Archives for 2014

You are browsing the site archives by date.

Xamarin Cross Platform Application Development – Book Review

Xamarin Cross Platform Application Development – Book Review

Andy Flisher is a Software Developer based in the North East of England specialising in cross platform development. Mobile Development experience includes Windows Phone, Android, and iPhone Apps. Desktop Software Development includes bespoke Windows, Linux, and Mac Applications. Web Development Skills include PHP, Perl, Python, Xamarin, C#, ASP (Classic and .NET). Andy also has some Industrial / PLC Programming experience – Andy Flisher on Google+

This is a review of the recently published book “Xamarin Cross Platform Application Development” by Jonathan Peppers.

This book is openly marketed at existing, experienced C# developers so it’s certainly not for beginners, and whilst I don’t fall into this category the nature of projects I work in require mostly ‘linear’ development (Web, PHP, Perl, Python, VB etc over the years) so concepts like MVC, MVVM and in particular IOC (Inversion of Control) are newer and less clear. Thankfully this book has resolved that through it’s excellent practical examples.

One area this book doesn’t touch on hugely is the level of planning required for MVC applications, you can’t just ‘jump in and code’, but that’s potentially a book in itself, but what the book does very well for me, is explain the View, ViewModel, Model and Controller concepts in terms of the classes and data layers required. The book also introduces Interfaces (something I always saw as an unnecessary layer of complexity) which I now ‘get’ in terms of flexibility, and in particular to give the developer options in a cross platform environment.

The icing on the cake is ‘Inversion of Control’, whilst the book doesn’t particularly explain this convention in huge detail, I think it is actually to it’s credit, any more and the reader will be bogged down in unnecessary detail and complexity. It basically gives us the service layer that ‘glues’ the application together, allowing use to create and register our ViewModels as Services and thus make them available to use throughout the app with a single line of code. I’m sure that my description is not hugely more constructive than the words in the book themselves, but the working example of the XamChat application completes it.

Which is my main point, am sure many people work differently, but for me working examples of code are what makes it stick in my mind, it helps it all make sense. Throughout this book you will be building bit buy bit a working chat application, firstly in Xamarin.iOS (but using the all important cross platform and code sharing concepts learnt at the beginning of the book), and then re-implementing the same application logic in Xamarin.Android. The nice touch, which some may see as lazy, was that with the Android example you are taken to a certain point and then left to finish off using the examples you already have. A real, and practical exercise which I think will do the reader good. It wouldn’t be a huge leap further to recreate in Windows Phone, for the ultimate practical extension.

The Xamchat application is then extended through the Windows Azure platform to use their backend for data storage (a good example of how the same Interface can be re-used to store on different platforms), and to implement cross platform push notifications.

Lastly there are chapters on using Xamarin Components (including Xamarin.Mobile for Contacts, Camera and Location functionality), and actual App Store submission and their different processes, processes that even the most experienced developer can struggle with (Apple Certificates and Profile expiry anyone!).

In summary, this is an excellent book for any would be cross platform mobile application developer, yes you need a good understanding of C#, MVC and similar concepts, and the individual mobile platforms and general development processes themselves, and those things don’t come over night, but this book binds it all together with real world examples, working code (a novelty for some books) and actual code and methods you can take away and use in the real world.

Buy it, read it, and take as much as you can from it – “Xamarin Cross Platform Application Development” by Jonathan Peppers

Baby Biography Mobile App – Project

Baby Biography Mobile App – Projects

Andy Flisher is a Software Developer based in the North East of England specialising in cross platform development. Mobile Development experience includes Windows Phone, Android, and iPhone Apps. Desktop Software Development includes bespoke Windows, Linux, and Mac Applications. Web Development Skills include PHP, Perl, Python, Xamarin, C#, ASP (Classic and .NET) – Andy Flisher on Google+

The mobile app will be developed using dotUK’s cross platform, and multi platform mobile app development skills. This skill set is a niche, and dotUK are one of the few development companies, certainly amongst North East Mobile App Developer’s to offer true, native mobile apps that can be developed simultaneously across the core mobile application platforms, in parallel.

Baby Bio Mobile App

The Baby Biography mobile app will be offered initially as an iPhone app, and also as and Android App, in addition to creating Baby Biographies within the app, other features include;

  • Creation of Multiple Books
  • Sharing of Baby Moments and Photos ‘In App’ to Social Media
  • Free Cloud based storage of all your books and moments
  • Collaboration with other parents
  • Conception and Pregnancy calculators
  • In App Support

Cloud storage and collaboration will be offered through dotUK’s in house cloud storage framework which allows the app to seamlessly synchronise the baby biographies into the cloud in the background when connected to a suitable internet connection, but doesn’t in any way impeded or restrict any app functionality when working offline.

Originally posted at http://www.dotuk.net/news…

You get what you pay for – Mobile App Security

You get what you pay for – App Security

Andy Flisher is a Software Developer based in the North East of England specialising in cross platform development. Mobile Development experience includes Windows Phone, Android, and iPhone Apps. Desktop Software Development includes bespoke Windows, Linux, and Mac Applications. Web Development Skills include PHP, Perl, Python, Xamarin, C#, ASP (Classic and .NET) – Andy Flisher on Google+

In the course of work this week I had a cause to audit an iOS App that a prospect had had developed by a local competitor here in the North East, the reasoning for this was that the prospective client was looking at moving the hosted back end (ASP .Net, SQL Server – standard stuff) and wanted a price.
The purpose of the audit was to check what network connections the app was making, and correlating with what I knew about the backend hosting, just to make sure there were no surprises, we didn’t have the source code for either end yet, it was just a pricing exercise at this point (As it happens the App is written using PhoneGap so we did have the source code, but my route was quicker).

So, I installed the app, redirected my iPhone through a proxy server, and fired up the app – and proceeded to stare in horror. The app instantly, on first run fired up an un-encrypted, un-authenticated connection to the backend host and promptly downloaded the usernames, password, emails, and more for every user in the system. It then keeps a copy of these locally, and uses those details to authenticate later.

Why is this bad, in laymans terms, because anyone, on the internet, who knew the url the app uses could download the same list. Would people be interested in logging in to this system? Probably not, do people use the same username and password for Amazon, Tesco, Online Banking – absolutely, and there’s the problem.

Solutions, well it’s about paranoia, but key areas;

  • Authentication – Implement simple basic authentication so that the app logs in to the webservice it pulls the data from.
  • Https – Implement and SSL connection, then at least all traffic too and fro is encrypted (important as Basic Authentication is over plain text, so without https it’s still sniffable)
  • Change the login mechanism to completely remove the need to download all user info at all.

What’s really frustrating though, and actually makes the ‘You get what you pay for’ title of this post a misnomer, is this wasn’t a cheap solution.  The client paid a very reasonable amount for this app and solution.  This is the sort of thing we see, and sadly expect, when a ‘cheap’ solution is offered as a counter to ours.  We’re not expensive, but not cheap, we do do things correctly though.  It’s a classic case of the customer not knowing what they’re not getting, they trust, and assume that a professional job is being done, without really asking too many questions about why it’s cheap.

In this case no excuses though, I’ll not name anyone, and we’ve raised the issue with the client – We certainly won’t be taking on the hosting until it’s resolved!

Andy works for dotUK (www.dotuk.net) a North East Based Web and Software Development firm he helped found.