CMSC-23-Pre-Final-Exam_240521_085717.pdf

Document Details

SupportedMossAgate5456

Uploaded by SupportedMossAgate5456

University of the Philippines Los Baños

2021

Tags

asynchronous programming multithreading computer science

Full Transcript

CMSC 23 - Reviewer Dominic B. Abelarde ASYNCHRONOUS PROGRAMMING Future A multithreaded model that’s most A result of an asynchronous applicable to networking and...

CMSC 23 - Reviewer Dominic B. Abelarde ASYNCHRONOUS PROGRAMMING Future A multithreaded model that’s most A result of an asynchronous applicable to networking and computation communications Two States It is a non-blocking architecture ○ Uncompleted Multi related operations can run Returns an uncompleted concurrently without waiting for other tasks future to complete That future is waiting for the function’s async operation to Difference of Async and Sync finish or throw an error Asynchronous and Synchronous ○ Completed methods offer advantages for different Operation succeeds stakeholders Future completes with a ○ Async for Users value ○ Sync for Developers Completes with an error Async ○ Multithreaded Complete with Value ○ Non-Blocking ○ Future // T can be any data ○ Increases throughput type or void Sync ○ E.g Future / Future ○ Single-Threaded ○ Blocking Complete with Error ○ Slower and More Methodical ○ Asynchronous operation performed by the function fails for any reason, the future completed with an error When to use Async? Working with Features: Async & Await Used in programming independent tasks. To define an async function, add sync Responsive UI before the function body Await keyword works only in async functions Why Asynchronous Code Matters We need it for some operations that we need in our mobile application such as: STATE MANAGEMENT ○ Fetching Data over a Network State ○ Writing in a Database ○ Information that can be read ○ Reading from a File when the widget is built and changed over a lifetime of the app Asynchronous in Dart ○ setState() allows us to set the properties of the state object Asynchronous computations usually provide that triggers the redraw of the a Future as a Result UI Uses the Async and Await keywords ○ State of an app is everything that exists in memory when the app is running. This includes the app’s assets, variables, UI, animation state, textures, and 1 CMSC 100 - Reviewer fonts. State Management Notes: ○ Most popular and necessary You can use State and setState() to manage processes in the lifecycle of an all of the state in your app application There is also no clear-cut, universal rule to ○ Flutter is declarative distinguish whether a particular variable is ○ Flutter builds its user interface to ephemeral or app state reflect the current state of your application Provider Packages It is an easy to use package that wraps around InheritedWidgets that makes it easier to use and manage Widget listens to changes in the state and update it as soon as they are notified Flutter pub add provider Types of Provider: ○ ListenableProvider ○ ChangeNotifierProvider Types of Conceptual States ○ ValueListenableProvider Ephemeral State ○ StreamProvider ○ Called the UI State or Local State ○ FutureProvider ○ The state you can neatly contain in a single widget ListenableProvider ○ No need to use state management ○ Used for listenable objects. It will techniques on this kind of state just listen, then ask widgets depending use a StatefulWidget and the on it and affected by the state method setState() change to rebuild ○ Examples: Current page in a PageView ChangeNotifierProvider Current progress of a ○ Similar to ListenableProvider but for complex animation objects and calls Current selected tab in a ChangeNotifier.dispose automatically BottomNavigationBar when needed ○ notifyListeners() App State Method specific for ○ Called the Shared State ChangeNotifier ○ The state when you want to share This method is called many parts of your app anytime the model ○ Examples: changes in a way that might User Preferences change your app’s UI Login Info Notifications in a Social ValueListenerProvider Networking App ○ Listens to a ValueListenable and Shopping Cart in an exposes the value E-Commerce App Read/Unread State of Articles StreamProvider in a new App ○ Listens to stream, exposes the latest value emitted, and asks widgets 2 CMSC 23 - Reviewer Dominic B. Abelarde dependent on the stream to rebuild. ○ Screen FutureProvider Contains the screens to be ○ Takes a Future class and updates the shown in the app. widgets depending on it when the future is completed PACKAGES, PLUGINS, BACKGROUND TASKS Context.watch() ○ Listens to the changes on the provider model Packages Open Source Context.watch() Use the command flutter pub add ○ Returns the provider model without to place the package listening to it. into your mobile app Consumer ○ Calls the provider of a new widget and delegates its build. ○ It is specifically rebuilds a specific widget ○ It has a builder that has 3 parameters: Context -> for build method Name of Model -> Instance of the Package Components ChangeNotifier ○ Pubspec.yaml Child -> Optimization The metafile that declares the package name, version, Different State Management Packages author, and other Provider information. Riverprod ○ Lib setState Public code in the package InheritedWidget and InheritedModel Redux Package Type BLoC/Rx Dart Packages GetIt ○ General Packages written in MobX Dart Binder ○ This package might contain Flutter GetX specific functionality and have a dependency on the Flutter Framework, restricting their use to Section your Code into 3 Different Flutter only. Folders ○ Model Plugin Packages Contains the data ○ It is a type of package structure/classes ○ Specialized Dart package that ○ Provider contains an API written in Dart Contains the functions/logic 3 CMSC 100 - Reviewer code combined with one or more Endorsed Federated Plugin platform-specific implementations. ○ Implementation for a specific ○ Can be written for Android, iOs, platform is added to the plugin and web, macOS, Windows or Linux. is automatically available to the app. Foreign Function Interface (FFI) Non-Endorsed Federated Plugin Plugin Packages ○ Need to manually add the ○ Specialized Dart package that dependencies for a platform then it contains an API written in Dart code is non-endorsed combined with one or more platform-specific implementations Background Process ○ This are the foreign function ○ Implementing Dart Code, even interfaces though your app is not the currently ○ Used to call native C APIs, and to active app read, write, allocate, deallocate ○ Example: native memory Notifications Sensors Creating your own package ○ Use flutter create Isolates -template=package ○ Dart’s model for multithreading, though an isolate doesn’t share memory with the main program Implement the Package ○ Used by creating callbacks and ○ Add the functionality inside the main callback dispatchers lib/.dart WorkManager Plugin Federated Plugins ○ This plugin enables persistent Ways of splitting support for different background processing that platforms into separate packages. keeps tasks scheduled through It uses one package for iOs, another for app restarts and system reboots Android, for the web, and for IoT devices ○ https://pub.dev/packages/workmana It allows a domain expert to extend an ger existing plugin to work for the platform they know best DATA PERSISTENCE AND NETWORKING Federated Plugins Requirements ○ App-Facing Package Data Persistence Package that users depend on to use the plugin The capability to have data that the app ○ Platform Package uses or relies on to continue to be One or more packages that available regardless of changes to the contain platform-specific app’s state as it moves through the app implementation of code cycle. ○ Platform Interface Package Different Types of Persistent Data in Links the app-facing packing Android: to the platform package ○ App-Specific Storage ○ Shared Storage ○ Preferences 4 CMSC 23 - Reviewer Dominic B. Abelarde ○ Databases is uninstalled ○ Network Connection App-specific Storage Network ○ Store files that are meant for ○ Store data on the web with your your app’s use only, either in own network server. dedicated directories with an internal storage volume or different Data Persistence in Flutter dedicated directories with external storage. Using SQLite ○ Internal storage is used to save Read and Write Files sensitive information that other Store key-value data on disk apps shouldn’t access. ○ No permission needed for internal USING SQLite storage. ○ Uses the sqlite and path plugin ○ Files are removed when the app ○ Uses SQL statements in insert, is uninstalled. delete, update, queries compared to other local persistence solutions Shared Storage ○ Store files that your app intends to Read and Write Files share with other apps such as ○ Uses the pathprovider media, documents, and other files. ○ Pathprovider is a ○ Should use the MediaStoreAPI or platform-agnostic way to access Storage Access Framework and commonly used locations on the must include permissions in device’s file system reading and writing to the external ○ Temporary (cache) and Documents storage. Directory ○ Files are not removed when the app is uninstalled. Store key-value Data ○ Uses the SharePreferences Preferences Plugin ○ Store private, primitive data in ○ Limitations that it can only save key-value pairs. primitive data types (String, ○ This uses the SharedPreferences StringList, Int, Double, Bool) API to save values. ○ Not Designed for storing large ○ This enables you to save and amounts of Data retrieve persistent key-value pairs of primitive data. Categories of Storage Locations ○ This can be any primitive data: ○ Internal booleans, floats, ints, longs, and ○ External strings. ○ Files stored in preferences are Flutter Networking moved when uninstalled. ○ Uses the HTTP package ○ In the Android Manifest, it must Databases include the permission for INTERNET ○ Store structure data in a private database JSON and Serialization ○ Files are removed when the app ○ Serialization refers to the process to 5 CMSC 100 - Reviewer converting object to string while Make sure things work deserialization is from string to an Systematic + Automated object QA ○ Manual Serialization Types of Testing ○ Code Generation Libraries ○ Unit Testing Manual Serialization ○ Widget Testing ○ Use the built in library ○ Integration Testing dart:convert ○ Use the jsonDecode() returns a Map Unit Testing ○ Use the.fromJson() to ○ Easiest method to test an construct a new object with the data application. It is based on ensuring from the map structure. the correctness of a piece of code. It ○ Use the toJson() converts an object does not reflect the real to a map instance. environment. Code Generation Libraries Widget Testing ○ Use json_serializable or built_value ○ Ensuring the correctness of widget ○ Json_serializable creation, rendering and interaction allows the user to make with other widgets as expected. It regular classes serializable by goes one step further and provides a using annotations real-time environment to find more ○ Built_value bugs. provides a higher level way of defining immutable value Integration Testing classes that can also be ○ Involves both unit testing and serialized to JSON. widget testing along with external components of the application like a Firebase database or web service. It ○ Backend-as-a-Service (BaaS) app simulates or mocks the real development platform that provides environment to find all bugs early. hosted backend services such as realtime database, cloud storage, Test-Driven Development (TDD) authentication, crash reporting, ○ A software development approach machine learning, remote where tests are written before the configuration, and hosting for your actual code static files. App Releasing Change Icon TESTING, DISTRIBUTION AND Change App Name MONETIZATION Sign the App Release Config Flutter Testing Testing is an important phase in the Change Icon development cycle. It ensures that the ○ Go to pubspec.yaml application is of high quality. ○ Flutter pub get It requires careful planning and execution. flutter_launcher_icons 6 CMSC 23 - Reviewer Dominic B. Abelarde ○ Then add these lines. ○ Introduced Asset Packs and Dynamic Features Monetization Ads In-App Purchases Payments Change App Name Ads ○ Go to Android Manifest ○ Easily integrate with Google AdMob ○ Change Android label and Ad Manager ads directly in your Flutter app. In App Purchases ○ Built in-app revenue with Google Play and App Store support for Flutter. Sign your App In Payments ○ You need to create a keystore. ○ Seamlessly accept payments with ○ Keystore is used to verify the multiple providers in your Flutter ownership of an application by app. providing a digital signature. ○ You need to configure the reference from the app ○ Configure the gradle file inside the MOBILE SECURITY app. Mobile Security ○ The process of developing, Releasing adding, and testing security ○ Type in the terminal: flutter build features within the application appbundle to prevent security vulnerabilities ○ If you want an apk: flutter build apk against threats such as unauthorized access and modification Android Application Package (APK) ○ The file that is to be installed on a Open Worldwide Application Security device Project (OWASP) ○ Contains all of the app’s file and ○ A Nonprofit foundation that code inside works to improve the security of ○ Signed with app’s certificate software ○ Community-led open source Android Application Bundle (AAB) projects including code, ○ Publishing format that includes documentation, and standards all your app’s compiled code and ○ Over 250+ local chapters worldwide resources and defers APK ○ Tens of thousands of members generation and signing to Google ○ Industry-leading educational and Play training conferences ○ Introduced in 2018 7 CMSC 100 - Reviewer OWASP Top 10 Mobile Risks 2024 ○ Harm the victim by destroying or 1. Improper Credential Usage manipulating the victim’s critical 2. Inadequate Supply Chain Security data. 3. Insecure Authentication/Authorization 4. Insufficient Input/Output Validation (7) Insufficient Binary Protection 5. Insecure Communication ○ There is sensitive information in the 6. Inadequate Privacy Controls app/code itself 7. Insufficient Binary Protections 8. Security Misconfiguration (8) Security Misconfiguration 9. Insecure Data Storage ○ Example: you did not change the 10. Insufficient Cryptography default password or the system is in development mode (1) Improper Credential Usage ○ Hardcoded Credentials (9) Insecure Data Storage ○ Insecure Credential Transmission ○ Storing data in plain text ○ Insecure Credential Storage ○ Shared to all ○ Weak User Authentication (10) Insufficient Cryptography (2) Inadequate Supply Chain Security ○ Weak Encryption Algorithms ○ Lack of Security in Third-Party ○ Insufficient Key Length Components ○ Improper Key Management ○ Malicious Insider Threats ○ Inadequate Testing and Validation Flutter Testing ○ Lack of Security Awareness Flutter Security Strategy is based on 5 Key Pillars: (3) Insecure Authentication / ○ Identity Authorization What risk happened ○ Presence of Insecure Direct Object ○ Detect Reference (IDOR) vulnerabilities Where the risk happened ○ Hidden Endpoints ○ Protect ○ User Role or Permission Protect the data Transmissions ○ Respond Action to secure data (4) Insufficient Input/Output ○ Recover Validation Retrieve the data that has ○ SQL Injection been damaged ○ Inadequate Output Sanitization Code Obfuscation for (7) Insufficient (5) Insecure Communication Binary Protection ○ No Secure Sockets Layer/Transport ○ Process of modifying an app's Layer Security binary to make it harder for humans to understand. This (6) Inadequate Privacy Controls hides function and classnames ○ Impersonate the victim to commit a in your compiled Dart code fraud, ○ Misuse the victim’s payment data, ○ Blackmail the victim with sensitive information or 8 CMSC 23 - Reviewer Dominic B. Abelarde Obfuscation Examples of Mobile Analytics ○ Android/iOS/macOS supported ○ Advertising KPIs ○ Linux/Windows not supported ○ Funnel Analysis ○ Web - minified ○ App performance and usage ○ flutter build apk --obfuscate ○ Heatmaps --split-debug-info=/ ○ Retention rates / ○ Click-through rates ○ Conversion rates ○ Response rates to push notifications and marketing campaigns GROWTH, ANALYTICS, AND BEYOND APPS AND PHONES Types of Mobile Analytics Growth of Mobile Development ○ Mobile Advertising ○ Market Size amounted to 228.98 ○ App monetization billion USD in 2021 ○ Performance analysis ○ Projected to have a Compound ○ In-app engagement Annual Growth Rate of 14.3% from ○ Mobile analytics for product teams 2024 - 2030 (est. 567.19 billion ○ Mobile analytics for marketing teams USD) ○ Mobile analytics for UI/UX teams ○ Gaming Application segment of ○ Mobile analytics for technical teams mobile applications held the largest revenue share of 34.0% in 2023. Key Mobile Metrics ○ Android mobile apps were large but ○ Mobile Downloads iOS generated 62.0% of the ○ Uninstalls revenue. ○ Heatmaps and user session ○ Asia Pacific dominated the market recreations and accounted for over 32.0% of the ○ Session length and depth revenue share in 2023. ○ Retention Rate ○ Key players in the mobile market are ○ Churn Rate Apple Inc., Google LLC, Microsoft ○ Sessions Corporation, Amazon Inc. and ○ Session Intervals Gameloft SE ○ Factors that Drive the Mobile Application Market Future of Mobile Application Smartphone Proliferation Development Increase Internet Penetration ○ 5G Growing use of technologies The focus of 5G is speed. It’s such as Machine Learning & not just faster than 4G. Artificial Intelligence Allows users to connect to different networks, connect with wearables, devices, and Mobile Analytics machines. ○ Measuring and analyzing data Information transfer of generated by mobile platforms milliseconds, and reducing and properties latency which provides a better user experience. 9 CMSC 100 - Reviewer ○ AR and VR move beyond gaming such as an electrocardiogram AR and VR, Augmented and also can be used to be Reality and Virtual Reality used as which imposes artificial images and objects on ○ Security real-life objects. more information is online so However, AR and VR are no there is a fear of consumer longer solely for gamers; security and privacy. these technologies are rapidly expanding to other industries, including travel, real estate, and retail. ○ AI. AI everywhere Artificial Intelligence can stand out in facial and speech recognition - biometric markers. AI can be used to improve user safety and data security in fraud detection. ○ Blockchain goes beyond cryptocurrency Blockchain goes beyond cryptocurrency, blockchain is essentially a digital ledger that securely records transactions. This is now often used in mobile wallets and p2p (person to person) payment systems. This can improve speed and security. ○ Wearables are more sophisticated Wearables can be watches, earbuds, and other smart devices. These wearables can fulfill a range of functions from voice activation for phone calls, to helping the number of steps. Not only smart devices can be used to do these trivial things but they can also be helpful in health monitors 10

Use Quizgecko on...
Browser
Browser