Seva Lapsha at Work & around

Software Architect, Project Lead

Archive for the ‘software’ Category

Android adware removal story

leave a comment »

Yesterday started getting random spam ads on my OnePlus 2​:

  • overlay ads of certain popular junk games,
  • fake desktop icons linking to Google Play Store of same games,
  • fake missed calls linking to there.

It was virtually impossible to figure out the responsible processes without additional tools, mainly due to the hiding tactics of the adware.

To start I tried few most popular adware removers from the store, but they either didn’t detect anything, or crashed during the scan (maybe the adware killed them while they were running).

The first success was brought by Addons Detector (with all advanced detectors enabled). After another fake icon appearance it traced it to com.google.googlesearch (“Search”) which comes with AirPush component.

airpushdetector

Then I googled and found the package at AVG Threat Labs Android App Reports and used AVG to find one more malware process com.android.main.view (“Processor”) which was reported to have AirPlus in it.

The processes were installed as system apps. So the easiest way out was to use Titanium Backup Root Pro I already had installed (my phone is rooted).

After that I tried to dig further to understand how these processes appeared on my phone in the first place. I didn’t install any new apps recently, neither run any updates on root enabled apps. So the adware probably was here, but didn’t expose itself for few months.

I’m very conservative to give root access to software without trust research, but don’t rule out the chance that the junk could be injected with one of the few Aptoide originated apps I experimented with few months ago.

However, since AVG also identified 2 preinstalled bloatware apps to come with other dirty ad frameworks, my current hypothesis is that AirPush crap was on the phone from the very beginning, patiently waiting for its time to activate.

Written by Seva

2015-12-09 (December 9) at 05:33:07

Simple No-Framework Object Oriented Multi-Layer MVC Application Example

with one comment

Recently I’ve created the subj. It’s a memory game, written in pure PHP/HTML, called “PHP Memory”.

What was important for me to demonstrate is the next principles:

  1. Even if you don’t use a framework, you should write modular code with appropriate architecture.
  2. Despite that, the application design and code should match its required functionality with no overhead of unneeded patterns and abstraction or preparations for future enhancements, unless they’re planned.
  3. Nevertheless, the code should be readable and maintainable.
  4. The bottom line is – developing a framework versus developing an application are completely different tasks. The strategy and tactics should vary very much. Of course, developers should learn from the frameworks source code, since they accumulate collective experience of great coders, but the ideas implemented in frameworks sometimes not required or even harmful while developing an application.
The demo and source code can be found here.

Written by Seva

2011-08-30 (August 30) at 01:59:26

cURL HTTP1.1 empty POST bug

with 2 comments

Today we spent almost 2 hours on a weird discrepancy between our development and staging environments. It’s pretty rare, that I experience such low level issue, thus in my opinion it’s worth mentioning here.

Last weeks we were busy developing integration to a new data vendor. Everything went well until we deployed the application to stage.
Suddenly we started receiving HTTP status 411 on one of the calls. Since we work with cURL library, which we believed is stable enough, we thought the problem is somewhere between the source code and environment configuration.

Later we found that the same request gets accepted if sent from a client other than cURL (e.g. chrome-poster). The unique about this request is that it’s sent with POST method (the vendor’s strict requirement) but the content body is empty.

In the end we discovered that newer version (since 7.20) of cURL interprets missing body as a negotiation request – sends Expect: 100-continue header and Content-Length: -1.

So, the immediate solution was to send empty content body (zero-length string) to cURL, which aligned the behavior in all the environments.

On the way we discovered a useful option CURLINFO_HEADER_OUT, which enables a possibility to further retrieve the headers sent by cURL to the remote host. From now we use it in our error handling mechanism to trace the sent headers as well.

What can we conclude from this story?

  1. Try to synchronize the software of all of your environments. If possible, use exactly the same version OS version, libraries, tools, etc. It’s very easy if you host your applications on VPS and use VMs for development and staging servers. The least convenient case is when you have OSs of different architecture and (e.g. Windows for development and Linux for production).
  2. Don’t underestimate importance of error handling. Find the optimal level of handling for your application, which will be easily extended and configured.
Hope my sincere advices will help you, my dear friend, to save your precious time.

Written by Seva

2011-08-03 (August 3) at 12:47:35

Phing plugin for Eclipse PDT

with 6 comments

I love Ant integration into Eclipse JDT – it provides smart editor, handy auto-completion, and the most important – fully functional debugger.

Recently I have been laboring on porting a deployment system from shell scripts to Phing, a loose PHP port of Ant. And naturally, I miss the above. I still get a little aid from Eclipse – since Phing’s syntax is very close to Ant’s, I can at use Ant editor for Phing files to enjoy property navigation and target integrity validation.

I would be more than happy to announce that I’m going to fill the gap and implement Phing plugin for Eclipse PDT, but unfortunately – I’m too busy and too lazy. On the other hand, if you, my dear friend, will suddenly decide to accept this challenge, I can gladly invest my time in architecture, design, review & testing free of charge.:) Or should I anyway try to start it myself?

Written by Seva

2010-04-15 (April 15) at 12:31:09

Heart-Touching Quotation

leave a comment »

…When I was going to school we were always taught, “In the olden days of computing, computers were expensive and programmers were cheap. Now it’s the reverse. Therefore…” We are back to the future. At internet scale, programmers are (sometimes) cheap compared to the cost of electricity.

Kent Beck

Written by Seva

2010-04-15 (April 15) at 12:06:29

Competing design attributes: performance vs. maintainability

leave a comment »

Q. Is performance more important than other attributes like ease of use, maintainability etc? When designing your new code, what level of importance would you give to the following attributes?

A. You should not compromise on architectural principles for just performance. You should make effort to write architecturally sound programs as opposed to writing only fast programs. If your architecture is sound enough then it would allow your program not only to scale better but also allows it to be optimized for performance if it is not fast enough. If you write applications with poor architecture but performs well for the current requirements, what will happen if the requirements grow and your architecture is not flexible enough to extend and creates a maintenance nightmare where fixing a code in one area would break your code in another area. This will cause your application to be re-written. So you should think about extendability (i.e. ability to evolve with additional requirements), maintainability, ease of use, performance and scalability (i.e. ability to run in multiple servers or machines) during the design phase. List all possible design alternatives and pick the one which is conducive to sound design architecturally (i.e. scalable, easy to use, maintain and extend) and will allow it to be optimized later if not fast enough. You can build a vertical slice first to validate the above mentioned design attributes.

(c) Whoever

Written by Seva

2010-03-16 (March 16) at 12:51:42

Posted in development, integration, software, thought

Tagged with

Is Facebook PHP HipHop bullshit?

with 17 comments

Update: with the release of HHVM 2.0 the below becomes entirely obsolete. Cheers!

Yes, it finally happened – Facebook announced the PHP to C++ translator. Hurray!
So, after reading the post I can assume it:

  1. parses PHP code,
  2. extracts PHP AST,
  3. converts to C++ AST and
  4. generates C++ code.

Honestly, it’s not the best way of optimization, but probably is a quick win (BTW, why did it take for them so long?), which theoretically might indeed generate efficient C++ code.

But wait, what do they report? “We’ve reduced the CPU usage on our Web servers on average by about1 fifty percent3, depending on the page2.”

I have some doubts:

  1. Where is the objective and comparative statistics?
  2. Did they even collect the general statistics, or just tested some pages to see the difference?
  3. 50%? That’s it? And how about the fact that C++ is actually 3-500 times faster (also here) (That would be 70% to 99% reduce of CPU). In fact the well known PHP Accelerators provide the same level of performance improvement as HipHop! It’s interesting, did they try any of them before entering the so called “Hackathon”.

In addition to reflections above, looking at the profiles of 2.5 coders which hacked the translator, I sorrowfully tend to estimate that the answer for the question in this Post’s subject is positive. Nevertheless I’m full of sincere hope that further info will dispel my suspects and prove that HipHop is actually a brilliant peace of software.

Written by Seva

2010-02-03 (February 3) at 02:05:49

Posted in development, integration, php, software, thought, web

Tagged with

Follow

Get every new post delivered to your Inbox.

Join 784 other followers