iTunes Connect: How to chose a good SKU?

SKU stands for Stock-keeping Unit. It’s more for inventory tracking purpose http://en.wikipedia.org/wiki/Stock-keeping_unit

The purpose of having a SKU is so that you can tie the app sales to whatever internal SKU number that your accounting is using.

You make up your own SKU number.

安卓工作日记

ACTIVITY控制所有FRAGMENT,FRAGMENT交互必须通过ACTIVITY。尽量减少IO数据库读写,减少NEW生成函数的使用,可以使性能更优化。信息都在ACTIVITY层做管理。

更新页面操作:ACTIVITY把数据传给FRAGMENT,FRAGMENT接收新数据,叫ADAPTER更新数据,ADAPTER不同于GOOGLE推荐方法,但性能要高于GOOGLE推荐方法。

Android studio shortcut

Switch between tabs:

alt + left or right arrow

Last edit location:

cmd+shift+backspace ctrl+shift+backspace

This is a variation on the “Navigate Back” shortcut that cycles between the locations where you typed something.

Picture yourself fixing a nasty bug. You think you have the solution so you start fixing it but then realize that you have to look at the android source code and a couple other classes in your project. You enter a function, which leads you to another class, which leads you to another thing and 20 steps later, you finally have the insight needed to complete your fix… but in which file and at what line where you again? Just use this shortcut and you are right back at the exact line where you stopped writing.

Delete Line

cmd+backspace ctrl+y

It deletes the current line or selection.

Navigate to highlighted syntax errors => F2/Shift+F2

Join Lines and Literals

ctrl+shift+j ctrl+shift+j

This is doing more than simulating the delete key at the end of the line! It will preserve formatting rules and it will also:

  • Merge two comment lines and remove the unused //
  • Merge multiline strings, removing the + signs and the double-quotes
  • Join fields and assignments

Play and repeat a background sound in XCODE Swift

Firstly import your sound files into your project.

Screen Shot 2015-02-06 at 2.23.19 am

then write following code into AppDelegate.swift. note to repeat your your music, add audioPlayer.numberOfLoops=-1;

import UIKit
import AVFoundation

@UIApplicationMain
class AppDelegate: UIResponder, UIApplicationDelegate {

var window: UIWindow?
var audioPlayer = AVAudioPlayer()

func application(application: UIApplication, didFinishLaunchingWithOptions launchOptions: [NSObject: AnyObject]?) -> Bool {
var alertSound = NSURL(fileURLWithPath: NSBundle.mainBundle().pathForResource(“bgmusic”, ofType: “mp3”)!)
println(alertSound)

var error:NSError?
audioPlayer = AVAudioPlayer(contentsOfURL: alertSound, error: &error)
audioPlayer.prepareToPlay()
audioPlayer.play()

return true
}

What the celebrity photo hack can teach us about cloud security

By now, you have probably heard about the digital exposure, so to speak, of nude photos of as many as 100 celebrities, taken from their Apple iCloud backups and posted to the “b” forum on 4Chan. Over the last day, an alleged perpetrator has been exposed by redditors, although the man has declared his innocence. The mainstream media have leapt on the story and have gotten reactions from affected celebrities including Oscar winner Jennifer Lawrence and model Kate Upton.

Someone claiming to be the individual responsible for the breach has used 4Chan to offer explicit videos from Lawrence’s phone, as well as more than 60 nude “selfies” of the actress. In fact, it seems multiple “b-tards” claimed they had access to the images, with one providing a Hotmail address associated with a PayPal account, and another seeking contributions to a Bitcoin wallet. Word of the images launched a cascade of Google searches and set Twitter trending. As a result, 4Chan/b/ — the birthplace of Anonymous — has opened its characteristically hostile arms to a wave of curious onlookers hoping to catch a glimpse of their favourite starlets’ naked bodies. Happy Labour Day!

This breach is different from other recent celebrity “hacks” in that it used a near-zero-day vulnerability in an Apple cloud interface. Instead of using social engineering or some low-tech research to gain control of the victims’ cloud accounts, the attacker basically bashed in the front door — and Apple didn’t find out until the attack was over. While an unusual, long, convoluted password may have prevented the attack from being successful, the only real defence against this assault was never to put photos in Apple’s cloud in the first place. Even Apple’s two-factor authentication would not have helped.

iBrute iForce iHack
The breach of the celebrities’ iCloud accounts was reportedly made possible by a vulnerability in Apple’s Find My iPhone application programming interface — at least, that’s what has been suggested. Proof-of-concept code for the exploit, called iBrute, allowed for brute-force password cracking of accounts. It was uploaded to GitHub on August 30, just a day before the breach occurred, as ZDNet’s Adrian Kingsley-Hughes noted. Apple patched the vulnerability early on September 1.

All the brute force attack did was test combinations of e-mail addresses and passwords from two separate “dictionary” files. It required knowledge (or good guesses) of the targets’ iCloud account e-mail addresses and a huge list of potential passwords. Because of this weakness, the Find My iPhone service did not lock out access to the account after a number of failed attempts — so the attacker was able to keep hammering away at targeted accounts until access was granted. Once successful, the attacker could then connect to iCloud and retrieve iPhone backups, images from the iOS Camera Roll, and other data.

iCloud’s history of abuse
Apple’s iCloud security has been bruised and broken before, though most of the past attacks have been based on social engineering and use of publicly available information about the victims. Christina Aguilera, Scarlett Johansson, and other celebrities were hacked in 2011 by a Florida man who essentially guessed passwords or recovered them using personal details. He then set up forwarding addresses in their e-mail accounts to an account he controlled — allowing him to answer security confirmation e-mails and take control of their devices.

And then there’s the story of what happened to Wired’s Mat Honan in 2012: a “hacker” was able to get access to the last four digits of his credit card number from Amazon and, using that information, gained access to his Gmail account. The attacker then called Apple’s tech support and convinced Apple that he was Honan, getting the password on his account reset.

Caveat selfor
Given how much of what is on smartphones is now automatically backed up to the cloud, anyone should take pause before disrobing before their smartphone camera — regardless of the phone operating system or how that image will be delivered to its intended audience. The security of all of these services is only as secure as the obscurity of the mother’s maiden name of the person you sent that picture to — or of the next zero-day flaw.

Apple’s iOS backs up your photos to iCloud by default if you configure an account. Android’s backup does the same, and Google Plus, Yahoo Flickr, and many other services offer to automatically sync your images to the cloud. Even if you don’t set one of these up for syncing, you never know what the person you send the picture to will do with them. Even “ephemeral” messaging applications like SnapChat, Glimpse, Wickr and the like don’t block people taking screen captures of the image — and if image recipients are using an iPhone, those might automatically get synced to their cloud.

If it’s in the cloud — a public, free cloud service, especially — then chances are good that eventually it will find its way to the Internet. Cloud services are leaky by their nature; things that are supposed to be private get stored alongside things that are shared, and anything from user error to a previously undiscovered vulnerability can make even strong passwords pointless, while exposing all of those things to the world.

And what happens when a cloud store gets breached? If the one doing the breaching is never caught, the answer is “not much” — because the cloud providers are generally covered from the victims’ wrath by terms of service.

In a conversation I had on Twitter this morning with Tal Klein, the vice president of strategy for the cloud security firm Adallom, Klein said there were two things to take away from this latest breach: “1. Don’t take pictures of your junk; it will end up on the Internet somehow at some point. 2. Not all security is equal. And all vendors are mostly indemnified. So use the cloud because it’s great, but be cognisant of accountability.”

Or, as Ricky Gervais tweeted (and then deleted): “Celebrities, make it harder for hackers to get nude pics of you from your computer by not putting nude pics of yourself on your computer.” It’s not that it’s celebrities’ fault for being hacked; it’s just that they should arm themselves with the knowledge that the cloud is fundamentally insecure in the future.

Project concept

Callback function for login, delegate to different view based on different roles.

When customer register, no need for password. Device id will be auto becoming the password. When passing into http, data will be encrypted. This encryption can be reversed into reader data at server. For password, it will encryped by SHA4 and stored in database, the password encryption is inversable, which means even the company’s server breaks, there is no way to read the real password.

XCode Version 6.0.1 Deployment Target: 7.1 Language: Objective-C

I just filed a bug report with Apple on this same issue. The default Launch Screen template includes your app’s name as a label and if that name has an ampersand it invalidates the XML. You can fix this by opening your Launch Screen in a text editor (right click on it in Xcode and select “Open with External Editor” and then doing a Find & Replace for & with &.