R.I.P - AeroGear Controller Demo
by Bruno Oliveira
Good morning all, today I sent this PR.
Before move forward with the ceremony, I would like to hear your thoughts.
1- I strongly recommend to drop or hide that repository to avoid
misguided information. yay/nay?
2- I would like to drop the instance on OpenShift too. yay/nay?
--
abstractj
9 years, 5 months
Off for the next weeks
by Bruno Oliveira
Aloha sweet hearts, time to take a break for some weeks.
I think everyone has my contact just in case of some emergency, either
way Jay and Qmx know how to reach me ( http://goo.gl/WEOyfx )
Have you all the best next weeks ever (I won't be here to be picky) <3
you all
--
abstractj
JBoss, a division of Red Hat
9 years, 5 months
Android 1.3.0 Proposed Roadmap
by Summers Pittman
Passos and I got together this afternoon and put together our JIRAs for
1.3.0. This includes things we've planned before (mostly Gradle) and
things from our meeting with Abstractj last week about security.
### 1.3.0 ###
# Security
* AGDROID-129 - This epic is everything key generation related.
- AGDROID-132 - Auto generate and send to server
* AGDROID-133 - Client side utilities for encrypting and accessing
encrypted data.
<3 AGDROID-136 - Encrypt / search data in SQL Store
<3 AGDROID-135 - Decrypt Payloads from Pipes
<3 AGDROID-134 - Encrypt local files
- AGDROID-137 - Create thread on ML to ask about adding in security
annotations
* AGDROID-138 - Key Management
# Gradle/AAR
* AGDROID-103 - Add Gradle support to the aerogear-android
- AGDROID-111 - Add Android/Gradle information to Release doc
- AGDROID-107 - Create a getting started with Android Studio doc.
- AGDROID-106 - Update release docs to include aar release
- AGDROID-105 - Update Project README.md to instruct for gradle.
- AGDROID-104 - Add build.gradle file
- AGDROID-57 - Add AAR package creation to build lifecycle
# Other
- AGDROID-112 - Log a warning if methods with callbacks are called from
the UI thread outside of the Loader APIs
- AGDROID-94 - Write README for aerogear-aerodoc-android
- AGDROID-71 - RestAdapter constructor treats baseURL as an absolute
URL and should make it a relative URL
Discuss!
9 years, 5 months
UnifiedPush release
by Matthias Wessendorf
Hello,
since the 0.8.0 in August several bugs have been fixed. Currently a few PRs
are on the waiting list, but once they are in, it would be good to roll
another release, e.g. a 0.8.5
I am now wondering if some bugs/feature are missing? Also, Luke: Do you
have anything 'urgent' :-) for the AdminUI ?
Note: when the next umbrella release of AeroGear comes, there will be
another UP (e.g. 0.9.0) as well.
But in the spirit of release often and early I guess it's good to have
another release now...
-Matthias
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
9 years, 5 months
[simplepush] Performance
by Daniel Bevenius
I've begun looking into AGPUSH-291 to try to identify areas to start
improving the performance of our SimplePush Server. The following gist can
be used to follow this work:
https://gist.github.com/danbev/6606289
Any comments can be posted here or as comments on the gist.
9 years, 5 months
iOS Crypto findings
by Christos Vasilakis
Hi team,
I am digging on the CommonCrypto API and I found some issues. Specifically:
a) GCM mode for AES symmetric encryption is part of a private API. See [1] the public interface of the current definitions of supported modes of operation. 'kCCModeGCM' is missing _although_ digging on the source code of the apple's web site it is defined in [2] 'private' (The file is included from a private interface here [3]). Also here is the implementation of the GCM mode in [4] and test cases that exercise it [5]. Not sure why Apple left it out in public. On my search, one area in which they use this mode is on the KeyChain from iOS 5 onwards, see 'KeyChain' section here [6]
b) Generation of asymmetric ECC keys and encryption is supported by CommonCrypto but _again_ under a private interface, see [7] and [8]. ECC is used in the protection class 'NSFileProtectionCompleteUnlessOpen' according to the iOS Security doc here [9]. In the meeting there was a plan B for it, RSA with Diffie Hellman. I am looking at it, but to my current knowledge is supported if you trust the apple docs here [10]
My worry is how can we proceed with the first issue.
As a side note, during my search I discovered Crypto++ [11] , which seems to offer many of the features we are trying to support. Con is a C++ interface although an iOS distribution of it exists (see [12]), and there is an iOS wiki page in the library home page [13]. Needs more research.
Thanks,
Christos
[1] https://gist.github.com/cvasilak/b967893655a04cbe5b7b#file-gistfile1-txt-...
[2] https://github.com/Apple-FOSS-Mirror/CommonCrypto/blob/master/Source/Comm...
[3] https://github.com/Apple-FOSS-Mirror/CommonCrypto/blob/master/Source/Comm...
[4] https://github.com/Apple-FOSS-Mirror/CommonCrypto/blob/master/Source/API/...
[5] https://github.com/Apple-FOSS-Mirror/CommonCrypto/blob/master/CCRegressio...
[6] http://esec-lab.sogeti.com/post/iOS-5-data-protection-updates
[7] https://github.com/Apple-FOSS-Mirror/CommonCrypto/blob/master/Source/Comm...
[8] https://github.com/Apple-FOSS-Mirror/CommonCrypto/blob/master/Source/API/...
[9] http://www.apple.com/ipad/business/docs/iOS_Security_Oct12.pdf
[10]https://developer.apple.com/library/ios/documentation/security/concept...
[11] http://www.cryptopp.com
[12] https://github.com/noloader/cryptopp-5.6.2-ios
[13] http://www.cryptopp.com/wiki/IOS_(Xcode)
9 years, 5 months
