/support/app-store/" target="_blank">Apple Developer</a></div><br />pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-32770256019486213292021-04-08T00:30:00.001-07:002021-08-09T04:59:16.365-07:00How to make your iOS (and Android) app secure<p></p><div><b>Checks</b></div><div><ul style="text-align: left;"><li>No Non-SSL connections (http only)</li><ul><li>Black-box check with proxy, e.g. <a href="https://www.charlesproxy.com" target="_blank">Charles Proxy</a></li><li>Enable <a href="https://developer.apple.com/documentation/security/preventing_insecure_network_connections" target="_blank">Apple Transport Security</a> (ATS) to enforce SSL</li></ul><li>Make sure all used backend services use TLS v1.2+ and <b>do not allow</b> TLS v1.0 or v1.1 any more</li><ul><li><a href="https://www.venafi.com/blog/why-its-dangerous-use-outdated-tls-security-protocols" target="_blank">Deprecation of TLS 1.0 and TLS 1.1</a></li><li>Make sure to use secure Cipher-Suites (see <a href="https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102-2.pdf;jsessionid=0F7F148D5D5D850847963B8F81231DA6.internet082?__blob=publicationFile&v=2" target="_blank">BSI recommendations</a>)</li></ul><li>Make sure servers do not support SSLv3 protocol any more!</li><li>Make sure your <a href="https://de.wikipedia.org/wiki/Datenschutz-Grundverordnung" target="_blank">ePrivacy</a>/<a href="https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwif9s6wkO7vAhUz_rsIHfBNClsQFjAAegQICxAD&url=https%3A%2F%2Fgdpr.eu%2F&usg=AOvVaw1_B7ShEjuXC6XxQwesHq7A" target="_blank">GDPR</a> and Apple Tracking Transparency (<a href="https://developer.apple.com/documentation/apptrackingtransparency" target="_blank">ATT</a>) implementation reacts correctly on opt-outs of tracking</li><li>Consider public <a href="https://medium.com/supercharges-mobile-product-guide/public-key-hash-pinning-on-ios-703ca255cb11" target="_blank">key pinning</a>/<a href="https://www.raywenderlich.com/1484288-preventing-man-in-the-middle-attacks-in-ios-with-ssl-pinning" target="_blank">certificate pinning</a> for additional security vs. man in the middle attacks</li><li>Make sure all used libs have the latest patches/versions - and are still maintained</li><li>Make sure to request required permissions only!</li><li>Make sure no hard-coded client secrets are present</li><ul><li>See also <a href="https://nshipster.com/secrets/" target="_blank">Secret Management on iOS</a>, Tim Dolenko <a href="https://github.com/timdolenko/swift-secrets" target="_blank">swift-secrets</a></li></ul><li>Use <a href="https://developer.apple.com/documentation/security/certificate_key_and_trust_services/keys/storing_keys_in_the_keychain" target="_blank">KeyChain</a> for storing data securely and check <a href="https://support.apple.com/de-de/guide/security/secf6276da8a/web" target="_blank">File Data Protection</a></li><li><a href="https://betterprogramming.pub/how-to-prevent-screen-capture-at-ios-14-1f01173c31c0" target="_blank">Avoid screen recording and capturing in production app</a></li><li>Make sure to <a href="https://www.netguru.com/codestories/ios-logging-practices" target="_blank">disable compromising logs in production</a></li><li><a href="https://www.shashankthakur.dev/2020/09/how-to-detect-jailbroken-ios-device.html" target="_blank">Check for Jailbreak</a></li><li>Make sure WebViews do not set isHTTPOnly = false or isSecure = false cookies</li><ul><li>Third party WebView content is hard to check - especially dynamic content</li></ul></ul><div><br /></div></div><div><b>Additional Checks</b></div><div><br /></div><div>You think iOS apps are sandboxed and need to pass the Apple review and therefore you are on the safe side? Think again...</div><ul style="text-align: left;"><li>Enable ATS in mobile apps</li><li>SSL Cert Pinning</li><li>Storing info in KeyChain rather than NSUserDefaults</li><li>Avoiding confidential info as part of code repository</li><li>Jailbreak Detection</li><li>Debug Logs Only</li><li>Third Party Library Usage</li><li>File Data Protection</li><li>Screen Recording & Capturing</li></ul><div>Details from Shashank Thakur@<a href="https://medium.com/swlh/how-to-make-an-ios-app-secure-831e310c79e2">Medium.com</a></div><div><br /></div><div><b>Tools</b></div><div><ul style="text-align: left;"><li><a href="https://portswigger.net/burp/" target="_blank">BurpSuite</a></li><li><a href="https://www.frida.re/" target="_blank">FRIDA</a></li><li><a href="https://github.com/dpnishant/appmon" target="_blank">AppMon</a></li><li><a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/ " target="_blank">MobSF</a></li><li><a href="https://github.com/sensepost/objection/ " target="_blank">objection</a></li><li><a href="https://testssl.sh/" target="_blank">TestSSL</a></li><li><a href="https://www.wireshark.org/" target="_blank">Wireshark</a></li><li><a href="https://www.charlesproxy.com" target="_blank">CharlesProxy</a></li></ul></div><p></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-33247418114192527752021-03-18T06:45:00.000-07:002021-03-18T06:45:02.329-07:00Getting Started with Swift on Android<p>The Swift stdlib can be compiled for Android armv7, x86_64, and aarch64 targets, which makes it possible to execute Swift code on a mobile device running Android or an emulator. This guide explains:</p><p>How to run a simple "Hello, world" program on your Android device.</p><p>How to run the Swift test suite on an Android device.</p><p><a href="https://github.com/apple/swift/blob/main/docs/Android.md" target="_blank">GitHub</a></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-2727671046707840732021-03-11T03:58:00.005-08:002021-03-11T04:09:59.059-08:00AppMon/MobSF - Automated framework for monitoring and tampering system API calls macOS, iOS and Android<p> <img alt="" src="https://raw.githubusercontent.com/dpnishant/appmon/master/resources/logo.png" style="max-width: 100%;" /></p><p><br /></p><p>AppMon is an automated framework for monitoring and tampering system API calls of native macOS, iOS and android apps. It is based on <a href="https://frida.re/" target="_blank">Frida</a>.</p><p>It consists of the following components:</p><p></p><ul style="text-align: left;"><li>AppMon Sniffer - Intercept API calls to figure out interesting operations performed by an App</li><li>AppMon Intruder - Manipulate API calls data to create change app's original behavior</li><li>AppMon Android Tracer - Automatically traces Java classes, methods, its arguments and their data-types in Android APKs</li><li>AppMon IPA Installer - Creates and installs "inspectable" IPAs on non-jailbroken iOS devices</li><li>AppMon APK Builder - Creates APKs "inspectable" on non-rooted Android devices</li></ul><div><a href="https://github.com/dpnishant/appmon" target="_blank">GitHub</a></div><div><br /></div><div><img alt="" src="https://cloud.githubusercontent.com/assets/4301109/20019521/cc61f7fc-a2f2-11e6-95f3-407030d9fdde.png" style="max-width: 100%;" /></div><div><br /></div><div>Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.</div><div><br /></div><div><a href="https://github.com/MobSF/Mobile-Security-Framework-MobSF" target="_blank">GitHub</a></div><p></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-57607161809517374762021-01-08T04:10:00.002-08:002021-01-08T04:10:10.984-08:00FF Chartwell: Defining pie chart, bar charts and many others via vector font!<p> <img alt="" class="aligncenter size-full wp-image-23611" height="270" src="https://www.fontblog.de/wp-content/uploads/2012/05/chartwell_aufmacher.png" title="FF-Chartwell-Beispiel-Disgramme" /></p><p><br /></p><p>With FF Chartwell you can define Charts via OpenType font, and transform a string, e.g. "<b>60+<span style="color: #2b00fe;">30</span>+<span style="color: red;">10</span></b>" into a Pie Chart 60%-30%-10% including color support (not only b/w!) without rendering anything: directly via font without using any images!</p><p>Check this out:<br /><a href="https://www.fontblog.de/einfuhrung-in-ff-chartwell/" target="_blank">FontBlog FF Chartwell</a></p><p><br /></p><p>So great!</p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0tag:blogger.com,1999:blog-4858171838588273694.post-53193288637689856072020-12-17T01:09:00.003-08:002020-12-17T01:09:25.047-08:00Google Play: Best Apps 2020<p><b> Celebrating the Developers Behind the Best Apps and Games of 2020</b></p><p></p><ul style="text-align: left;"><li>Best App of 2020</li><ul><li><a href="https://play.google.com/store/apps/details?id=co.loona" target="_blank">Loóna: Bedtime Calm & Relax by Loona Inc.</a></li></ul><li>Best Personal Growth Apps</li><li>Best Hidden Gem Apps</li><li>Best Everyday Essential Apps</li><li>Best Apps for Good</li><li>Best Apps for Fun</li><li>Best Game of 2020</li><li>Best Indie Games</li><li>Best Casual Games</li><li>Best Innovative Games</li><li>Best Competitive Games</li></ul><p></p><p><a href="https://android-developers.googleblog.com/2020/11/celebrating-developers-behind-best-apps.html" target="_blank">Android Developers</a></p>pkchttp://www.blogger.com/profile/11284498566079935658noreply@blogger.com0