Apr 21

Keeping Android safe: Security enhancements in Nougat

Posted by Xiaowen Xin, Android Security Team

Over the course of the summer, we previewed a variety of security enhancements in
Android 7.0 Nougat: an increased focus on security with our vulnerability
rewards program, a new Direct
Boot mode, re-architected mediaserver and hardened
media stack, apps that are protected from accidental
regressions to cleartext traffic, an update to the way Android handles trusted
certificate authorities, strict enforcement of verified
boot with error correction, and updates
to the Linux kernel to reduce the attack surface and increase memory
protection. Phew!

Now that Nougat has begun to roll out, we wanted to recap these updates in a
single overview and highlight a few new improvements.

Direct Boot and encryption

In previous versions of Android, users with encrypted devices would have to
enter their PIN/pattern/password by default during the boot process to decrypt
their storage area and finish booting. With Android 7.0 Nougat, we’ve updated
the underlying encryption scheme and streamlined the boot process to speed up
rebooting your phone. Now your phone’s main features, like the phone app and
your alarm clock, are ready right away before you even type your PIN, so people
can call you and your alarm clock can wake you up. We call this feature Direct
Boot.

Under the hood, file-based encryption enables this improved user experience.
With this new encryption scheme, the system storage area, as well as each user
profile storage area, are all encrypted separately. Unlike with full-disk
encryption, where all data was encrypted as a single unit, per-profile-based
encryption enables the system to reboot normally into a functional state using
just device keys. Essential apps can opt-in to run in a limited state after
reboot, and when you enter your lock screen credential, these apps then get
access your user data to provide full functionality.

File-based encryption better isolates and protects individual users and profiles
on a device by encrypting data at a finer granularity. Each profile is encrypted
using a unique key that can only be unlocked by your PIN or password, so that
your data can only be decrypted by you.

Encryption support is getting stronger across the Android ecosystem as well.
Starting with Marshmallow, all capable devices were required to support
encryption. Many devices, like Nexus 5X and 6P also use unique keys that are
accessible only with trusted hardware, such as the ARM TrustZone. Now with 7.0
Nougat, all new capable Android devices must also have this kind of hardware
support for key storage and provide brute force protection while verifying your
lock screen credential before these keys can be used. This way, all of your data
can only be decrypted on that exact device and only by you.

The media stack and platform hardening

In Android Nougat, we’ve both hardened and re-architected
mediaserver, one of the main system services that processes untrusted input.
First, by incorporating integer overflow sanitization, part of Clang’s UndefinedBehaviorSanitizer,
we prevent an entire class of vulnerabilities, which comprise the majority of
reported libstagefright bugs. As soon as an integer overflow is detected, we
shut down the process so an attack is stopped. Second, we’ve modularized the
media stack to put different components into individual sandboxes and tightened
the privileges of each sandbox to have the minimum privileges required to
perform its job. With this containment technique, a compromise in many parts of
the stack grants the attacker access to significantly fewer permissions and
significantly reduced exposed kernel attack surface.

In addition to hardening the mediaserver, we’ve added a large list of
protections for the platform, including:

  • Verified Boot: Verified Boot is now strictly enforced to
    prevent compromised devices from booting; it supports error
    correction to improve reliability against non-malicious data corruption.

  • SELinux: Updated SELinux configuration and increased
    Seccomp coverage further locks down the application sandbox and reduces attack
    surface.

  • Library load order randomization and improved ASLR:
    Increased randomness makes some code-reuse attacks less reliable.

  • Kernel
    hardening
    : Added additional memory protection for newer kernels by
    marking
    portions of kernel memory as read-only, restricting
    kernel access to userspace addresses, and further reducing the existing
    attack surface.

  • APK
    signature scheme v2
    : Introduced a whole-file signature scheme that
    improves verification
    speed and strengthens integrity guarantees.

App security improvements

Android Nougat is the safest and easiest version of Android for application
developers to use.

  • Apps that want to share data with other apps now must explicitly opt-in by
    offering their files through a Content
    Provider, like FileProvider.
    The application private directory (usually /data/data/) is now set to
    Linux permission 0700 for apps targeting API Level 24+.

  • To make it easier for apps to control access to their secure network
    traffic, user-installed certificate authorities and those installed through
    Device Admin APIs are no
    longer trusted by default for apps targeting API Level 24+. Additionally,
    all new Android devices must ship with the same
    trusted CA store.

  • With Network
    Security Config, developers can more easily configure network security
    policy through a declarative configuration file. This includes blocking
    cleartext traffic, configuring the set of trusted CAs and certificates, and
    setting up a separate debug configuration.

We’ve also continued to refine app permissions and capabilities to protect you
from potentially harmful apps.

  • To improve device privacy, we have further restricted and removed access to
    persistent device identifiers such as MAC addresses.

  • User interface overlays can no longer be displayed on top of permissions
    dialogs. This “clickjacking” technique was used by some apps to attempt to gain
    permissions improperly.

  • We’ve reduced the power of device admin applications so they can no longer
    change your lockscreen if you have a lockscreen set, and device admin will no
    longer be notified of impending disable via onDisableRequested().
    These were tactics used by some ransomware to gain control of a
    device.

System Updates

Lastly, we’ve made significant enhancements to the OTA update system to keep
your device up-to-date much more easily with the latest system software and
security patches. We’ve made the install time for OTAs faster, and the OTA size
smaller for security updates. You no longer have to wait for the optimizing apps
step, which was one of the slowest parts of the update process, because the new
JIT compiler has been optimized
to make installs and updates lightning fast.

The update experience is even faster for new Android devices running Nougat with
updated firmware. Like they do with Chromebooks, updates are applied in the
background while the device continues to run normally. These updates are applied
to a different system partition, and when you reboot, it will seamlessly switch
to that new partition running the new system software version.

We’re constantly working to improve Android security and Android Nougat brings
significant security improvements across all fronts. As always, we appreciate
feedback on our work and welcome suggestions for how we can improve Android.
Contact us at security@android.com.


Android Developers Blog

Apr 20

Cast Away with Android TV and Google Cast

By Dave Burke and Majd Bakar, Engineering Directors and TV Junkies

Last summer, we launched Chromecast, a small, affordable device that lets you cast online video, music and anything from the web to your TV. Today at Google I/O, we announced Android TV, the newest form factor to the Android platform, and a way to extend the reach of Google Cast to more devices, like televisions, set-top boxes and consoles.

Check out Coming to a Screen Near You for some details on everything we’re doing to make your TV the place to be.

For developers though–sorry, you don’t get to unwind in front of the TV. We need you to get to work and help us create the best possible TV experience, with all of the new features announced at I/O today.

Get started with Android TV

In addition to Google Cast apps that send content to the TV, you can now build immersive native apps and console-style games on Android TV devices. These native apps work with TV remotes and gamepads, even if you don’t have your phone handy. The Android L Developer Preview SDK includes the new Leanback support library that allows you to design smoother, simpler, living room apps.

And this is just the beginning. In the fall, new APIs will allow you to cast directly to these apps, so users can control the app with the phone, the remote, or even their Android Wear watch. You’ll also start seeing Android TV set-top boxes, consoles and televisions from Sony, TP Vision, Sharp, Asus, Razer and more.

Help more users find your Google Cast app

We want to help users more easily find your content, so we’ve improved the Google Cast SDK developer console to let you upload your app icon, app name, and app category for Android, iOS and Chrome. These changes will help your app get discovered on chromecast.com/apps and on Google Play.

Additional capabilities have also been added to the Google Cast SDK. These include: Media Player Library enhancements, bringing easier integration with MPEG-DASH Smooth Streaming, and HLS. We’ve also added WebAudio & WebGL support, made the Cast Companion Library available, and added enhanced Closed Caption support. And coming soon, we will add support for queuing and ID delegation.

Ready to get started? Visit developer.android.com/tv and developers.google.com/cast for the SDKs, style guides, tutorials, sample code, and the API references. You can also request an ADT-1 devkit to bootstrap your Android TV development.

Google I/O 2014
I/O Livestreams
I/O Bytes Videos
+Android Developers

L Developer Preview
Material Design
Android Wear
Android TV
Android Auto

Get it on Google Play


Android Developers Blog

Apr 20

Android L Developer Preview and Android Studio Beta

By Jamal Eason, Product Manager, Android

At the Google I/O keynote yesterday we announced the L Developer Preview — a development version of an upcoming Android release. The Developer Preview lets you explore features and capabilities of the L release and get started developing and testing on the new platform. You can take a look at the developer features and APIs in the API Overview page.

Starting today, the L Developer Preview is available for download from the L Developer Preview site. We’re also announcing that Android Studio is now in beta, and making great progress toward a full release.

Let’s take a deeper dive into what’s included in the preview and what it means for you as a developer as you prepare your apps for the next Android release.

What’s in the L Developer Preview

The L Developer Preview includes updated SDK tools, system images for testing on an emulator, and system images for testing on a Nexus 5 or Nexus 7 device.

You can download these components through the Android SDK Manager:

  • L Developer Preview SDK Tools
  • L Developer Preview Emulator System Image – 32-bit (64-bit experimental emulator image coming soon)
  • L Developer Preview Emulator System Image for Android TV (32-bit)

(Note: the full release of Android Wear is a part of Android KitKat, API Level 20. Read more about Android Wear development here.)

Today, we are also providing system image downloads for these Nexus devices to help with your testing as well:

  • Nexus 5 (GSM/LTE) “hammerhead” Device System Image
  • Nexus 7 [2013] – (Wifi) “razor” Device System Image

You can download both of these system images from the L Developer Preview site.

With the SDK Tools, and Nexus device images, you can get a head start on testing out your app on the latest Android platform months before the official launch. You can use the extra lead time to take advantage of all the new app features and APIs in your apps. The Nexus device images can help you with testing, but keep in mind that they are meant for development purposes only and should not be used on a production device.

Notes on APIs and publishing

The L Developer Preview is a development release and does not have a standard API level. The APIs are not final, and you can expect minor API changes over time.

To ensure a great user experience and broad compatibility, you can not publish versions of your app to Google Play that are compiled against L Developer Preview. Apps built for L Developer Preview will have to wait until the full official launch to publish on Google Play.

Android Studio Beta

To help you develop your apps for the upcoming Android version and for new Android device types, we’re also happy to announce Android Studio Beta. Android Studio Beta helps you develop apps by enabling you to:

  • Incorporate the new material design and interaction elements of the L Developer Preview SDK
  • Quickly create and build apps with a new app wizard and layout editor support for Android Wear and Android TV

Building on top of the build variants and flavors features we introduced last year, the Android Studio build system now supports creating multiple apks, such as for devices like Android Wear. You can try out all the new features with the L Developer Preview by downloading the Android Studio Beta today.

How to get started

To get started with the L Developer Preview and prepare your apps for the full release, just follow these steps:

  1. Try out Android Studio Beta
  2. Visit the L Developer Preview site
  3. Explore the new APIs
  4. Enable the material theme and try out material design on your apps
  5. Get the emulator system images through the SDK Manager or download the Nexus device system images.
  6. Test your app on the new Android Runtime (ART) with your device or emulator
  7. Give us feedback

We hope you try the L Developer Preview as you start building the next generation of amazing Android user experiences.

Google I/O 2014
I/O Livestreams
I/O Bytes Videos
+Android Developers

L Developer Preview
Material Design
Android Wear
Android TV
Android Auto

Get it on Google Play


Android Developers Blog

Apr 19

Building Successful Global App Businesses

By: Purnima Kochikar, Director, Google Play Apps & Games

With over 1 billion active Android users, an increasing number of developers like you are building successful global businesses on Google Play. Since the last Google I/O, we’ve also paid out more than $ 5 billion to developers.

This week at Google I/O, we announced new ways to help you build a successful business. These solutions work together at scale to help you find more users, understand and engage them, and effectively convert your active users into buyers.

Build an engaging app

Last year, Google Play became an even better place to try new ideas. Since May 2013, Google Play offers Alpha and Beta Testing so that you can engage users early to get feedback on your new app. Feedback provided by users is private, allowing you to fix issues before publicly launching the app, and without impacting your public ratings and reviews. Over 80,000 apps on Google Play are actively using beta testing. You can also ensure new versions get a positive response by updating through staged rollouts.

Scale operations

As your app business grows, you dedicate more time to release management. Today we announced the Google Play Developer Publishing API to help you scale your release operations. The new API will let you upload APKs, manage your in-app products and localized store listings. You will be able to integrate publishing operations with your release processes and toolchain through a RESTful API. With the Google Play Developer Publishing API you’ll spend less time managing your releases and more time managing your business. This API is currently in closed beta and we look forward to making it available to all developers.

Actionable insights

The Google Play Developer Console now offers more actionable insights into your app’s performance by sending you email notifications for Alerts and providing Optimization Tips. We’re also offering new revenue metrics including number of buyers and average revenue per paying user. You’ll also be able to export user reviews for further analysis. Click on Announcements in the Developer Console for a list of new features.

For game developers, we recently launched enhanced Play Games statistics on the Google Play Developer Console. You get a daily dashboard that visualizes player and engagement statistics for signed in users, including daily active users, retention analysis, and achievement and leaderboard performance.

Enhance discovery and engagement

With AdWords, we’re building a robust platform to help you promote your app and drive re-engagement. This week we are launching Installed App Category Targeting, a new way to promote your app to new users. It helps you reach potential customers across the AdMob network who have already installed apps from related categories on Google Play and other app stores. For example, an action-oriented game developer may wish to reach users who have previously installed apps from the category Action & Adventure Games.

Ads can also remind users about the apps they already have. Through Google mobile display and search ads deep linking, you can re-engage users who have already installed your Android app by taking them directly to specific pages in the app. Let’s say someone has the Hotel Tonight app installed on their phone. If they search Google for “hotels in San Francisco,” they’ll see an ad that will open Hotel Tonight app and take them directly to a list of San Francisco hotels.

This deep-linking is also available through search for all apps that implement app indexing. If a user with the Walmart Android app searches for “Chromecast where to buy”, they’ll go directly to the Chromecast page in the Walmart app. The new App Indexing API is now open to all Android developers, globally. Get started now.

New services for game developers

For game developers using Play Games, we announced a new Game Profile that is automatically customized based on the gameplay and achievements earned in those games. Since its launch last year, users have loved saving their game progress in the cloud. We’re now evolving this feature to Saved Games, where users can save up to 3 “bookmarks” of their progress in the Play Games app, complete with images and descriptions. Finally, we announced a new service called Quests — it you run online, time-based goals in your game; for example, players can collect bunch of in-game items on a specific day, and the quests services coordinates with your game to know who completed the goal. These APIs run events for your players, and reward them, without the need to update your game.

New monetization tools

Today, we announced that users who have set up Direct Carrier Billing on their smartphone can also make purchases on Google Play from their tablet, charging to the same mobile phone bill. In addition to our recent launch of payments through PayPal, these new user payment options expand monetization opportunities for your apps.

As announced earlier this year, Google Analytics is now directly available in the AdMob interface, giving you powerful segmentation tools to determine the best monetization strategy for each user. For example, you might want to display in-app purchase ads to users most interested in buying, while showing regular ads to those less likely to buy right now. Once you’ve segmented your audience in this way, you can use AdMob to build interstitial ads that promote in-app purchase items to users at a point in your app that’s useful to them. This creates a more customized experience for users, can help prolong engagement and grow in-app purchase revenue. Learn more.

Join us

If you’re at Google I/O 2014, please join us at our breakout sessions today and tomorrow, where we’ll be talking about these features in much more detail. (Add us to your calendar!) And if you can’t make I/O, you can always join us on the livestream or watch the videos online later.

Google I/O 2014
I/O Livestreams
I/O Bytes Videos
+Android Developers

Apr 18

Games at Google I/O ’14: Everyone’s Playing Games

By Greg Hartrell, Product Manager, Google Play games

With Google I/O ‘14 here, we see Android and Google Play as a huge opportunity for game developers: 3 in 4 Android users are playing games, and with over one billion active Android users around the world, games are reaching and delighting almost everyone.

At Google, we see a great future where mobile and cloud services bring games to all the screens in your life and connect you with others. Today we announced a number of games related launches and upcoming technologies across Google Play Games, the Android platform and its new form factors.

Google Play Games

At last year’s Google I/O, we announced Google Play Games — Google’s online game platform, with services and user experiences designed to bring players together and take Android and mobile games to the next level.

Google Play Games has grown at tremendous speed, activating 100 million users in the past 6 months. It’s the fastest growing mobile game network, and with such an incredible response, we announced more awesome enhancements to Google Play Games today.

Game Profile

The Play Games app now gives players a Game Profile, where they earn points and vanity titles from unlocking achievements. Players can also compare their profile with friends. Developers can benefit from this meta-game by continuing to design great achievements that reward players for exploring all the content and depth of their game.

Quests and Saved Games

Two new game services will launch with the next update for Google Play Services on Android, and through the Play Games iOS SDK:

  • Quests is a service that enables developers to create online, time-based goals in their games without having to launch an update each time. Now developers can easily run weekend or daily challenges for their player community, and reward them in unique ways.
  • Saved Games is a service that stores a player’s game progress across many screens, along with a cover image, description and total time played. Players never have to play level 1 again by having their progress stored with Google, and cover images and descriptions are used in Play Games experiences to indicate where they left off and attract them to launch their favorite game again.

We have many great partners who have started integrating Quests and Saved Games, here are just a few current or upcoming games.

Google I/O 2014
I/O Livestreams
I/O Bytes Videos
+Android Developers

Apr 18

Game Performance: Data-Oriented Programming

Posted by Shanee Nishry, Game Developer Advocate

To improve game performance, we’d like to highlight a programming paradigm that will help you maximize your CPU potential, make your game more efficient, and code smarter.

Before we get into detail of data-oriented programming, let’s explain the problems it solves and common pitfalls for programmers.

Memory

The first thing a programmer must understand is that memory is slow and the way you code affects how efficiently it is utilized. Inefficient memory layout and order of operations forces the CPU idle waiting for memory so it can proceed doing work.

The easiest way to demonstrate is by using an example. Take this simple code for instance:

char data[1000000]; // One Million bytes
unsigned int sum = 0;

for ( int i = 0; i < 1000000; ++i )
{
  sum += data[ i ];
}

An array of one million bytes is declared and iterated on one byte at a time. Now let's change things a little to illustrate the underlying hardware. Changes marked in bold:

char data[16000000]; // Sixteen Million bytes
unsigned int sum = 0;

for ( int i = 0; i < 16000000; i += 16 )
{
  sum += data[ i ];
}

The array is changed to contain sixteen million bytes and we iterate over one million of them, skipping 16 at a time.

A quick look suggests there shouldn't be any effect on performance as the code is translated to the same number of instructions and runs the same number of times, however that is not the case. Here is the difference graph. Note that this is on a logarithmic scale--if the scale were linear, the performance difference would be too large to display on any reasonably-sized graph!


Graph in logarithmic scale

The simple change making the loop skip 16 bytes at a time makes the program run 5 times slower!

The average difference in performance is 5x and is consistent when iterating 1,000 bytes up to a million bytes, sometimes increasing up to 7x. This is a serious change in performance.

Note: The benchmark was run on multiple hardware configurations including a desktop with Intel 5930K 3.50GHz CPU, a Macbook Pro Retina laptop with 2.6 GHz Intel i7 CPU and Android Nexus 5 and Nexus 6 devices. The results were pretty consistent.

If you wish to replicate the test, you might have to ensure the memory is out of the cache before running the loop because some compilers will cache the array on declaration. Read below to understand more on how it works.

Explanation

What happens in the example is quite simply explained when you understand how the CPU accesses data. The CPU can’t access data in RAM; the data must be copied to the cache, a smaller but extremely fast memory line which resides near the CPU chip.

When the program starts, the CPU is set to run an instruction on part of the array but that data is still not in the cache, therefore causing a cache miss and forcing the CPU to wait for the data to be copied into the cache.

For simplicity sake, assume a cache size of 16 bytes for the L1 cache line, this means 16 bytes will be copied starting from the requested address for the instruction.

In the first code example, the program next tries to operate on the following byte, which is already copied into the cache following the initial cache miss, therefore continuing smoothly. This is also true for the next 14 bytes. After 16 bytes, since the first cache miss the loop, will encounter another cache miss and the CPU will again wait for data to operate on, copying the next 16 bytes into the cache.

In the second code sample, the loop skips 16 bytes at a time but hardware continues to operate the same. The cache copies the 16 subsequent bytes each time it encounters a cache miss which means the loop will trigger a cache miss with each iteration and cause the CPU to wait idle for data each time!

Note: Modern hardware implements cache prefetch algorithms to prevent incurring a cache miss per frame, but even with prefetching, more bandwidth is used and performance is lower in our example test.

In reality the cache lines tend to be larger than 16 bytes, the program would run much slower if it were to wait for data at every iteration. A Krait-400 found in the Nexus 5 has a L0 data cache of 4 KB with 64 Bytes per line.

If you are wondering why cache lines are so small, the main reason is that making fast memory is expensive.

Data-Oriented Design

The way to solve such performance issues is by designing your data to fit into the cache and have the program to operate on the entire data continuously.

This can be done by organizing your game objects inside Structures of Arrays (SoA) instead of Arrays of Structures (AoS) and pre-allocating enough memory to contain the expected data.

For example, a simple physics object in an AoS layout might look like this:

struct PhysicsObject
{
  Vec3 mPosition;
  Vec3 mVelocity;

  float mMass;
  float mDrag;
  Vec3 mCenterOfMass;

  Vec3 mRotation;
  Vec3 mAngularVelocity;

  float mAngularDrag;
};

This is a common way way to present an object in C++.

On the other hand, using SoA layout looks more like this:

class PhysicsSystem
{
private:
  size_t mNumObjects;
  std::vector< Vec3 > mPositions;
  std::vector< Vec3 > mVelocities;
  std::vector< float > mMasses;
  std::vector< float > mDrags;

  // ...
};

Let’s compare how a simple function to update object positions by their velocity would operate.

For the AoS layout, a function would look like this:

void UpdatePositions( PhysicsObject* objects, const size_t num_objects, const float delta_time )
{
  for ( int i = 0; i < num_objects; ++i )
  {
    objects[i].mPosition += objects[i].mVelocity * delta_time;
  }
}

The PhysicsObject is loaded into the cache but only the first 2 variables are used. Being 12 bytes each amounts to 24 bytes of the cache line being utilised per iteration and causing a cache miss with every object on a 64 bytes cache line of a Nexus 5.

Now let’s look at the SoA way. This is our iteration code:

void PhysicsSystem::SimulateObjects( const float delta_time )
{
  for ( int i = 0; i < mNumObjects; ++i )
  {
    mPositions[ i ] += mVelocities[i] * delta_time;
  }
}

With this code, we immediately cause 2 cache misses, but we are then able to run smoothly for about 5.3 iterations before causing the next 2 cache misses resulting in a significant performance increase!

The way data is sent to the hardware matters. Be aware of data-oriented design and look for places it will perform better than object-oriented code.

We have barely scratched the surface. There is still more to data-oriented programming than structuring your objects. For example, the cache is used for storing instructions and function memory so optimizing your functions and local variables affects cache misses and hits. We also did not mention the L2 cache and how data-oriented design makes your application easier to multithread.

Make sure to profile your code to find out where you might want to implement data-oriented design. You can use different profilers for different architecture, including the NVIDIA Tegra System Profiler, ARM Streamline Performance Analyzer, Intel and PowerVR PVRMonitor.

If you want to learn more on how to optimize for your cache, read on cache prefetching for various CPU architectures.

Join the discussion on

+Android Developers


Android Developers Blog

Apr 18

Protecting WebView with Safe Browsing


Posted by Nate Fischer, Software Engineer

Since 2007, Google Safe Browsing has been protecting users across the web from phishing and malware attacks. It protects over three billion devices from an increasing number of threats, now also including unwanted software across desktop and mobile platforms. Today, we’re announcing that Google Play Protect is bringing Safe Browsing to WebView by default, starting in April 2018 with the release of WebView 66.

Developers of Android apps using WebView no longer have to make any changes to benefit from this protection. Safe Browsing in WebView has been available since Android 8.0 (API level 26), using the same underlying technology as Chrome on Android. When Safe Browsing is triggered, the app will present a warning and receive a network error. Apps built for API level 27 and above can customize this behavior with new APIs for Safe Browsing.

An example of a warning shown when Safe Browsing detects a dangerous site. The style and content of the warning will vary depending on the size of the WebView.

You can learn more about customizing and controlling Safe Browsing in the Android API documentation, and you can test your application today by visiting the Safe Browsing test URL (chrome://safe-browsing/match?type=malware) while using the current WebView beta.


Android Developers Blog

Apr 17

New in Android: L Developer Preview and Google Play Services 5.0

By Jamal Eason, Product Manager, Android

Earlier today, at Google I/O, we showed a number of projects we’ve been working on to the thousands of developers in the audience and the millions more tuning in on the livestream. These projects extend Android to the TV (Android TV), to the car (Android Auto) and to wearables (Android Wear), among others.

At Google, our focus is providing a seamless experience for users across all of the screens in their lives. An important component to that is making sure that you as developers have all of the tools necessary to easily deploy your apps across to those screens. Increasingly, Android is becoming the fabric that weaves these experiences together, which is why you’ll be excited about a number of things we unveiled today.

Android L Developer Preview

For the first time since we launched Android, we’re giving you early access to a development version of an upcoming release. The L Developer Preview, available starting tomorrow, lets you explore many of the new features and capabilities of the next version of Android, and offers everything you need to get started developing and testing on the new platform. This is important because the platform is evolving in a significant way — not only for mobile but also moving beyond phones and tablets. Here are a few of the highlights for developers:

  • Material design for the multiscreen world — We’ve been working on a new design language at Google that takes a comprehensive approach to visual, motion, and interaction design across a number of platforms and form factors. Material design is a new aesthetic for designing apps in today’s multi-device world. The L Developer Preview brings material design to Android, with a full set of tools for your apps. The system is incredibly flexible, allowing your app to express its individual character and brand with bold colors and a variety of responsive UI patterns and themeable elements.
  • Enhanced notifications — New lockscreen notifications let you surface content, updates, and actions to users at a glance, without unlocking. Visibility controls let you manage the types of information shown on the lockscreen. Heads-up notifications display content and actions in a small floating window that’s managed by the system, no matter which app is in the foreground. Notifications are material themed and you can express your brand through accent colors and more.
  • Document-centric Recents — Now you can organize your app by tasks and present these concurrently as individual “documents” in the Recents screen. Users can flip through Recents to find the specific task they want and then jump deep into your app with a single tap.
  • Project Volta — New tools and APIs help your app run efficiently and conserve power. Battery Historian is a new tool that lets you visualize power events over time and understand how your app is using battery. A job scheduler API lets you set the conditions under which your background tasks and other jobs should run, such as when the device is idle or connected to an unmetered to a charger, to minimize battery impact.
  • BLE Peripheral Mode — Android devices can now function in Bluetooth Low Energy (BLE) peripheral mode. Apps can use this capability to broadcast their presence to nearby devices — for example, you can now build apps that let a device to function as a pedometer or health monitor and transmit data to another BLE device.
  • Multi-networking — Apps can work with the system to dynamically scan for available networks with specific capabilities and then automatically connect. This is useful when you want to manage handoffs or connect to a specialized network, such as a carrier-billing network.
  • Advanced camera capabilities — A new camera API gives you new capabilities for image capture and processing. On supported devices, your app can capture uncompressed YUV capture at full 8 megapixel resolution at 30 FPS. The API also lets you capture raw sensor data and control parameters such as exposure time, ISO sensitivity, and frame duration, on a per-frame basis.
  • New features for game developers — Support for OpenGL ES 3.1, gives you capabilities such as compute shaders, stencil textures, and texture gather for your games. Android Extension Pack (AEP) is a new set of extensions to OpenGL ES that bring desktop-class graphics to Android. Games will be able to take advantage of tessellation and geometry shaders, and use ASTC texture compression across multiple GPU techonolgies.
  • Android Runtime (ART) — The L Developer Preview introduces the Android Runtime (ART) as the system default. ART offers ahead-of-time (AOT) compilation, more efficient garbage collection, and improved development and debugging features. In many cases it improves performance of the device with no action required by the developer.
  • 64-bit support — The L Developer Preview adds support for 64-bit ABIs, for additional address space and improved performance with certain compute workloads. Apps written in the Java language can run immediately on 64-bit architectures with no modifications required. To support apps using native code, we’re also releasing an updated NDK that includes 64-bit support.

Watch for more details coming out tomorrow (26 June) on what’s in the L Developer Preview and how to get it.

Google Play Services 5.0

Along with the L Developer Preview, we also announced a new version of Google Play services that brings new capabilities and the latest optimizations to devices across the Android ecosystem. Google Play services ensures that you can build on the latest features from Google for your users, with the confidence that those services will work properly everywhere. The latest version has begun rolling out and here are some of the highlights:

  • Services for Android wearables — Your apps can more easily communicate and sync with code running on Android wearables through an automatically synchronized, persistent data store and a reliable messaging interface.
  • Play Games services — Build a great gaming experience with Quests, which allow event-based challenges for players to complete for rewards, Saved Games (a snapshot API allow synchronization of game data along with a cover-image and description), and Game Profile (providing experience points for players).
  • App Indexing API — Surface deep content in your native mobile applications on Google search and drive additional user engagement.
  • Google Cast — Use media tracks to enable closed-caption support for Chromecast.
  • Drive — Sort query results, create offline folders, and select any mime type in the file picker by default.
  • Wallet — Build a “Save to Wallet” button for offers directly into your app; use geo-fenced in-store notifications to prompt the user to show and scan digital cards. Split tender allows payment to be split between Wallet Balance and a credit/debit card in Google Wallet.
  • Analytics — Get insights into the full user journey and understand how different user acquisition campaigns are performing with Enhanced Ecommerce, letting you measure product impressions, product clicks, and more.
  • Mobile Ads — Use improved in-app purchase ads and integrations for the Play store in-app purchase API client.
  • Dynamic Security Provider — Offers an alternative to the platform’s secure networking APIs that can be updated more frequently, for faster delivery of security patches.

We expect the rollout of Google Play services 5.0 to take several days, after which time you’ll be able to get started developing with these new APIs.

Join us at the Google I/O sessions

If you’d like to learn more, join us for sessions on Android development, material design, game development, and more. You’ll find the full session list on the Google I/O 2014 site, and you can filter the schedule to find livestreamed sessions of interest.

Google I/O 2014
I/O Livestreams
I/O Bytes Videos
+Android Developers

Apr 17

Android Things Release Candidate


Posted by Dave Smith, Developer Advocate for IoT

Earlier this year at CES, we showcased consumer products powered by Android Things from partners like Lenovo, LG, JBL, iHome, and Sony. We are excited to see Android Things enable the wider developer ecosystem as well. Today we are announcing the final preview release of Android Things, Developer Preview 8, before the upcoming stable release.

Feature complete SDK

Developer Preview 8 represents the final API surface exposed in the Android Things support library for the upcoming stable release. There will be no more breaking API changes before the stable v1.0 release of the SDK. For details on all the API changes included in DP8, see the release notes. Refer to the updated SDK reference to review the classes and methods in the final SDK.

This release also brings new features in the Android Things developer console to make building and managing production devices easier. Here are some notable updates:

Production-focused console enhancements

With an eye towards building and shipping production devices with the upcoming LTS release, we have made several updates to the Android Things developer console:

  • Enhanced OTA: Unpublish the current OTA build when issues are discovered in the field.
  • Visual storage layout: Configure the device storage allocated to apps and data for each build, and get an overview of how much storage your apps require.
  • Font/locale controls: Configure the set of supported fonts and locales packaged into each build.
  • Group sharing: Product sharing has been extended to include support for Google Groups.

App library

The new app library enables you to manage APKs more easily without the need to package them together in a separate zipped bundle. Track individual versions, review permissions, and share your apps with other console users. See the app library documentation for more details.

Permissions

On mobile devices, apps request permissions at runtime and the end user grants them. In earlier previews, Android Things granted these same permissions automatically to apps on device boot. Beginning in DP8, these permissions are granted using a new interface in the developer console, giving developers more control of the permissions used by the apps on their device.

This change does not affect development, as Android Studio grants all permissions by default. Developers using the command line can append the -g flag to the adb install command to get the same behavior. To test how apps on your device behave with certain permissions revoked, use the pm command:

$   adb shell pm [grant|revoke] <permission-name> ...

App launch behavior

Embedded devices need to launch their primary application automatically after the device boots, and relaunch it if the app terminates unexpectedly. In earlier previews, the main app on the device could listen for a custom IOT_LAUNCHER intent to enable this behavior. Beginning in DP8, this category is replaced by the standard CATEGORY_HOME intent.

<activity android:name=".HomeActivity">
    ...

    <!-- Launch activity automatically on boot, relaunch on termination. -->
    <intent-filter>
        <action android:name="android.intent.action.MAIN"/>
        <category android:name="android.intent.category.HOME"/>
        <category android:name="android.intent.category.DEFAULT"/>
    </intent-filter>
</activity>

Apps that contain an IOT_LAUNCHER intent filter will no longer be triggered on boot. Update your apps to use CATEGORY_HOME instead.

Feedback

Thanks to all of you in the developer community for sharing your feedback with us throughout developer preview. Join Google’s IoT Developers Community on Google+ to let us know what you’re building with Android Things and how we can improve the platform in future releases to help you build connected devices at scale!


Android Developers Blog

Apr 16

Google I/O: Design, Develop, Distribute

By Monica Tran, Head of Developer Marketing

Today at Moscone, we kicked off our 7th annual Google I/O. This year, we’re focusing on three key themes: design, develop, distribute, helping you build your app from start to finish.

It’s been amazing to see how far you’ve come: in fact, since the last Google I/O, we’ve paid developers more than $ 5 billion, a testament to the experiences you’re creating. In the keynote, we had a number of announcements geared towards meeting the user wherever they go: on the TV, in the car and on your wrist. Below is a taste of some of the goodies we unveiled to help you along the way.

DESIGN

  • Material design — we introduced material design, which uses tactile surfaces, bold graphic design, and fluid motion to create beautiful, intuitive experiences.
  • L-Release of Android, with material design — Bringing material design to Android is a big part of the L-Release of Android: we’ve added the new Material theme (which you can apply to your apps for a new style) and the ability to specify a view’s elevation, allowing you to cast dynamic, real-time shadows in your apps.
  • Bringing material design to Polymer — As a developer, you’ll now have access to all the capabilities of material design via Polymer, bringing tangibility, bold graphics, and animations to your applications on the web, all at 60fps.

DEVELOP

  • Android L Developer Preview — Get extra lead time to make great apps for the next version of Android, with lots of new APIs to make Android simpler and more consistent on screens everywhere
  • Google Play services 5.0 is rolling out worldwide with great new features for developers.
  • Android TV SDK — Explore, learn and build apps and games for the biggest screen in the home. Your hard work will pay off in the fall when Asus, Razer and other partners launch their first Android TV devices.
  • Google Cast SDK — Help users find your content more easily with the improved Google Cast SDK developer console, which lets your app get discovered on chromecast.com/apps and on Google Play.
  • Android Auto SDK coming — Bring your app experience to the car by extending your existing app with Android Auto APIs. Be in millions of cars — with just one app.
  • Google Fit — An open fitness platform giving users control of their fitness data so that developers can focus on building smarter apps and manufacturers can focus on creating amazing devices.
  • Gaming — Learn what’s new about Google Play Games and the Android platform to take games to the next level.
  • Google Cloud Platform — Get help with debugging, tracing, and monitoring applications in with new developer productivity tooling. Also, try Cloud Dataflow, a new fully managed service that simplifies the process of creating data pipelines.
  • The new Gmail API — Add Gmail features to your app with RESTful access to threads, messages, labels, drafts and history.
  • Android features for Enterprise — Secure apps and data without complicating the user experience. Build for the enterprise with no changes to the apps you’re already developing. Learn more here.

DISTRIBUTE

  • Building successful global app businesses — Scalable solutions to help you find more users, understand and engage them, and effectively convert your active users into buyers.

Google I/O 2014
I/O Livestreams
I/O Bytes Videos
+Android Developers