Blurblogs
Global
Popular
Log in
alvinashcraft's blurblog
Content Developer II at Microsoft, working remotely in PA, TechBash conference organizer, former Microsoft MVP, Husband, Dad and Geek.
122111 stories
·
29 followers

Security above all else—expanding Microsoft’s Secure Future Initiative by Charlie Bell
Saturday May 4th, 2024 at 12:41 PM

Microsoft Security Blog
1 Share

Last November, we launched the Secure Future Initiative (SFI) to prepare for the increasing scale and high stakes of cyberattacks. SFI brings together every part of Microsoft to advance cybersecurity protection across our company and products.

Since then, the threat landscape has continued to rapidly evolve, and we have learned a lot. The recent findings by the Department of Homeland Security’s Cyber Safety Review Board (CSRB) regarding the Storm-0558 cyberattack from last July, and the Midnight Blizzard attack we reported in January, underscore the severity of the threats facing our company and our customers.

Microsoft plays a central role in the world’s digital ecosystem, and this comes with a critical responsibility to earn and maintain trust. We must and will do more.

We are making security our top priority at Microsoft, above all else—over all other features. We’re expanding the scope of SFI, integrating the recent recommendations from the CSRB as well as our learnings from Midnight Blizzard to ensure that our cybersecurity approach remains robust and adaptive to the evolving threat landscape.

We will mobilize the expanded SFI pillars and goals across Microsoft and this will be a dimension in our hiring decisions. In addition, we will instill accountability by basing part of the compensation of the company’s Senior Leadership Team on our progress in meeting our security plans and milestones.

Below are details to demonstrate the seriousness of our work and commitment.

Diagram illustrating the six pillars of the Microsoft Secure Future Initiative.

Expansion of SFI approach and scope

We have evolved our security approach, and going forward our work will be guided by the following three security principles:

  1. Secure by design: Security comes first when designing any product or service.
  2. Secure by default: Security protections are enabled and enforced by default, require no extra effort, and are not optional.
  3. Secure operations: Security controls and monitoring will continuously be improved to meet current and future threats.

We are further expanding our goals and actions aligned to six prioritized security pillars and providing visibility into the details of our execution:

1. Protect identities and secrets

Reduce the risk of unauthorized access by implementing and enforcing best-in-class standards across all identity and secrets infrastructure, and user and application authentication and authorization. As part of this, we are taking the following actions:

  • Protect identity infrastructure signing and platform keys with rapid and automatic rotation with hardware storage and protection (for example, hardware security module (HSM) and confidential compute).
  • Strengthen identity standards and drive their adoption through use of standard SDKs across 100% of applications.
  • Ensure 100% of user accounts are protected with securely managed, phishing-resistant multifactor authentication.
  • Ensure 100% of applications are protected with system-managed credentials (for example, Managed Identity and Managed Certificates).
  • Ensure 100% of identity tokens are protected with stateful and durable validation.
  • Adopt more fine-grained partitioning of identity signing keys and platform keys.
  • Ensure identity and public key infrastructure (PKI) systems are ready for a post-quantum cryptography world.

2. Protect tenants and isolate production systems

Protect all Microsoft tenants and production environments using consistent, best-in-class security practices and strict isolation to minimize breadth of impact. As part of this, we are taking the following actions:

  • Maintain the security posture and commercial relationships of tenants by removing all unused, aged, or legacy systems.
  • Protect 100% of Microsoft, acquired, and employee-created tenants, commerce accounts, and tenant resources to the security best practice baselines.
  • Manage 100% of Microsoft Entra ID applications to a high, consistent security bar.
  • Eliminate 100% of identity lateral movement pivots between tenants, environments, and clouds.
  • 100% of applications and users have continuous least-privilege access enforcement.
  • Ensure only secure, managed, healthy devices will be granted access to Microsoft tenants.

3. Protect networks

Protect Microsoft production networks and implement network isolation of Microsoft and customer resources. As part of this, we are taking the following actions:

  • Secure 100% of Microsoft production networks and systems connected to the networks by improving isolation, monitoring, inventory, and secure operations.
  • Apply network isolation and microsegmentation to 100% of the Microsoft production environments, creating additional layers of defense against attackers.
  • Enable customers to easily secure their networks and network isolate resources in the cloud.

4. Protect engineering systems

Protect software assets and continuously improve code security through governance of the software supply chain and engineering systems infrastructure. As part of this, we are taking the following actions:

  • Build and maintain inventory for 100% of the software assets used to deploy and operate Microsoft products and services.
  • 100% of access to source code and engineering systems infrastructure is secured through Zero Trust and least-privilege access policies.
  • 100% of source code that deploys to Microsoft production environments is protected through security best practices.
  • Secure development, build, test, and release environments with 100% standardized, governed pipelines and infrastructure isolation.
  • Secure the software supply chain to protect Microsoft production environments.

5. Monitor and detect threats

Comprehensive coverage and automatic detection of threats to Microsoft production infrastructure and services. As part of this, we are taking the following actions:

  • Maintain a current inventory across 100% of Microsoft production infrastructure and services.
  • Retain 100% of security logs for at least two years and make six months of appropriate logs available to customers.
  • 100% of security logs are accessible from a central data lake to enable efficient and effective security investigation and threat hunting.
  • Automatically detect and respond rapidly to anomalous access, behaviors, and configurations across 100% of Microsoft production infrastructure and services.

6. Accelerate response and remediation

Prevent exploitation of vulnerabilities discovered by external and internal entities, through comprehensive and timely remediation. As part of this, we are taking the following actions:

  • Reduce the Time to Mitigate for high-severity cloud security vulnerabilities with accelerated response.
  • Increase transparency of mitigated cloud vulnerabilities through the adoption and release of Common Weakness Enumeration™ (CWE™), and Common Platform Enumeration™ (CPE™) industry standards for released high severity Common Vulnerabilities and Exposures (CVE) affecting the cloud.
  • Improve the accuracy, effectiveness, transparency, and velocity of public messaging and customer engagement.

These goals directly align to our learnings from the Midnight Blizzard incident as well as all four CSRB recommendations to Microsoft and all 12 recommendations to cloud service providers (CSPs), across the areas of security culture, cybersecurity best practices, auditing logging norms, digital identity standards and guidance, and transparency.

We are delivering on these goals through a new level of coordination with a new operating model that aligns leaders and teams to the six SFI pillars, in order to drive security holistically and break down traditional silos. The pillar leaders are working across engineering Executive Vice Presidents (EVPs) to drive integrated, cross-company engineering execution, doing this work in waves. These engineering waves involve teams across Microsoft Azure, Windows, Microsoft 365, and Security, with additional product teams integrating into the process weekly.

While there is much more to do, we’ve made progress in executing against SFI priorities. For example, we’ve implemented automatic enforcement of multifactor authentication by default across more than one million Microsoft Entra ID tenants within Microsoft, including tenants for development, testing, demos, and production. We have eliminated or reduced application targets by removing 730,000 apps to date across production and corporate tenants that were out-of-lifecycle or not meeting current SFI standards. We have expanded our logging to give customers deeper visibility. And we recently announced a significant shift on our response process: We are now publishing root cause data for Microsoft CVEs using the CWE™ industry standard.

Adhering to standards with paved paths systems

Paved paths are best practices from our learned experiences, drawing upon lessons such as how to optimize productivity of our software development and operations, how to achieve compliance (such as Software Bill of Materials, Sarbanes-Oxley Act, General Data Protection Regulation, and others), and how to eliminate entire categories of vulnerabilities and mitigate related risks. A paved path becomes a standard when adoption significantly improves the developer or operations experience or security, quality, or compliance.

With SFI, we are explicitly defining standards for each of the six security pillars, and adherence to these standards will be measured as objectives and key results (OKRs).

Driving continuous improvement

The Secure Future Initiative empowers all of Microsoft to implement the needed changes to deliver security first. Our company culture is based on a growth mindset that fosters an ethos of continuous improvement. We continually seek feedback and new perspectives to tune our approach and progress. We will take our learnings from security incidents, feed them back into our security standards, and operationalize these learnings as paved paths that can enable secure design and operations at scale.

Instituting new governance

We are also taking major steps to elevate security governance, including several organizational changes and additional oversight, controls, and reporting.

Microsoft is implementing a new security governance framework spearheaded by the Chief Information Security Officer (CISO). This framework introduces a partnership between engineering teams and newly formed Deputy CISOs, collectively responsible for overseeing SFI, managing risks, and reporting progress directly to the Senior Leadership Team. Progress will be reviewed weekly with this executive forum and quarterly with our Board of Directors.

Finally, given the importance of threat intelligence, we are bringing the full breadth of nation-state actor and threat hunting capabilities into the CISO organization.

Instilling a security-first culture

Culture can only be reinforced through our daily behaviors. Security is a team sport and is best realized when organizational boundaries are overcome. The engineering EVPs, in close coordination with SFI pillar leaders, are holding broadscale weekly and monthly operational meetings that include all levels of management and senior individual contributors. These meetings work on detailed execution and continuous improvement of security in context with what we collectively deliver to customers. Through this process of bottom-to-top and end-to-end problem solving, security thinking is ingrained in our daily behaviors.  

Ultimately, Microsoft runs on trust and this trust must be earned and maintained. As a global provider of software, infrastructure, and cloud services, we feel a deep responsibility to do our part to keep the world safe and secure. Our promise is to continually improve and adapt to the evolving needs of cybersecurity. This is job number one for us.

The post Security above all else—expanding Microsoft’s Secure Future Initiative appeared first on Microsoft Security Blog.

Read the whole story
alvinashcraft
5 hours ago
reply
West Grove, PA
Share this story
Delete

Gemini in Android Studio and more: Android Studio Jellyfish is Stable! by Android Developers (noreply@blogger.com)
Saturday May 4th, 2024 at 12:41 PM

Android Developers Blog
1 Share
Posted by Paris Hsu – Product Manager, Android Studio

Android Studio Jellyfish (2023.3.1) is making waves with its official stable release! 🪼🌊 Dive into cutting-edge AI features like Gemini in Android Studio, seamless Google services integrations like Android Device Streaming, and much more. All designed to supercharge your Android development to build next-generation, high-quality apps. Surf below to learn more about all the updates, product quality improvements, and new features across your key flows in Android Studio Jellyfish, and download the latest stable version today to try them out!

Develop

Gemini in Android Studio: stable, and now available in 200+ countries!

Today, Gemini in Android Studio is available in over 200+ countries and territories, including a new set of countries in Europe. Thanks to all of the valuable feedback you’ve provided us over the last year, we’re excited to bring Gemini in Android Studio (formerly Studio Bot) into this stable release of Android Studio, as your AI-powered development companion in Android Studio, ready to level up your productivity. Ask your Android development questions and get help instantly: whether it’s to generate code, find resources, or explain best practices, Gemini in Android Studio is here to save you valuable time. Plus, it integrates seamlessly with your workflow:

    • Chat: Get code samples and questions answered
    • AI code completion: Intelligent suggestions as you type
    • Error analysis: Understand Logcat and Build errors with ease
    • Smart actions: Streamline tasks with powerful shortcuts

Onboard and then opt-in with the built-in AI privacy controls, and learn more about how the current capabilities of Gemini in Android Studio can accelerate your development workflow.

Modular login permissions

To provide you with more precise control over the permissions you grant for specific features, the new sign-in flow lets you select only the Google Service integrations you want to enable. This means you decide exactly which features, like Gemini for Android Studio, App Quality Insights, and Android Device Streaming, are able to access the required Google services using your Google account.

Manage login settings in Android Studio
Manage login settings in Android Studio
Switch accounts in Android Studio
Switch accounts in Android Studio

Debug

Android Device Streaming, powered by Firebase

Android Device Streaming, powered by Firebase, lets you securely connect to remote physical Android devices hosted in Google's secure data centers. It’s a fast and easy way to test your app against physical units of some of the latest Android devices, including the Google Pixel 8 and 8 Pro, Pixel Fold, select Samsung devices, and more.

Device Streaming in Android Studio, running your app on a remote Pixel Fold
Device Streaming in Android Studio, running your app on a remote Pixel Fold

After connecting to a device, you can deploy your app, view the display, interact with the device (including rotating or unfolding the device), and anything else you might do with a device using a direct ADB over SSL connection—all without leaving Android Studio. When you're done using the device, Google wipes all your data and factory resets the device before making it available to another developer.

Android Device Streaming is currently available as a no-cost trial after you sign in to Android Studio with your Google account and select a Firebase project to use. If you don’t already have a Firebase project, it’s easy to create one.

AQI Crashlytics: Multi-events, keys, and logs

Dive deeper into App Quality Insights (AQI) crash reports with Android Studio Jellyfish! We've listened to your feedback and made analyzing crashes easier than ever:

    • Iterate through events: Now explore multiple events within a Crashlytics report in reverse chronological order, revealing patterns for faster debugging.
    • Explore custom data: View custom keys/values and logs for each Crashlytics crash report (find them in the Keys and Logs tabs after selecting a report).
    • Analyze ANRs (Application Not Responding): Access and investigate ANRs directly within both the Android Vitals and Crashlytics tabs.
App Quality Insights in Android Studio
Device Streaming in Android Studio, running your app on a remote Pixel Fold

Embedded Layout Inspector

In Android Studio Jellyfish, Layout Inspector is now embedded by default in the Running Devices tool window. This integration saves screen real-estate, centralizes your workflow in a single tool window, and delivers significant performance gains - with a 50% improvement in rendering speeds. You can effortlessly toggle between deeply inspecting and interacting with your app, and use snapshots for 3D visualizations of your UI. Discover the full range of features here.

Embedded Layout Inspector with Pixel Fold Emulator
Embedded Layout Inspector with Pixel Fold Emulator

Optimize

App Links Assistant: Web associations file support

App Links Assistant now supports web association file validation. This new feature streamlines deep linking by helping you identify and fix errors in your deep links setup (both in your Android manifest file and the corresponding Digital Asset Links JSON file). Ensure a seamless user experience by validating that your JSON file is correctly formatted for upload to your domain.

App Links Assistant: Web associations file support
App Links Assistant: Web associations file support

Baseline Profile installation

Baseline Profiles improve code execution speed by about 30% from the first launch by avoiding interpretation and just-in-time (JIT) compilation steps for included code paths. While Android Studio has included Baseline Profiles in builds for years now, these were only actually compiled by the OS in production (often by Play Store).

Android Studio Jellyfish now compiles these Baseline Profiles when any non-debuggable app build is installed on a device. This applies to release builds, as well as when you're profiling with low-overhead.

This means — as long as you aren't using a debug variant of your app — the performance you see when installing from Studio / CLI now much more closely matches production by taking advantage of profiles from a Baseline Profile generator module and libraries like Compose.

Quality improvements

Beyond new features, we also continue to improve the overall quality and stability of Android Studio. In fact, over 900 bugs were addressed during the Jellyfish/AGP-8.4 cycle, and memory errors are down by 40%.

IntelliJ platform update

Android Studio Jellyfish (2023.3.1) includes the IntelliJ 2023.3 platform release, which has many new features such as comprehensive support for the latest Java 21 programing language features, an intuitive floating toolbar with editing actions, and a Run to Cursor inlay option in the debugger to speed up your workflow. Learn more.

Summary

To recap, Android Studio Jellyfish 🪼includes the following enhancements and features:

Develop

    • Gemini in Android Studio
    • Modular login permissions

Debug

    • Android Device Streaming
    • AQI Crashlytics: Multi-events, keys, and logs
    • Embedded Layout Inspector

Optimize

    • App Links Assistant: Web associations file support
    • Baseline Profile installation

Quality Improvements

    • 900+ bugs addressed
    • Memory errors down by 40%

IntelliJ Platform Update

    • Latest Java 21 feature support
    • Run to Cursor inlay option
    • More 2023.3 features

Getting Started

Ready for next-level Android development? Download Android Studio Jellyfish 🪼 and unlock cutting-edge features today! As always, your feedback is important to us – check known issues, report bugs, suggest improvements, and be part of our vibrant community on LinkedIn, Medium, YouTube, or X. Let's build the future of Android apps together!

Read the whole story
alvinashcraft
5 hours ago
reply
West Grove, PA
Share this story
Delete

Evolving Health on Android: Migrating from Google Fit APIs to Android Health by Android Developers (noreply@blogger.com)
Saturday May 4th, 2024 at 12:41 PM

Android Developers Blog
1 Share
Posted by Chris Wilk – Senior Product Manager, Android Health

At Google, we're committed to empowering developers to create innovative health and fitness experiences on Android. Over the past few years, we've been investing heavily in establishing the Android Health platform, making significant improvements to build a more unified, secure, and user-friendly health ecosystem. Our goal is to provide developers with a powerful, integrated health platform that reduces fragmentation and streamlines the development process.

What is changing

As a result of these advancements, we're excited to announce that Google Fit developer services will be transitioning to become a core part of the Android Health platform. This change allows us to better serve developers and users, providing a seamless experience across the platform.

As part of this transition, Google Fit APIs, including the REST API, will remain available until June 30, 2025, giving developers ample time to migrate to Android Health. Starting today, new sign-ups for the Google Fit APIs will no longer be accepted as we focus on enhancing the Android Health platform.

What this means for developers

Developers Using Google Fit APIs for Android

If you are a developer using Google Fit APIs for Android, we recommend migrating to Android Health products now to ensure uninterrupted service for your users. Android Health APIs offer several advantages over the Google Fit APIs for Android, including:

    1. Recording steps, distance, and calories: In the near future, Android Health will provide the Recording API on mobile, which doesn’t require a Google user account or the need for you to request access to API scopes. And it is more battery-efficient than using Android SensorManager (ASM). The Recording API will launch with steps, and soon support distance and calories.

    2. Accessing recorded data: The Recording API on mobile will enable developers to access up to 10 days of recorded data.

    3. Storing and sharing data between apps: By integrating with Health Connect, your Android app can access data from a growing ecosystem of apps with just one connection. Plus, data is stored on-device, ensuring the user is in full control of their data.

To help you get started with the migration process, we've created a comprehensive migration guide. This guide will walk you through the steps needed to transition your app from Google Fit APIs to Android Health products, primarily Health Connect, to ensure a smooth experience for both you and your users.

Developers using Google Fit REST APIs

Our Android Health API offerings have moved to an on-device model, so there will not be an alternative to the Fit REST API. Where possible, we encourage Fit REST API users to migrate to Android Health APIs.

In addition to Fitbit which supports Health Connect today, partners like Withings, Signos, Oura, Peloton, and Lifesum are already building innovative experiences with Android Health products. As more developers embrace this powerful set of APIs, we anticipate a thriving ecosystem of connected health and fitness apps that empower users to take control of their wellbeing.

We're committed to supporting you throughout this transition and can't wait to see the innovative solutions you'll create. If you encounter issues, have proposals for features you would like to see, or have any feedback, please provide them here.


We will share more details about what’s next for Android Health at Google I/O on May 14, 2024. Stay tuned for updates and announcements during the event.

Read the whole story
alvinashcraft
5 hours ago
reply
West Grove, PA
Share this story
Delete

Get ready for Google I/O: Program lineup revealed by Android Developers (noreply@blogger.com)
Saturday May 4th, 2024 at 12:41 PM

Android Developers Blog
1 Share
Posted by Timothy Jordan – Director, Developer Relations and Open Source

Developers, get ready! Google I/O is just around the corner, kicking off live from Mountain View with the Google keynote on Tuesday, May 14 at 10 am PT, followed by the Developer keynote at 1:30 pm PT.

But the learning doesn’t stop there. Mark your calendars for May 16 at 8 am PT when we’ll be releasing over 150 technical deep dives, demos, codelabs, and more on-demand. If you register online, you can start building your 'My I/O' agenda today.

Here's a sneak peek at some of the exciting highlights from the I/O program preview:

Unlocking the power of AI: The Gemini era unlocks a new frontier for developers. We'll showcase the newest features in the Gemini API, Google AI Studio, and Gemma. Discover cutting-edge pre-trained models from Kaggle, and delve into Google's open-source libraries like Keras and JAX.

Android: A developer's playground: Get the latest updates on everything Android! We'll cover groundbreaking advancements in generative AI, the highly anticipated Android 15, innovative form factors, and the latest tools and libraries in the Jetpack and Compose ecosystem. Plus, discover how to optimize performance and streamline your development workflow.

Building beautiful and functional web experiences: We’ll cover Baseline updates, a revolutionary tool that empowers developers with a clear understanding of web features and API interoperability. With Baseline, you'll have access to real-time information on popular developer resource sites like MDN, Can I Use, and web.dev.

The future of ChromeOS: Get a glimpse into the exciting future of ChromeOS. We'll discuss the developer-centric investments we're making in distribution, app capabilities, and operating system integrations. Discover how our partners are shaping the future of Chromebooks and delivering world-class user experiences.

This is just a taste of what's in store at Google I/O. Stay tuned for more updates, and get ready to be a part of the future.

Don't forget to mark your calendars and register for Google I/O today!

Read the whole story
alvinashcraft
5 hours ago
reply
West Grove, PA
Share this story
Delete

Jetpack Compose compiler moving to the Kotlin repository by Android Developers (noreply@blogger.com)
Saturday May 4th, 2024 at 12:40 PM

Android Developers Blog
1 Share
Posted by Ben Trengrove - Developer Relations Engineer, Nick Butcher - Product Manager for Jetpack Compose

We are excited to announce that with the upcoming release of Kotlin 2.0, the Jetpack Compose compiler will move to the Kotlin repository. This means that a matching Compose compiler will release alongside each release of Kotlin. You will no longer have to wait for a matching Compose compiler release before upgrading the Kotlin version in your Compose app. The Compose team at Google will continue to be responsible for developing the compiler and will work closely with JetBrains, our co-founders of the Kotlin Foundation. The version of the Compose compiler now always matches the Kotlin version. The compiler version is therefore jumping to 2.0.0.

To simplify the set up of Compose, we are also releasing a new Compose Compiler Gradle plugin which lets you configure the Compose compiler with a type safe API. The Compose Compiler Gradle plugin’s versioning matches Kotlin’s, and it is available from Kotlin 2.0.0.

To migrate to the new plugin, add the Compose Compiler Gradle plugin dependency to the plugins section of your Gradle version catalog:

[versions]
kotlin = "2.0.0"

[plugins]
org-jetbrains-kotlin-android = { id = "org.jetbrains.kotlin.android", version.ref = "kotlin" }

// Add the Compose Compiler Gradle plugin, the version matches the Kotlin plugin
compose-compiler = { id = "org.jetbrains.kotlin.plugin.compose", version.ref = "kotlin" }

In your project’s root level Gradle file, add the plugin:

plugins {
   // Existing plugins 
   alias(libs.plugins.compose.compiler) apply false
}

Then in modules that use Compose, apply the plugin:

plugins {
   // Existing plugins
   alias(libs.plugins.compose.compiler)
}

The kotlinCompilerExtensionVersion is no longer required to be configured in composeOptions and can be removed.

composeOptions {
   kotlinCompilerExtensionVersion = libs.versions.compose.compiler.get()
}

If required, you can now add a top level section to the same Gradle file to configure options for the Compose compiler.

android { ... }

composeCompiler {
   enableStrongSkippingMode = true
}

You might currently directly referencing the Compose compiler in your build setup, rather than using AGP to apply the compose compiler plugin. If that is the case, note that the maven artifacts will also change:

Old

New

androidx.compose.compiler:compiler

org.jetbrains.kotlin:kotlin-compose-compiler-plugin-embeddable

androidx.compose.compiler:compiler-hosted

org.jetbrains.kotlin:kotlin-compose-compiler-plugin


For an example of this migration, see this pull request.

For more information on migrating to the new Compose compiler artifact, including instructions for non-version catalog setups, see our updated documentation.

Read the whole story
alvinashcraft
5 hours ago
reply
West Grove, PA
Share this story
Delete

105: Our Android and iOS Wish Lists by Jonathan Dick, Allan Ritchie
Saturday May 4th, 2024 at 12:40 PM

Gone Mobile
1 Share

Jon and Allan discuss their experiences and excitement surrounding tech conferences like WWDC and Google IO. They reminisce about attending conferences in the past and the thrill of new announcements and hardware giveaways. They also speculate on what they hope to see at upcoming conferences, such as immersive movies and a foldable iPhone. The conversation touches on the evolution of UI design and the convenience of using smartphones as cameras. The conversation covers topics such as foldable phones, APIs, UI changes, app stores, and permissions. The hosts discuss their preferences for foldable phones and the potential impact on UI design. They also explore the idea of integrating AI and context awareness into app development. The conversation touches on the App Store fees and the review process. They express their frustrations with Android permissions and suggest improvements for a more streamlined process. The conversation covers various topics including the challenges of changing APIs, the user experience of notifications on different platforms, the potential for new features in Apple TV, the power of Apple's M-series chips, the future of gaming on ARM-based devices, and a shout-out to Gerald Versluis and his packages.

Takeaways

  • Tech conferences like WWDC and Google IO are exciting events for developers and tech enthusiasts.
  • Attending conferences provides opportunities to learn about new announcements and interact with engineers.
  • The early days of conferences were filled with groundbreaking announcements and new hardware.
  • The current conference landscape is less surprising, but still offers valuable insights and updates.
  • The hosts express their hopes for future conferences, including immersive movies and a foldable iPhone.
  • The convenience and quality of smartphone cameras have made dedicated cameras less necessary.
  • Foldable phones have advantages in terms of screen size and potential for improved UI experiences.
  • APIs can be used to integrate AI and context awareness into app development.
  • The App Store fees are a topic of debate, but the convenience and services provided by the platform are valuable.
  • Android permissions can be complex and could benefit from a more unified and streamlined approach. - Changing APIs can be challenging, especially when they are frequently updated.
  • The user experience of notifications varies between platforms, with Android offering more customization options.
  • Apple TV could benefit from new features and updates.
  • Apple's M-series chips are powerful and efficient, but their graphics capabilities for gaming are still uncertain.
  • Gaming on ARM-based devices may require cloud streaming to achieve AAA game performance.
  • Gerald Versluis has developed useful packages, such as a screenshot API and an audio plugin, that fill gaps in functionality.
  • New features and APIs may be introduced through plugins before being integrated into cross-platform frameworks like Maui.

People

  • Hosts: Jon Dick, Allan Ritchie
  • Audio Engineer: Jim Heath

Chapters

  • 00:00 Introduction and Discussion of Fun Topics
  • 07:30 The Excitement of Early Conferences
  • 26:38 App Store Fees and Review Process
  • 45:08 Navigating the Challenges of Changing APIs
  • 52:05 The Power and Uncertainty of Apple's M-series Chips
  • 59:59 Shout-out to Gerald Versluis and His Useful Packages




Download audio: https://aphid.fireside.fm/d/1437767933/7030a7ff-40f9-4d15-94a3-873772db7997/dfb21b4f-88f6-4cb0-9807-7393071a1f93.mp3
Read the whole story
alvinashcraft
5 hours ago
reply
West Grove, PA
Share this story
Delete
Next Page of Stories