Category Archives: General

Android hackers writing malware attack apps using App Inventor

There is no problem with using App Inventor to write your own apps and share them with others. The problem is that App Inventor makes it easy to write any app – and malware authors have begun to use App Inventor to create apps that are malware and might do bad things.

“App Inventor doesn’t give malicious apps any special powers nor access to exotic exploits to attack your phone. But it does make the production of Trojanized apps enormously easy. With only a basic understanding of Android programming, an attacker can churn out tons of malicious apps. More apps means more confusion, and more opportunities for attack.”

Source: Mobile Threat Monday: Android Attackers Use App Inventor for Evil | PCMag

2/3rds of programming projects expected to use “low code” tools by 2025

App Inventor is a “low code”, visual software development tool. Such “drag and drop” programming tools enable non-programmers (and programmers) to create many types of applications without the details of traditional programming code.

This leads to an important issue – will less trained/less experienced programmers inadvertently introduce security problems in their applications?

Gartner predicts that by the end of 2025, over 65% of development projects will use low-code builders. The field of low-code continues to expand. But what security implications does low-code introduce? Low-code refers to tools that enable application construction using visual programming models. Adopting drag-and-drop components instead of traditional code, no-code and low-code platforms enables non-technical folks to construct their own workflows without as much help from IT. Yet, handing power to citizen developers with less security training can be risky. Plus, low-code platforms may hold compromised propriety libraries or leverage APIs that may unknowingly expose sensitive data to the outside world. There’s also the possibility that low-code could increase shadow IT if not governed well.

How to Mitigate Low-Code Security Risks

Still making adjustments to this web site

Yesterday, a WordPress plug in ran “amok” and used up all available system memory, causing this and all of my other web sites to become “unavailable” between about 2130 UTC and 0000 UTC. You would have  seen a “503 Service Unavailable” error when accessing any of the web sites.

I had to remove plug ins one by one from each of my web sites until finding the errant plug in. Then I disabled WordPress until the process was suspended and then restarted WordPress.

At the recommendation of my ISP, I installed a WordPress Cache plug-in which temporarily stores accessed pages as HTML static web pages, which load very fast – versus being generated by the WordPress software and database each time the page is loaded. This, however, coupled with another small change, broke https security giving a “page is not secure” error, and display formatting errors in Firefox. I believe I have that fixed today.

NOTE:  You can access this web site as https://appinventor.pevest.com or https://coldstreams.com/appinventor

If you access via appinventor.pevest.com , I have configured the web server to change the URL over to https://coldstreams.com/appinventor

For some reason, the appinventor.pevest.com/URL form is not working to correctly redirect to the sub URL part of the path.  Since I did not see what is causing this problem, the simplest fix for now was to point to the coldstreams.com/appinventor folder, which is where the web site’s WordPress installation exists.

appinventor.pevest.com now running on new server

Update December 26, 2019: The DNS has been updated (or is still in process of being updated) so that appinventor.pevest.com now directs to the new server – yay!

On December 18, 2019, my Internet web hosting provider that runs the appinventor.pevest.com web site announced they are shutting down in February 2020!

Over the past week I have been working to move all of the files, software and databases to a new web host. The good news is that most of the transfer has been completed!

This post you are reading right now is on the new web host, however, the final appearance of this page and some items still need to be updated.

Continue reading appinventor.pevest.com now running on new server

Source code downlinks fixed

Two readers alerted me to problems downloading the source code on the Downloads page on this web site, and the source code for my book on App Inventor graphics and animation.

A software update on the server appears to have changed how some default file directories were appended to filenames.

The problem appears to now be fixed. Thank you very much for letting me know of this problem.

Ed

Visit the primary web site at learn2c.org

This web site – appinventor.pevest.com – is no longer the primary web site for our App Inventor tutorials. However, this web site will remain here indefinitely as many people link to it, including search engines and my own e-books 🙂

The new, short and easy to remember URL is Learn2C.org as in “Learn 2 Code”

Unfortunately, for reasons I will not get into, it is not possible to integrate the two web sites together. So appinventor.pevest.com will remain “as is”, and Learn2C.org will become the primary focus point.

I am looking into having Learn2C automatically cross post to the appinventor.pevest.com web site but that has not yet implemented. But I’d like to do that for those that already follow the appinventor.pevest.com web site.

My apologies for not doing a lot of updates during 2018. I have already written some new code examples (Bluetooth LE anyone?) and am working on more in that area. These tutorials will appear once I have completed the entire series of example programs. There are also other items in the works that I cannot talk about yet.


Most popular programming languages?

There are many surveys of programming language popularity. Many of the popular surveys have problems with the survey methodology such that they likely produce erroneous estimates of programming language popularity. For example, one survey looks at how many times each programming language is looked up on Internet search systems.

The chart, below, comes from GitHub and bases popularity on the number of “pull requests” that are made to the GitHub software repository. Using this method, JavaScript is the most popular programming language, followed by Python, Java, Ruby and PHP.

Python has become a standard for use by non-computer science students. Whether your college studies be in mechanical engineering or geology, there is a good chance you will learn Python for data analysis projects.

Java is now an old programming language, but still used especially for Android programming. It’s popularity for desktop applications is starting to diminish.

Ruby become popular about ten years ago. Ruby is based on a concept of “frameworks” that provide pre-made program skeletons which you adapt to make your own application. Ruby is very popular for quickly creating web-based applications.

PHP pre-dates Ruby – PHP is a script language that runs on the server side of a web application. PHP is very easy to learn and couples easily with MySQL databases, making the combination a great solution for web-based, database-backed applications.

Finally we get to the “C” derived languages including C, C++ and Microsoft’s cousin C# (a very powerful language with great development tools.). C dates back to about 1970 or so.

C++ was developed in the 1980s and added object oriented programming to C and has since expanded in many ways. C and C++ are commonly “compiled” into machine instructions for each CPU and are used for high performance applications, including operating systems, video games and media applications.

C# has features resembling Java and C++ – but in a more modern design. In some ways, C# is where some wish C++ had gone

Capture

appinventor.pevest.com has moved to learn2c.org

In the spring of 2017, this web site – appinventor.pevest.com – was moved to https://learn2c.org (or an alternate address https://appinventorplus.wordpress.com/)

The move was made for technical and practical reasons. Visit https://learn2c.org for updates made through out 2017 and into 2018.


However, things have changed since then and as of the spring of 2018, this web site may return to here. If that happens, the plan is for the new learn2c.org address to point here as well.

Why return?

Many of the technical issues that caused to migrate a year ago have gone away or been solved.

The learn2c.org web site is hosted at WordPress.com and it appears Google down ranks WordPress web sites in search results. This old appinventor.pevest.com site – even without having been updated in a year, continues to receive many times more visits as a result of searches than does the WordPress.com hosted web site!

Finally, WordPress raised their hosting price last year.