Introduction to Android

27 November 2018
Lecture 1

27 Nov 2018 SE 435: Development in the Android Environment 1

 Topics for Today
• What is Android?
– Terminology and Technical Terms
• Ownership, Distribution, Advertising

Sources
• Programming Android 1, 3
• developer.android.com

27 Nov 2018 SE 435: Development in the Android Environment 2

 Why Android?
• Android is an open source operating system produced (?)
by the Open Handset Alliance (OHA)

– OHA is made up of 84 companies in the cellular, software

industries
– Includes:
– Software engineering by Google
• What does OHA do?

27 Nov 2018 SE 435: Development in the Android Environment 3

 Why Study Android?
• Programs are written in an unusual way
• Android OS implements user and program interaction in
an interesting way
• There is a lot of research understanding how Android
works, how it should work, and how it can be modified.

• Number of papers on Android (as of 17 Oct 2018):

– In ACM Digital Library: 6,660 papers and books
– In IEEE Xplore Digital Library: 9,177 papers and books

27 Nov 2018 SE 435: Development in the Android Environment 4

 Terminology and Terms
• When someone says “Android”, he could mean:
1. A cell phone, tablet, or device capable of running the Android
OS
2. The Android OS and its source code
3. The application programmer interface (API) and libraries
available for programmers to use the services of a compatible
device
• In this course, we’ll focus on 2 and 3
– Android tries to hide device details from apps

• app: An application written for applications written for the

Android OS or Apple iOS

27 Nov 2018 SE 435: Development in the Android Environment 5

 Android OS Terms
• Android OS is based on Linux
– Up until Android Version 4.0, used Linux 2.6 kernel
– Since, Android OS uses the Linux 3.x kernels (varies versions)
– Some fights between Google and Linux about integrating changes into the
regular Linux kernel

• Android OS has a fast update cycle – new updates every 6 to 9

months

• Each Android release has:

– An official version number (ex. 2.2, 2.3)
– An official nick name (code name) (alphabetical candies)
– An official API level (incremental)

• Android is open source

– GPL, Apache Software License, and BSD Licenses (worry about it if you plan
on changing Android)
– Official source code dump on the Android Open Source Project (AOSP)

27 Nov 2018 SE 435: Development in the Android Environment 6

 Android Versions Summary

27 Nov 2018 SE 435: Development in the Android Environment 7

 Android Versions Summary

27 Nov 2018 SE 435: Development in the Android Environment 8

 Android Versions Summary

27 Nov 2018 SE 435: Development in the Android Environment 9

 Android Versions
• Some updates are just security or bug fixes, so they don’t update the API level

• Android OS is open source, so device manufacturers make custom versions

– Android Compatibility Definition Document
– Some “community” versions of Android
– No “pure” version of the Android OS

• Google directly manages Nexus and Pixel devices, so they have the “purest” OS
with least custom additions

Link: https://www.statista.com/statistics/271774/share-of-android-platforms-on-mobile-devices-with-android-os/

27 Nov 2018 SE 435: Development in the Android Environment 10

 Android Versions

Link: https://developer.android.com/about/dashboards/

27 Nov 2018 SE 435: Development in the Android Environment 11

 Rooting, Versions, Bugs
• Android OS hides some features of Linux kernel

By Copperhead Security - https://github.com/copperhead/branding, Public Domain, https://commons.wikimedia.org/w/index.php?curid=50626612

– Prevents some advanced networking and communication features
– Prevents regular apps from doing some system administrator actions

Image sources: By Alibaba Group - http://alios.cn/, Public Domain, https://commons.wikimedia.org/w/index.php?curid=68612706

– Community mods can unlock those capabilities

• Android OS denies the user system level “root” access

– Prevents apps from doing some bad or iffy things
– Rooting a device means breaking the OS to get system administrator access
– May involve replacing the Android OS with another one
– People root phones to do things Android OS forbids

• Some Android OS versions have security bugs which were fixed in later versions
– No central update service, so old phones stay old
– Some old phones can’t handle newer OS versions
– People root phones to install newer Android OS version

• Apps written for a particular API level should work on any phone at that API level
– Rooted device with unofficial OS version  ?

27 Nov 2018 SE 435: Development in the Android Environment 12

 Languages and Android
• Android OS is based on Linux, written in C and C++

• Most apps developed in Java

– With a set of Java APIs which grant access to the device and network
– Can also use Kotlin (new)

• Since 5.0, App’s Java source code compiled to Dalvik Byte Code (dex) for APK
files
– Akin to Java byte code, but not the same
– Android OS uses just-in-time compilation to convert dex to binary instructions
– On installation, compiled to native Android Run Time (ART) code
– After installation, runs native code
• Older versions run DEX inside Dalvik Virtual Machine (DVM) instances

• Apps can be written in C using Native Development Kit (NDK)

– Compiled with Java Native Interface (JNI)
– Can call native methods from regular Java code
– Limited to certain processors

• Apps can be written in HTML5 and JavaScript

– Not compiled, just run via a browser window

27 Nov 2018 SE 435: Development in the Android Environment 13

 Developing for Android
• Google sponsored IDE: Android Studio (based on IntelliJ)

Link: https://www.idc.com/promo/smartphone-market-share/vendor
– Older version was based on Eclipse / Android Development Toolkit
– Can also develop using Visual Studio and Xamarin

App source code is compiled into dex, digitally signed, then stored in an APK file
• Compatible with ZIP, fixed structure with file names and directories
• Device’s Application Installer parses APK and installs it
• Stored on device after install in a hidden directory
• Android Run Time (ART) compiles dex into natively executable files to run

Android app development is relatively easy

• Android is basically open and free
• About 297 million Android devices shipped in Q2 of 2018

27 Nov 2018 SE 435: Development in the Android Environment 14

 Android Vendor Distribution (IDC)

Link: https://www.idc.com/promo/smartphone-market-share/vendor
27 Nov 2018 SE 435: Development in the Android Environment 15
 Trend: Cross Platform
• Build in system-
specific language, C#,
JavaScript, etc.
• Compile to Android or
iOS

Link: https://www.theverge.com/2018/10/2/17929908/microsoft-app-mirroring-android-windows-10-desktop

27 Nov 2018 SE 435: Development in the Android Environment 16

 So Far
• What is Android?
– Terminology and Technical Terms
• Ownership, Distribution, Advertising

27 Nov 2018 SE 435: Development in the Android Environment 17

 Installing Apps
Android Debug Bridge App Store
• Copy over the APK file to • Download from an App
the device, install it Store web site
– 36 major ones as of
October 2014
• Can install any app that
way, signed or not
– Develop, debug • App installed by App
Installer
– Checks digital signature
• Requires setting debug
– Checks permissions with
permissions on the phone user

27 Nov 2018 SE 435: Development in the Android Environment 18

 App Stores: Big and Small
• App stores can be international or • Many filter apps
regional
• Google Play takes any app, but
• Google Play is the largest: runs it though an app filter called
– 2.2 million apps (June 2016) Bouncer first
– 2.5 billion downloads per month (as
of July 2015)
• Amazon App Market checks all
apps by hand
• Amazon’s app market is big:
– 600,000 apps (as of June 2016)
– 25 million downloads per month • Why filter?
(estimate June 2014) – Prevent malware
• Language specific app stores: – Preserve ownership and payment
– Chinese
– Russian
– Korean
• Manufacturer app stores:
– Lenovo
– Samsung
• Open Source: F-Droid

27 Nov 2018 SE 435: Development in the Android Environment 19

 App Store Downloads

Source: http://www.onepf.org/appstores/ (2014)

27 Nov 2018 SE 435: Development in the Android Environment 20
 Malware
Apps designed to do bad things

1. Delete device data or destructive stuff

– Disable device – “ransomware”
2. Copy contacts and photos for storage,
mining, spamming, blackmail
3. Connect to a server, have device send
spam or DDOS
4. Things which cost money – premium
SMS, phone calls
5. Use device resources for evil – Source: Fortinet Threat Landscape 2014
recording, taking pictures, track
movements

• Google Play removed 36,000 malware

apps in July 2013 alone
• Certain markets worse:
– Anzhi (China): 77.6% present risk
– China overall: 39.2% present risk
– In India: average device has 3 risky apps
– In China: average device has 2.4 risky apps

27 Nov 2018 SE 435: Development in the Android Environment 21

 Payment and Ownership
Apps make money in three ways:

1. Enforce download fees: App store charges and passes along some
– Some thieves copy real apps, repackage them, distribute themselves
– Some copy for money
– Some add malware functionality before

2. Showing ads: Free to download, ad network pays for screen space

– App includes some libraries or activities from the ad network
– Ad activity downloads ads and shows them
– Ad network pays per view or click
– Ad activity may gather other info: phone IMEI or IMSI, location

3. In app billing: Free to download, no ads

– User pays to use part of the tool or for certain features
– Some games force the user to buy tokens or capabilities
– Google has begun to require in app billing be done via Google Payments

27 Nov 2018 SE 435: Development in the Android Environment 22

 Android is free?
• Google gives away
Android OS for free -
why?

27 Nov 2018 SE 435: Development in the Android Environment 23

 Business Model Troubles

Link: https://www.theverge.com/2018/7/18/17580694/google-android-eu-fine-antitrust

27 Nov 2018 SE 435: Development in the Android Environment 24

 Hot Off The Presses

Link: https://www.theverge.com/2018/10/16/17984074/google-eu-android-licensing-bundle-chrome-search

“Since the pre-installation of Google Search and Chrome

together with our other apps helped us fund the development
and free distribution of Android, we will introduce a new paid
licensing agreement for smartphones and tablets shipped
into the [European Economic Area],” writes Hiroshi
Lockheimer, who leads Android.

27 Nov 2018 SE 435: Development in the Android Environment 25

 Conclusion
• What is Android?
– Terminology and Technical Terms
• Ownership, Distribution, Advertising

27 Nov 2018 SE 435: Development in the Android Environment 26