Will Edwards
programming

I have always loved programming - its like Lego without gravity.

Basic on my ZX81 graduating to assembler and Turbo Pascal during my teens.

Developed phone OS software - engineer, architect, product manager - but got made irrelevant by the iPhone and redundant by Android.

These days I mostly work with data, big data and fitting big data onto small boxes.

Better Permissions in Android

During my time at UIQ, Symbian introduced a capabilities-based security architecture.  Its analogous to the permissions in Android.

I’m a very big fan of the pattern.

The problem was we imagined our UI getting more and more integrated.  To illustrate, it was imagined that everywhere you had a phone number it would automatically resolve the contact and give dialing buttons and such in the UI.  I don’t mean just that phone numbers are underlined and launchable; I mean that we’d look in your address book, recognise it, and show the person’s name and online status and such.  Maybe even a map of where that person is.  And so on.

From a platform perspective this meant we wanted standard UI components that did this, rather than duplicating the code in each place it was shown and so on.

And from a security perspective, it was worrying that all apps would pretty-much need all permissions.

The solution I came up with was called Content Embedding Framework (CEF) and it built on my Content Rendering Framework (CRF).  A host application would place a placeholder widget in its UI and the actual drawing of this widget would be done by the serving application.  This is like XEmbed in the X Window System.  (And like RemoteViews in Android, people have pointed out to me.)  We took care to make sure that (apart from screen-scraping - we never did close that vulnerability on Symbian) the host application could not actually see what was getting drawn.  And we did it all by intercepting the draw commands as issued by the serving application and replaying them whenever the host drew them.

This wasn’t just for putting contacts information into apps without contacts permissions; we also envisaged using it to sandbox HTML content in apps (we used to be irritated that the MMS viewer was running a full copy of opera and the risks we imagined that was) that displayed it and also as a widget system for home-screens and such.  We had ‘live icons’ where the application icons were drawn by the applications.

Oh so sad that it was part of the pile of code that never shipped on a phone.  It got as far as the factories though.

This XEmbed approach would work nicely for Android too.

Pretty much every app asks for Internet and other permissions.  Why?  Because they have ads :(

Imagine that there was an ad showing service running and applications just put placeholders where the ads can be in their UI and the platform takes care of it…

Imagine all those use-csaes for integrating contacts and social stuff into games without actually giving the games any of the info…

Of course Android needs a working packaging system so that your app can say that it depends upon, say, admob (because Google wouldn’t actually put that in the platform, would they?) so everyone isn’t embedding their own copy of the libraries.  This is an orthogonal to content-embedding but at the same time think of the synergy…

 posted 2011-11-25

jump to ↓

main page ↑
performance
Faster searches with non-prefix fields in composite indices
Compressing MySQL databases
What highscalability.com says about Scaling my Server
Scaling my Server: follow-up
more →
old classics
The kid's computer
Making the History of Worlds Religions map
If you defend those involved in the OpenGL ES specification, you are an idiot
Stackoverflow unwinding?
more →
general
Why Swift?
Python annotations and type checking
pycon 2014 Sweden: the bad bits
Table-based Template Translation in C++
more →
recreation
all →
games programming
Perlin Noise
Perlin Noise
Drawing RTS maps fast
WillCity update
more →
ludum-dare
Ludum Dare #35 Mosaic
LudumDare 33 wallpapers
SSIM vs MSE for Mosaics
Ludum Dare 30 results are in!
more →