Apple Extends Developer Deadline for Mandatory App Transport Security Support

Apple on Wednesday informed developers that it has extended the deadline by which apps submitted to the various App Stores will required to use App Transport Security (ATS), a standard introduced in iOS 9 and OS X 10.11.

According to Apple Developer, ATS, first introduced in iOS 9 and OS X v10.11, will now not become mandatory for apps to support by the 1 January 2017. Instead, Apple has decided to give developers "additional time to prepare" for the switch and so has extended the original deadline.
Although ATS is switched on by default in Apple's development toolset, developers currently have the option of deactivating the feature. During this year's Worldwide Developers Conference, however, the company said it would begin enforcing ATS support starting Jan. 1, 2017.

ATS is a feature of Apple's iOS and OS X operating systems which ensure that applications do not load resources over HTTP connections, which are not secure and may be eavesdropped on by attackers. Instead, ATS requires that resources are loaded through HTTPS, a secure communication protocol often used by other services including online banks and e-commerce websites which encrypts data through Transport Layer Security Layer (TLS).

Currently, ATS is enabled by default but app developers do have the option of disabling the feature.

Apple has not announced an expected timeline for ATS integration, saying only that developers will be updated when a new deadline is confirmed. No new deadline has been set for developers to utilize ATS, but the iPad and iPhone maker has promised an update when a new date has been confirmed.

Source : Apple Developer

Apple Seeds watchOS 3.1.3 beta (14S958) to Developers

Apple on 21st December seeded the First Beta of watchOS 3.1.3 Update Build 14S958 to registered developers for testing purpose, the release is a test version of the upcoming update to their Apple Watch Operating System

This can be downloaded through the dedicated Apple Watch App on the iPhone running iOS 10 or higher by going to General > Software Update.

What is required?

This can be downloaded through the dedicated Apple Watch App on the iPhone by going to General > Software Update.

Developers can download the watchOS configuration profile from the link Download and install the build via the Watch app on the iPhone. But to install the update, the Apple Watch must have 

• 50% battery, 
• It must be placed on the charger and 
• It must be in the range of the iPhone. 

watchOS 3.1.3 requires an iPhone running iOS 10 to install.

The watchOS 3.1.3. beta comes shortly after Apple pulled the watchOS 3.1. release after it was found to be bricking some Apple Watch Series 2 devices. Apple has not re-released an updated version of watchOS 3.1.1 that fixes the bug, So many users are still running watchOS 3.1.

Like tvOS, there is no Public Beta for watchOS. If you want access to watchOS 3.1.3 build, you will need to be a registered developer. Once you are, you can download the configuration profile from Apple Developer to your Watch, and then update through the Watch app on your iPhone.

Source: Apple Developers

Apple Launches Beta 2 of iOS 10.2.1 and macOS Sierra 10.12.3

iOS 10.2.1 Beta 2 (14D15) to Developers

Apple announced that it has released iOS 10.2.1 beta 2 for iPhone, iPad and iPod touch to developers with build number 14D15 for developers. This update follows the public release of iOS 10.2.

iOS 10.2 included newly redesigned emojis, the TV app for US users, a couple of new screen effects in Messages, amongst other enhancements. iOS 10.2.1 is also available for public beta testers with a release usually a few days behind developer releases. Right now this is available for Registered users of Apple Developer Program.

macOS Sierra 10.12.3 Beta 2 (16D17a) to Developers

Apple seeded the second beta of macOS Sierra 10.12.3 update to developers, one week after releasing macOS Sierra 10.12.2 

Sierra 10.12.2 brought in new emoji, wallpapers, graphics and System integrity protection fixes and the removal of the system battery's estimated 'time remaining' feature.

This second seed of macOS Sierra 10.2.3 beta is available on the developer center and rolling out to the Mac App Store now with a size of 1.04GB.

According to Apple's release notes, the 10.12.3 update "improves the stability, compatibility, and security of your Mac." No specific changes, bug fixes, or feature additions were discovered in the first beta, but we'll update this post should any new features be found in the second beta.

iOS 10.2.1 Beta 2 (14D15) and macOS Sierra 10.12.3 Beat 2 (16D17a) are now available to install over-the-air via Settings-General-Software Updates on iOS devices and under the Mac App Store's Updates tab on the Mac.

Source: Apple Developers Blog

Apple to Add Grade Crossings to Maps

Apple to Add Grade Crossings to Maps After Federal Recommendation. Apple will add grade crossings to Apple Maps after a safety recommendation from the National Transportation Safety Board (NTSB), Reports The New York Times. The recommendation comes after a two-year investigation into an accident that occurred after a driver got his truck stuck on railroad tracks while following directions from Google Maps.

Grade crossings, or level crossings, are defined as intersections where a rail line meets a roadway, and have become increasingly dangerous areas thanks in part to the rise of digital mapping services.   The case the NTSB cites in its recommendation is that of Jose Alejandro Sanchez-Ramirez, who misinterpreted directions from Google Maps and wound up on a poorly marked grade crossing. His truck, which was hauling a trailer, got stuck on the tracks. While Sanchez-Ramirez was able to abandon his vehicle, a train struck it and resulted in the death of an engineer and injuries to 32 others. There were more than 200 fatalities at grade crossings last year in the U.S. 

Read More

At the time, Google's mapping application did not incorporate grade crossing data, according to NTSB findings. The federal safety agency argues that had Google Maps included such information, and perhaps a warning, Sanchez-Ramirez would have been less likely to mistakenly turn onto the tracks. 

Today, the NTSB issued a safety recommendation that Google and other map providers, like Apple, Should add exact locations of more than 200,000-grade crossings to their mapping data. The Federal Railroad Administration has been lobbying Apple and other tech companies to add the data for the past 18 months.

Along with Apple and Google, the NTSB is calling on Garmin, HERE, TomTom, INRIX, MapQuest, Microsoft Corporation, Omnitracs, OpenStreetMap US, Sensys Networks, StreetLight Data, Teletrac, and United Parcel Service of America to integrate the grade crossing and other rail data into their respective digital services. 

Source: MacRoumors

Appthority warns only 3% of enterprise apps comply with upcoming Apple security mandate

Apple is making a series of security changes for the new year – yet according to new research from Appthority, only 3% of enterprise apps are fully compliant with the new security mandate.

In June 2016, Apple announced that App Transport Security (ATS) will become a requirement for new App Store apps from 1 January 2017.

ATS, which was introduced in iOS 9, forces an app to connect to web services over an HTTPS connection rather than HTTP to keep data secure while in transit by encrypting it.

“Appthority researchers found that the majority of apps in the enterprise don’t fully utilize the best practices encryption standard, which should be a concern to enterprises,” said Robbie Forkish, vice-president of engineering at Appthority.

“The new ATS mandate only applies to new submissions to the App Store, and Apple will be allowing exceptions to ATS, so, while the requirement should strengthen data security, there will still be iOS apps not using data encryption in enterprise environments, even after 1 January 2017.

“For this reason, it’s incredibly important that businesses have visibility into, and management of, the risks related to apps with these exceptions, as they can put enterprise data at risk,” he said.

The research also revealed 55% of apps in use by enterprises allow the use of HTTP, instead of requiring HTTPS, while 83% had ATS disabled for all network connections and 26% had ATS disabled at a global level, with specific exceptions set up for domains.

According to Appthority, existing apps that do not comply with the ATS mandate will not be removed from the App Store, which means enterprises will have to continue to be vigilant about apps in their environments. Read more about the report here.

Source: Apps Tech News

Apple Seeds ios 10.2.1 beta (14D10) and tVOS 10.1.1 beta (14U707)

iOS 10.2.1 Beta (14D10) Update

Apple has just dropped iOS 10.2.1 beta 1 for developers. The contents of the update are currently unknown. iOS 10.2 included newly redesigned emojis, the TV app for US users, a couple of new screen effects in Messages, amongst other enhancements.

The first seed of iOS 10.2.1 weighs in at 1.82 GB for developers over-the-air. Given the minor bump in version number, this is likely a simple bug fix release.

Apple seeded the iOS 10.2.1 beta for iPhone, iPad and iPod touch on December 14th to developers with build number 14D10. iOS 10.2.1 will undoubtedly be released to members of the public beta program in a few days. For more visit Apple Developers Blog

tVOS 10.1.1 Beta (14U707) Update

Apple has issued the first tvOS 10.1.1 developer beta for testing. tvOS 10.1.1 is likely a software update focused on bug fixes and performance improvements. tvOS 10.1 was a feature update that included the new TV app for the first time.

The new version features build 14U707 and are listed on the developer center; an OTA update is expected for Apple TVs with the developer profile installed.

Release notes for tvOS 10.1 listed these changes:

Apple TV Software Update 10.1

TV app: Discover new content or pick up where you left off in a current show or movie—all in one unified place. The TV app brings together all your shows and movies from services that you subscribe to, plus your purchases from iTunes. This feature is available only in the United States for Apple TV, iPhone, iPad, and iPod touch.

Additional: This update also includes general performance and stability improvements. 

For more visit Apple Developers Blog

Source: Link 

Get a View of Wear 2.0's Upcoming Standalone Apps

Google announced that it releases Android Wear 2.0 developer preview 4. A key part of Android Wear 2.0 is letting watch apps work as standalone apps, so users can respond to messages, track their fitness, and use their favorite apps, even when their phone isn't around. Users will be able to search, install, and use apps without ever leaving their device. The standalone nature of the Android Wear 2.0 app will offer a big boost in search performance and app responsiveness.

Here is the view how other developers are enhancing their user experience with standalone apps.

Glide

Glide is the fastest live video messenger app on the planet. Using the Wear Complications API, Glide is now able to live broadcast directly from the watch face. By tapping contact shortcuts from the watch face, you can now launch directly into a conversation. This makes wrist-based communication more accessible and effortless.

Foursquare

Foursquare City Guide will lead you to the perfect spot anywhere in the world. With these app travelers around the world use Foursquare's Android Wear app to discover hidden gems and be in the know about the best places to eat, drink and explore. With their upcoming 2.0 app, the team has a clean new canvas for rich notifications giving users an immersive experience with Foursquare content.

Lifesum

Lifesum helps you make better food choices, improve your exercise, and reach your health goals. Your personalized health and lifestyle guide. The upcoming 2.0 experience complements the existing Lifesum mobile app and as a standalone app, it will allow users to more easily track water and meals throughout the day.

Check out https://goo.gl/qM7Fym for the updates about Android Wear Developer Preview 4.

Source: Android Developers Blog

Google Releases Android Wear 2.0 Developer Preview 4

Developer Preview 4 includes a number of new APIs that will help you build more powerful standalone apps. Get ready for the next version of Android Wear! Support stand-alone Wear devices and apps. Create enhanced user interaction and glanceable experiences. Test your apps on Wear devices.

A key part of Android Wear 2.0 is letting watch apps work as standalone apps, so users can respond to messages, track their fitness, and use their favorite apps, even when their phone isn't around. The developer preview includes everything you need to test your existing apps on a variety of hardware configurations. The fourth developer preview became available on 13th Dec 2016 and it comes with some big changes that suggest the wear team is putting the extra time to good use.

Reintroduction of Swipe-to-dismiss

The most significant change in this release is the return of "swipe-to-dismiss" – the navigation model where users swipe right across the screen to return to a previous screen or exit an app. This was the navigation model of Android Wear 1.0, but it was swapped out with the first 2.0 developer preview in favor of using the physical power button as a Back button. Many users given the feedback that the swipe-to-dismiss gesture from Android Wear 1.0 is an intuitive time-saver.

• Swiping an activity from left to right will result in it being dismissed and the app will navigate down the back stack.
• Developers can wrap the containing views of a Fragment or Views in general in the new SwipeDismissFrameLayout to implement custom actions such as going down the back stack when the user swipes rather than exiting the activity.
• Hardware button now maps to "power" instead of "back" which means it can no longer be intercepted by apps.

This change may actually re-open the door for watches that don't have hardware buttons. Whether people want that or not may be up for debate, but a mandatory hardware button for navigation had been a topic of some discussion after the first developer preview was released.

Compatibility with Android Wear 1.0 Apps

Also making a return from Android Wear 1.0 is support for apps packaged inside of apps. The third developer preview added a miniature version of the Play Store to handle apps for the watch, but in doing so, Google disabled support for the older method of packaging apks for Wear inside of apks for phones. This particular piece of information wasn't widely communicated, so there was a great deal of confusion about apps that didn't appear to be installing properly. Both types of installations should now work with DP4, but Google is still strongly encouraging developers to use the standalone model since it gives more choices to users and improves usability through the Play Store.

Seamless Authentication

Google's final major addition follows along with the theme of simplifying actions on a watch using a paired phone. To make authentication a seamless experience for both Android phone and iPhone users, Google has created new APIs for OAuth and added support for one-click Google Sign-in. Developers can now call an API on a watch that opens up a sign-in prompt on a paired phones. This will allow users to choose accounts and read details about permissions on a more appropriately sized screen.

In-App Billing

A new feature called In-app billing support added along with paid apps, this gives you another way to monetize android wear app or watch face. A developer can now add in-app purchases to Wear apps without relying on paired apps or workarounds. Authorization for purchases is still protected by a 4-digit PIN.

Source : Android Developers Blog 

Google Announcing updates to its Internet of Things Platform : Android Things and Weave

With each new generation of Android devices, most companies push incremental changes to their hardware line-up. One innovation that has captured the minds of generations of consumers since the days of The Jetsons is known as the Internet of Things (IoT).

The Internet of Things (IoT) will bring computing to a whole new range of devices. Two important updates for IoT developer platform announced by Google to make it faster and easier. Today Google announced it is releasing a Developer Preview of Android Things, a comprehensive way to build IoT products with the power of Android, one of the world's most supported operating systems. Now any Android developer can quickly build a smart device using Android APIs and Google services while staying highly secure with updates direct from Google.

Image Credit : Android Developers Blog

Furthermore, Google is incorporating several familiar Android development related tools to work with Android Things such as Android Studio, the Android SDK, Google Play Services, and Google Cloud Platform. In conjunction with these updated tools, Google is also updating the Weave communication layer to allow for easier access to cloud content and to even allow for interaction with services like Google Assistant. Eventually, Google will merge its Weave with Nest Weave to take advantage of the existing integrations available through the popular Nest home products and to ease the development transition of existing products.

Google mentions that several popular smart home devices such as the Philips Hue light bulbs and Samsung’s SmartThings already implement Weave, so developing for the platform should be a no-brainer. The Weave Device SDK already supports cloud communication layer code for devices such as the aforementioned light bulbs, switches, and thermostats but will be updated in the future with support for additional appliance types. In addition, the company will provide a mobile application API available for Android and iOS developers – so even smartphones and smartwatches will be able to interact with smart home devices.

Source : Android Developers Blog

Study shows iOS devices failing more often than Android - Here is the Reason!

A report claims that more iOS devices crashed this year when compared to Android. A report has revealed that the Apple iOS had a higher failure rate as compared to Android devices in Q3, 2016. It shows that iOS, which powers iPhone and iPad devices suffered 62% failure rate, while Android which powers more devices than iOS faced 47% failure.

According to the latest report from global data security firm Blannco Technology Group, there were more instances of apps crashing on iOS than Android. Apps crashed on 65% of iOS devices as compared to 25% of Android-running devices. It has been further revealed that it was the iPhone 6 which faced maximum lags at 13% followed by the iPhone 6s at 9%, iPhone 5s at 9%, and the iPad Air 2 at 2%.

Prime Reason with iOS Devices!

The prime reason why the iOS devices faced glitches is being blamed on the latest iOS 10 version. An instance of smartphones’ erratic behavior is due to the kind of processor it is equipped with. Often users unknowingly run or try to run graphic-heavy apps on a smartphone running lighter processor, which in turn leads to app crashes and overheating. 

Which App has Maximum Failure Rate?

The report notes that some apps crashed due to overheating. Pokémon GO initially crashed on 5% of iOS devices, twice as compared to Android in the third quarter. The AR game not only crashed, it further drained batteries and hogged system resources, slowing down devices completely. However, the top spot for performance-harming apps continued to be driven by social media. It has been revealed that the top four crashing apps on iOS were Instagram with 14% failure rate, Snapchat at 12%, Facebook at 9% and Messenger at 5%.

Among Android devices, China-based LeEco’s Le 2 had the maximum failure rate at 13% followed by close rival Xiaomi with its Redmi 3S and Redmi Note 3 at 9% each. Surprisingly, Redmi Note 3 is a tested performer and yet according to the Blannco Technology Group report is one of the Android devices faced with maximum performance-related issues. Other Android running devices include the Samsung Galaxy S7 edge at 5% and the Lenovo Vibe K5 Note at 4%.

Prime Reason with Android Devices!

Prime issues with Android devices were related to the battery at 7% and the screen at 6%. It has been further revealed that Samsung-branded smartphones and tablets running Android had the most failures among Android manufacturers at 11% followed by Xiaomi-built devices at 4%. On Android, IMS Service, which is an app used by merchant led the app failure list at 32% followed by the address book app at 12% and Google’s own Play Store app at 10% failure rate.

Apple Seeds macOS Sierra 10.12.2 Beta 6 to Developers

Apple has seeded macOS Sierra 10.12.2 beta 6 to developers for testing. The build number is 16C63a. Just 24 hours after iOS 10.2 beta 7 dropped  and three days following macOS Sierra 10.12.1 beta 5, Apple on Thursday issued a sixth beta of what would become the second major update to macOS Sierra. macOS Sierra 10.12.2 beta 6 (build number 16C63a) is now available to registered developers.

The update can be deployed via the Mac App Store’s Updates tab on Macs which are registered with the Apple Developer Program. The full installer is on Dev Center.

Aside from bug fixes and performance improvements, macOS 10.12.2 won’t make your daily computing more productive but you’ll enjoy Apple’s new “Color Burst” wallpapers from MacBook Pro marketing and a ton of new Unicode 9.0 emoji characters. This update improves the stability, compatibility, and security of your Mac.

These include clown face, drooling face, selfie, face palm, fox face, owl, shark, butterfly, avocado, pancakes, croissant and more, pus several profession emoji in both male and female genders, such as firefighter, mechanic, lawyer, doctor and scientist.

Available since September, macOS Sierra is the latest Mac operating system. It includes Siri support, Apple pay for the web, Universal Clipboard, Apple Watch auto unlocking, improved iCloud Drive integration, Picture-in-Picture multitasking, and dozens of smaller features.

It also brings the new Unicode 9.0 emoji found in iOS 10.2. The new emoji sets will be available in iOS 10.2 and watchOS 3.1, too.

iOS 10.2 beta 7 (14C92) Now Available

Apple has now made iOS 10.2 beta 7 available for both registered users of Apple Developer Program and for those public testers registered on Apple Beta Software program. iOS 10.2 beta 7 released two days after releasing beta 6 seed.

This release also comes only one day after Apple officially launched Single Sign-on Feature for iOS 10.x devices, a feature which was initially part of iOS 10.2 betas when it was still in beta and being tested on the said firmware before its eventual rollout to everyone on other versions of iOS 10.

Seeing that beta 7 OTA is weighing around 2GB in size, it’s likely that this is the final build of iOS 10.2 which will also roll out globally to all iOS users with compatible iPhone and iPad devices sometime next week.

Apple has already Confirmed that it’s going to add a special diagnostic software into its next firmware release scheduled for next week in order to analyze battery shutdown issues affecting some iPhone 6s units. iOS 10.2 is largely being touted as the firmware release Apple will drop next week with diagnostic software built right in.

Apart from this aforementioned battery diagnostic tool and Single Sign-on feature, iOS 10.2 also features brand new Unicode 9 emojis, all-new TV app, SOS calling feature for users in India, user interface tweaks to Music app, two new full-screen iMessage effects for Apple’s Messages app, and more.

If you have a configuration profile installed for iOS betas, simply heading to Settings > General > Software Update on your iPhone or iPad should get you to iOS 10.2 beta 7 OTA update. 

For those new to installing betas can head over to either developer.apple.com, or beta.apple.com to get onto the latest iOS 10.2 Beta.

Source Link : http://www.redmondpie.com/

Saving Data : Reducing the Size of the App Updates by 65%

Google has announced a new method of updating your apps on the Play Store. A previous change had reduced the size of updates by 47% on average, but this new one can reduce the size by a further 65%.

The new method is called File-by-File patching. Since APKs are zipped up and compressed, one can’t just replace a single file without changing the entire file’s compressed output. Therefore this new method will decompress both the old and the new APK, apply the patch from the new APK, and compress the APK on your device. While this takes less data, it takes more time and processing power.

Because these patches can take longer, Google has opted to only use file-by-file patching for background auto-updates right now. So, your Play Store client may end up using a lot fewer data. It won't necessarily be faster at updating, though.

Because of these drawbacks, Google is limiting this new update method to automatic updates that it can do in the background. Manually updating apps won’t utilize this new technique in saving data.

Techniques used in File-by-File patching

Android apps are packaged as APKs, which are ZIP files with special conventions. Most of the content within the ZIP files (and APKs) is compressed using a technology called Deflate. Deflate is really good at compressing data but it has a drawback: it makes identifying changes in the original (uncompressed) content really hard. Even a tiny change to the original content (like changing one word in a book) can make the compressed output of deflating look completely different. Describing the differences between the original content is easy, but describing the differences between the compressed content is so hard that it leads to inefficient patches. File-by-File, therefore, is based on detecting changes in the uncompressed data.

To generate a patch, First decompress both old and new files before computing the delta. Then to apply the patch, decompress the old file, apply the delta to the uncompressed content and then recompress the new file. In doing so, make sure that the APK on your device is a perfect match, byte for byte, to the one on the Play Store

Thankfully, developers won’t have to change anything to utilize this new update system. It’s all on Google’s end. If you want to learn more about File-by-File patching, hit the source link!

Source:  Android Developers Blog

Android 7.1.1 Nougat Update Released

Last month the news leaked about the Release date of the Android 7.1.1 update for Google's pixel and Nexus devices. Now Google has published that Android 7.1.1 Nougat update released as of 5th Dec 2016 in Android developers blog.  Android 7.1.1 release is for Pixel and Pixel XL devices and the full lineup of supported Nexus devices. Device makers can get their hands on the latest version of android source code at Android Open Source Project (AOSP) 

Android 7.1.1 Nougat

Android 7.1.1 is an incremental release that builds on the features already available on Pixel and Pixel XL devices, adding a handful of new features for consumers as well as optimizations and bug fixes on top of the base Android 7.1 platform API level 25.

Android 7.1.1 factory images and over-the-air (OTA zip files) update are available for the Pixel and Pixel XL devices, as well as Nexus 5X, Nexus 6P, Nexus 6, Nexus 9, Nexus Player, Pixel C and General Mobile 4G (Android One) devices. The user can also download and flash this update manually. The latest version of the support library 25.0.1 is also available for a user to add image keyboard support, bottom navigation and other features for devices running API Level 25 or earlier. With this update, developers can optimize their app by providing round icons and adding app shortcuts. 

What is Next?

Google Said " We'll soon be closing open bugs logged against Developer Preview builds, but please keep the feedback coming! If you still see an issue that you filed in the preview tracker, just file a new issue against Android 7.1 in the AOSP issue tracker. You can also continue to give us feedback or ask questions in the developer community.

As mentioned back in August, we've moved Android Nougat into a regular maintenance cycle and we're already started work on refinements and bug fixes for the next incremental update. If you have an eligible device that's currently enrolled in the Android Beta Program, your device will automatically receive preview updates of upcoming Android Nougat releases as soon as they are available".

Source : Android Developers Blog

Google Play service to drop support for Android Gingerbread, Honeycomb in early 2017

In an Android Developers blog - post-Google announced that Google play services and firebase for Android will support API level 14 at a minimum. Version 10.0.0 of the Google Play services client libraries, as well as the Firebase client libraries for Android, will be the last version of these libraries that support Android API level 9 (Android 2.3, Gingerbread). The next scheduled release of these libraries, version 10.2.0, will increase the minimum supported API level from 9 to 14 (Android 4.0.1, Ice Cream Sandwich) and will be released by early 2017. In other words, for the new version play services to work, smartphones will require a minimum of Android 4.0 Ice Cream Sandwich and above. As a result, the lower version Android 2.3 Gingerbread and Android 3.0/3.1/3.2 Honeycomb will be dropped by next year.

The Gingerbread platform is almost 6 years old. Introduced first in 2012, Google Play services are Google’s background service and API package for Android. It’s the company’s way of delivering updates and improvements for its services and apps to Android users without actually upgrading the whole operating system. Google explains that one of the reasons for discontinuing support for Gingerbread is that many Android developers have already discontinued support for Gingerbread in their apps. This helps developers build better apps by making use of newer capabilities of the Android platform. And it works similarly for Google as well. By making this change, Google will be able to provide a more robust collection of tools for Android developers with greater speed.

As for the users who are still on the older version, you may use version 10.0.0 of Google Play services and Firebase as you are currently. Developers are being asked to use a minimum of API level 14, and those opting to follow these guidelines will no longer be able to deliver updates to older devices. However, users will still be able to download the most recently published version of the app that does target their device.

Looking how the Android distribution stands right now, a very little percentage of users are still working with these versions of Android OS. According to the Android distribution numbers for the first week of November, Gingerbread (2.3.3 and 2.3.7 combined) has reduced its presence from 1.5 percent to 1.3 percent. Ice Cream Sandwich (4.0.3 and 4.0.4 combined) joins Gingerbread with 1.3 percent, a decrease from the previous 1.4 percent. This is in comparison to the new version, where Marshmallow runs on 24 percent devices, while Lollipop (5.0 and 5.1 combined) leads the charts with 34.1 percent market share, followed by KitKat with 25.2 percent. Jelly Bean (4.1.x and 4.2.x combined) comes third with 13.7 percent.

To be clear, developers can continue to use version 10.0.0 of Google Play services and Firebase with Gingerbread and Honeycomb devices. Once you upgrade to version 10.2.0 or above, however, you will have to either target API level 14 as the minimum supported version or build multiple APKs to support devices with an API level less than 14. Given that Gingerbread and Honeycomb will continue to be slowly but surely phased out, the former is your best option.

Android 7.1 Update Date Revealed!

Back in October, Google confirmed that the final build of Android 7.1 Nougat will start rolling out to Pixel, Nexus, and Android One devices in early December. There was no specific date mentioned then, and Google is yet to announce the exact date. However, a mobile carrier has listed the firmware rollout information on its website.  

Apparently, Vodafone Australia has spilled the beans with details of a December 6 release date for the Nexus 6P. It mentions that the OTA update is about 650MB in size and will roll out incrementally to the users in the country. The details even include the schedule of the entire rollout, with 10,000 Nexus 6P users selected at random receiving the update in the first 3 days. The update will be rolled out to 10 percent of the remaining users daily over the next 10 days, with all eligible devices slated to receive the update within 14 days i.e. by December 19.

Notably, Google recently released the Android 7.1 Nougat Developer Preview 2 for the Nexus devices. "With Developer Preview 2, you can make sure your apps are ready for Android 7.1.1 and the consumers that will soon be running it on their devices," the company said in a note to developers. Such updates usually come in waves that take about two weeks to reach everyone. So if you have a Nexus 6P, 5X, 6, 9, or Pixel, Pixel XL you may need to exhibit patience or flash the software manually when it arrives.

Android 7.1 has a lot of cool, New features that will make your Nexus more delightful to use. Google has made good on the promise to bring some of the latest Pixel features (sans the Google Assistant and custom launcher) to the last generation of devices, which may keep some of the hardcore Nexus fans happy for now. But the future is clearly the Pixel, so if you crave the absolute latest from Google then at some point you may wish to upgrade.

Source  

Mobile Apps Security Trends - Research Reveals iOS and Android App Data Leakage

A new report from cloud security provider Zscaler has revealed the extent of data leakage from iOS and Android apps – and the threat this poses to enterprises.

Zscaler company analyzed more than 45 million transactions related to mobile devices through its cloud, and found that 0.3% of the 20 million Android transactions and 0.5% of the 26 million iOS transactions are resulting in some level of privacy leakage.

For 58% of Android and 72% of iOS privacy leaks, the information is around device metadata – apps sending identifying information, such as network, OS and SIM card. 39% and 27% of Android and iOS respectively was around location, including exact latitude and longitude coordinates, while 3% for Android is PII (personally identifiable information) leakages, such as mobile numbers and email addresses. For iOS, PII is at 0.2% of overall leaks.

Breakdown of privacy - Android Devices

Of all the leaks, 58% are related to device metadata leakage. Another high percentage of leaks — 39.3% — are related to the user’s location, including exact latitude and longitude coordinates. The remaining 3% of transactions result in personally identifiable information leakages, including the user's mobile number and email address. 1% of privacy leakages are observed from malicious transactions and the rest are related to Android app usage.

Breakdown of privacy - iOS Devices

In iOS, it is noted that approximately 26 million transactions quarterly through the cloud, and 0.5% result in privacy-related information being sent. Of all iOS transactions that result in privacy-related information being sent, 72.3% of the transactions are related to the user's device information. An additional 27.5% of transactions are resulting in the user's location being sent, and 0.2%t of transactions result in sending PII-related information. Of all the transactions in which privacy-related information is being sent, 5% of them are the result of malicious infections.

“These statistics demonstrate that significant amounts of personal data can be leaked simply by tapping into any organization's traffic,” Viral Gandhi, senior security researcher at Zscaler notes. “In our cloud alone we saw nearly 200,000 examples of such leaks. All that leaking data can be leveraged for more sophisticated attacks.”

A study by IBM & The Ponemon Institute shows that of the 400 organizations studied, almost 40% do not scan the apps they develop for security vulnerabilities. And, even more worrisome, 50% of those that develop mobile apps do not allocate any budget at all to testing for security vulnerabilities. 

So don't count on the developers to protect you. Organizations must take steps to protect their users and the broader network infrastructure and data assets. Ultimately, the company notes that observing the leakage from iOS and Android apps is another warning for companies to protect their users and their broader network infrastructure. “They should be applying strict MDM policies and educating employees about app security in an effort to stave off any kind of data loss or security breach,” Gandhi adds.

To read more about Mobile privacy trends Click Here