App Inventor is a “low code”, visual software development tool. Such “drag and drop” programming tools enable non-programmers (and programmers) to create many types of applications without the details of traditional programming code.
This leads to an important issue – will less trained/less experienced programmers inadvertently introduce security problems in their applications?
Gartner predicts that by the end of 2025, over 65% of development projects will use low-code builders. The field of low-code continues to expand. But what security implications does low-code introduce? Low-code refers to tools that enable application construction using visual programming models. Adopting drag-and-drop components instead of traditional code, no-code and low-code platforms enables non-technical folks to construct their own workflows without as much help from IT. Yet, handing power to citizen developers with less security training can be risky. Plus, low-code platforms may hold compromised propriety libraries or leverage APIs that may unknowingly expose sensitive data to the outside world. There’s also the possibility that low-code could increase shadow IT if not governed well.
How to Mitigate Low-Code Security Risks
A follow up to my earlier post asking about interest in other programming languages.
For now, this is just an idea. Looking for feedback!
Anti-virus software makers are detecting malware that attempts to exploit the security vulnerabilities identified as Spectre and Meltdown. Since code must execute on the computer to exploit these vulnerabilities, anti-virus software is being updated to detect such malware attacks. Of course, some such malware may yet get through our defenses and could end up on machines.
Source: Meltdown-Spectre: Malware is already being tested by attackers | ZDNet
My view is that for most of us, its just another form of malware. We all need to be pro-active about avoiding malware by taking appropriate steps such as installing code we know to be good, using anti-virus software, and keeping our systems generally update. Meltdown and Spectre are just two more exploits that hackers can use.
In early January, two security exploits were revealed, both of which take advantage of ways that processors work to improve their performance. This video looks at the SPECTRE exploit; the other exploit is called MELTDOWN. Rather than speculative execution, it exploits a feature of Intel processor known as “out of order” execution to gain access to protected system memory. MELTDOWN is not covered in this video, however.
A high level look at the concepts of compilers, interpreters, byte codes and Just-in-Time compilation, as ways of converting our programs into executable programs or machine instructions processed by the CPU.
The first video provided a high level look at computer system architecture.
The second video introduced the concepts of the CPU or processor.
This video introduces the conversion of our high level programs into machine executable code. Note that this video does not cover specifically how App Inventor blocks code is converted into an executable program.
The fourth video, relying on the information covered in the first 3 videos, will explain the ideas behind the SPECTRE exploit.
If you have used MIT App Inventor (and of course you have!), you can quickly adapt to using Blockly for programming. Blockly is basically a “Drag and Drop” code editor (like in App Inventor), providing a visual programming system. It uses the same ideas as MIT App Inventor.
To see it in operation, visit MIT’s Scratch project to create a simple program.
Source: Google Developer’s Blog
WATCH THIS VIDEO!
(FYI I am half way through my period of traveling too much and not getting much programming done!)
That is the actual future of software development: It will become so easy and second nature, that for ordinary tasks you won’t even have to think about it.
Source: Dear Google, the future is fewer people writing code | TechCrunch
Tools like MIT App Inventor, and others, are making programming so easy that it no longer requires extensive training and high levels skills to create many types of useful programs.
Writing code will become less and less necessary, making software development more accessible to everyone. This will allow people to solve new and unique problems for themselves, and true software engineers will continue to find ways to empower others through various platforms.
We used to call people who wrote programs, programmers. Later, this was change to titles like software developer, software engineer or sometimes computer engineer. Today, the media has short circuited the entire field to just “coders”, which seems like a downgrading of skills and title.
Some new “extension” features are available for testing in App Inventor at MIT App Inventor Extensions. The 4 extensions include vector addition, simple image processing, simple audio processing to identify the pitch of a sound, and the addition of multi-touch gestures to the Canvas.
I have not yet had time to try these but this is a sign of things to come as 3rd parties can begin to develop extensions to the core set of App Inventor features.
Look forward to trying these out! Click on the link above to take a look.
Download here: App Inventor Basic Text Files Cheat Sheet (PDF)
High res, suitable for printing. Feel free to share with others.
App Inventor sample source code: TextFile.aia
Be sure to follow the links for more information about text files and where they are stored on your device and how to transfer files to your computer.
Here is a GIF image but use the PDF for printing:
E-Books and Printed Books
If you find these tutorials helpful (I hope you do!) please take a look at my books on App Inventor. To learn more about the books and where to get them (they are inexpensive) please see my App Inventor Books page.
- App Inventor 2 Introduction (Volume 1 e-book)
Step-by-step guide to easy Android programming
- App Inventor 2 Advanced Concepts (Volume 2 e-book)
Step-by-step guide to Advanced features including TinyDB
- App Inventor 2 Databases and Files (Volume 3 e-book)
Step-by-step TinyDB, TinyWebDB, Fusion Tables and Files
- App Inventor 2 Graphics, Animation and Charts (Volume 4 e-book and printed book)
Step-by-step guide to graphics, animation and charts
Thank you for visiting! — Ed