Wednesday, July 29, 2015


So why is NSA making the attempt to collect all communication?  We have two data types, un-encrypted and encrypted. Which you think is the ruse here?

If I encrypted something with one key and send it one time to only one person, its secure. Well sort-of as if has a part that is the same content wise with another message using the same key it is no longer secure. Remember, Gmail uses one SSL key folks, so does Yahoo and MS and Apple.[Slight correction, all those who use SSL/TLS have one key per short session with the key being set to anew on if the session is long]

Or to put it another way NSA needs to collect all encrypted traffic to brute  force attack through message attacks a particular key and or particular message. It gets more accurate, the brute force attack, if you have almost all the encrypted messages of a particular key.

What is the counter? Change your keys often and vary what human language you use in the content such as using a human language that has a high amount of letters, Chinese.

Tuesday, July 28, 2015

I have a Secret

I have a secret but the secret is not the content of the secret but the packaging of the encryption used to encrypt the secret and the generation of the keys used. The war on NSA over-stepping their mission is about to take a new turn, its been 5+ years of starving and struggling to discover this new mathematically complex invention.

Saturday, July 25, 2015

The CodeQA Trick,Android and Gradle

Okay, so I will give the mock-like code to enable codeQA on your buildtypes/buildvariants:

gradle.taskGraph.whenReady {taskgraph ->
//than we do codeqa on main sourcesets
//than do codeqa on debug sourcesets
//than do codeqa on release sourcesets

You put the codeqa task and the checkDependsOn(youttask) in the if bracket. your preNameBuild gets named for the particular build type or build variant. Its a in-elegant hack but it works.

Thursday, July 23, 2015

Gradle AutoCodeQA Progress

So I have been composing notes on the particular build system I use for android development at:


and what is exciting is now I am to the point where I can put the codeqa tasks in automate it for use with dagger android projects.

A little background. Android SourceSets under the Gradle build system are not Gradle SourceSets so things like the codeqa plugins within Gradle do not auto-execute as far as recognizing what sourceset they are suppose to analyze.

The other challenge is that you of course want these tools to run when the CI server runs but not when you incrementally writing code. That is quickly solved by integrating with disable PreDex code in that the same command to assemble and disable PreDex for Ci servers also enables the codeqa tool runs.

Than there is 3rd challenge in that you may want the output of JDepend, PMD, Checkstyle, FindBugs, and Android Lint merged which requires coding xslt merge files about 4 or 5 in total.

If you are a funded Chicago or USA start-up its the type of engineering you may want in an Android Developer.(No I do not deal with recruiters)

Tuesday, July 21, 2015

Some Start-Ups Suck

What really sucks about searching for remote 1099 contract android developer opportunities is that most Start-ups lie about things, such as they will list a gig or position with a salary and no-equity but in fact they have no funding to make good on such an implied promise.

And the interface to weed out all the liars, really someone should be effing shot for that web interface design.

Saturday, July 18, 2015

Microsoft doesn't hire more Girls because their scared of Girls

Microsoft doesn't hire more Girls because their scared of Girls beating them in a field that they thought was their place to hide. The day is coming when a Girl will lead a company that will put Microsoft out to pasture..

Monday, July 13, 2015

Debugging Android Libraries

In a library you are coding stick publishNonDefault true

in the library build file. Now stick the hugo plugin dependency in the root build file and apply the plugin in your library build file. Now oh the magic..set the compile project to use path and configuration and set configuration to debug. Now use the library in your app and you will be magic get debug logs of the library as extra. Neat huh?

Thursday, July 9, 2015

Typeface Loading

I wrote a small article on Typeface Loading and it does have code:

Typeface Loading

Wednesday, July 8, 2015

Android Bug canvas.drawText

Okay this is for the Android Bugs canvas.drawText and canvas.drawTextOnPath for text sizes below 1f and above 256 on 4.x and 5.x devices with hardware aceelration on.  You guys ready?

Use canvas.drawPath instead. Evidently, we are dealing with some changes in native coding not fully followed up in all methods.

Thursday, July 2, 2015 Clowns

In marketing to statrt-ups to gain the next gig you have to watch out for clowns. What are Clowns?

They are the clowns that you do not want to work for in that they will put up a job ad with listed stock options of 0.1% and salary of $80,000 but not mention that they are unfunded and that the part time work of doing the app only upside is the job when funded. Bare minimum if they want to ask someone to do that than there should be an offer a little higher than 0.1 % stock potions as doing the app is the trigger point for the funding round.