rogersm.net

exploring area

Category: insight

Mining App stores for good

Since the appearance of the Apple App Store the software engineering community has a huge repository of untapped data to analyse. Although this data is compiled code (for source code we already have some projects mining open source repositories) there are some interesting possibilities that, until now  nobody was exploring:

  • Library adoption: identify and track which libraries are being currently used by applications.
  • Software programming best practices: checking the use of unsupported APIs or unsafe idioms (fairly common in C/Objective C).
  • Checking for Intellectual Property issues: like including non licensed content.
  • Security analysis: including passwords in source code or downright crazy insecure programming practices.

Of course this level of detail requires an advanced understanding of low level analysis techniques, but already have techniques to mine all this data and get the useful information.

And I said before ‘until now’, because after reading “Amazon Is Downloading Apps From Google Play and Inspecting Them”  we see Amazon is tapping this huge amount of applications to check for good security practices.

Of course these kind of techniques should be applied in the publishing phase of the application, but because currently no app store is doing this level of analysis during publication the first case of binary analysis has been done by Amazon (a platform provider) to ensure the good use of the API.

 

Personally I want to congratulate Amazon for his interest to improve his platform security (and their users) doing a binary analysis of the applications.

Move my feed to twitter

Just in case you’re surprised on how slow things are moving in this blog: not only I’m doing some interesting R&D on analytics and big data for a new data analysis product that takes a lot of my time, but I have moved almost my internet posting activity to twitter.

So if you want to keep updated that what I’m doing, twitter is the right place.

How to set your Mac OS serial number to use iCloud

If after a visit to an Apple Support Service they return your computer without the serial number set in your motherboard, this walk-through may be useful.

It is not for complete new users, but does not require shell access, so it may be useful if you are out of Apple Care or do not want to move your computer again.

If you want to comment, please use the comments in this post, not on the walk-through page.

Don’t become become addicted to the past.

Köln Concert cover

Köln Concert cover

I’ve recently found a beautiful article about Keith Jarrett’s Köln Concert in the WSJ.

Keith Jarrett words interesting:

We also have to learn to forget music, otherwise we become addicted to the past.

Don’t get attached to the past: past had a context, a meaning that was useful at that time, but repeating past actions in the future is no guarantee of success.

Move forward, the creation process adds value to the creation. The replication process does not.

Use the previous experiences in the creation, walk the thin border between the boring copy and the original creation.

Don’t listen to old records more than once. They should be an influence, not a shrine.

© 2017 rogersm.net

Theme by Anders NorenUp ↑