---------- Forwarded message ---------- From: Nitesh Bharadwaj <ntes...@gmail.com> Date: Wed, Aug 28, 2013 at 1:21 AM Subject: Re: [freenet-dev] Android Support for Darknet Connections Update #4 To: Matthew Toseland <matt...@toselandcs.co.uk>
On Tue, Aug 27, 2013 at 10:47 PM, Matthew Toseland <matt...@toselandcs.co.uk > wrote: > On Monday 26 Aug 2013 21:36:57 Nitesh Bharadwaj wrote: > > Presently, I see two options for QR. > > > > 1) Ask the zxing barcode scanner app https://code.google.com/p/zxing/ to > > start scanning for QR. It scans and returns the result to our app. If > there > > is no such app installed, raise an intent offering to download the app > > > > 2) Pull from git and build a .jar and ship along with app > > > > The first option seemed more androidy to me considering the fact that we > > needn't ever care for updates etc. as os does it for us. IMO, this is the > > sweetest feature of android. The drawback being, some dangerous app > > impersonating zxing. It is only possible if the user already has such app > > installed (in spite of security warnings, permission warnings while > > installing) since we offer to download only from play store. Apart from > > that, it seems okay. > > Surely you can specify what to offer to download in a secure manner, a > public key fingerprint or something? If not, I'd guess we should bundle it. > Your app is separate from fred, and updates only via the appstore? This process is generally secure because it is handled by google play store as there would only be one app published by zxing on playstore. > > > > I have implemented the basic version using zxing-android-integrator > > > https://github.com/zxing/zxing/blob/master/android-integration/src/com/google/zxing/integration/android/IntentIntegrator.java > . > > It checks only for an app that matches the package name of zxing.. > > Ewww. Matching package name only is *bad*. > That is the code offered by zxing to integrate their app. Basically, they do not see the need to perform any other check as they believe that the user would only download from play store or other trusted sources. > > > But as of now, this method works good in mobiles with good cameras (since > > the size of the noderef is very large) > > Src - https://github.com/NiteshBharadwaj/Freenet > > Apk - http://www.mediafire.com/download/ak42w8c8uj0ebdb/Freenet(2).apk > > Cool. > > > > > > > On Sun, Aug 25, 2013 at 8:22 PM, Nitesh Bharadwaj <ntes...@gmail.com> > wrote: > > > > > Its been long since last update. > > > Here I present a pre-alpha of the android application along with the > > > changes required in fred. It presently supports bluetooth and > wifi-direct > > > based reference exchanges. > > > > > > The code for the server on home node is more or less unchanged from the > > > previous update and the main changes are on the android part. Some of > them > > > pertain to > > > > > > UI and code structure: The UI had to be changed completely in order to > > > support old versions of android. Presently, the main thread serves as > the > > > UIThread and it has a handler. Any other thread which wishes to change > the > > > UI sends a message to this handler and the UI is updated. There are > some > > > concurrency issues left out but these are rare cases (for example, a > new > > > node - other than homenode is detected on our LAN while we are > exchanging > > > noderefs with a friend) and some work is left on this front. Other than > > > these, UI issues are fixed. > > > > > > Bluetooth: I had to face various compatibility issues, especially on > old > > > android devices (<= android 2.1-Froyo). These devices cannot connect > with > > > newer devices in the way they are meant to i.e. as described is > Android > > > SDK documentation. Following suit from > > > > http://stackoverflow.com/questions/3397071/service-discovery-failed-exception-using-bluetooth-on-android > , > > > I had to use java reflections to grab a bluetooth channel and force > > > connect. Note that this isn't so insecure as it sounds because any > > > bluetooth connection requires initial pairing. Alternatively, we can > only > > > support devices > android 2.1. > > > > > > General Incompatibility Issues: For example, android ships Bouncy > Castle > > > in its packages but doesn't pack any one version completely. We cannot > > > build along with the official bcprov...jar because it gives rise to > class > > > conflicts with pre-shipped versions. The most used solution is to use > > > spongy castle (modified bouncy castle) but I used jarjar to rename the > > > classes and ended doing the same as what spongy castle does. > > > > > > Several such compatibility issues cropped up and delayed my project > and I > > > am determined to keep it up and complete in time frame > > > > > > To be implemented: > > > #1 QR based exchange - This should be for mobiles which couldn't use > any > > > other methods because of lack of hardware / any issues > > > #2 Exchange over internet : > > > Some discussion is needed in this respect but in general, public keys > (DH) > > > are exchanged by QR and the actual noderef is sent over internet > (email?). > > > This would be received by other mobile/ node(?) > > > > > > To try out the app: > > > Build using Eclipse + Android SDK or ant + Android SDK from source > > > https://github.com/NiteshBharadwaj/Freenet or alternatively, could be > > > downloaded form > > > http://www.mediafire.com/download/8h6889jtqpott5v/Freenet.apk > > > > > > Also, the modified fred and modified mdns-plugin need to be forked and > > > built from https://github.com/freenet/fred-staging and > > > https://github.com/NiteshBharadwaj/plugin-MDNSDiscovery-official > > > > > _______________________________________________ > > Devl mailing list > > Devl@freenetproject.org > > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > > > _______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
