What is Oracle MAF [closed] - oracle-maf

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I am new to the World of Oracle MAF.Could anyone help me to describe what is Oracle MAF and the key concepts of Oracle MAf? It will be helpful for me to understand

Oracle Mobile Application Framework (Oracle MAF) is a hybrid-mobile framework that enables developers to rapidly develop single-source applications and deploy to both the Apple iOS and Google Android platforms. Oracle MAF provides a complete MVC development framework - that leverage Java, HTML5 and JavaScript - with declarative user interface definition, device services integration and built-in security. Oracle MAF maximizes code reuse and results in faster development of compelling mobile applications.
Concepts of MAF
Visual and declarative development
Mobile optimized user experience
Simplified access to device services
Code in Java and run on multiple mobile OSs
Offline support using encrypted SQLite
Built-in security for authentication, authorization and encryption support
Features and Benefits
1.Develop once, deploy to multiple mobile devices and platforms including iOS, Android and Windows.
2. Choose your preferred development language Java or JavaScript
Leverage Over 80 components for simpler development of richer user interfaces
Accelerate development through visual & declarative application development
Choose your preferred IDE - Oracle JDeveloper or Eclipse
Access native device services, such as phone, SMS, camera, GPS and more
Integrate both on-device and browser-based mobile interfaces into the same applications
Leverage existing skills to develop mobile applications using open standard technologies (Java, HTML5, JavaScript, CSS)
Supports both real-time and offline data access
Offline support using SQLite – encryption included
Build secure mobile applications with end-to-end encryption on a proven platform

A good pace to start with MAF are the free online videos that Oracle has posted, here. Main oracle MAF site on OTN, here. Tutorials here. More details here.

Related

What is means by 'Universal Windows Platform (UWP) app is a Windows experience'

In this link https://msdn.microsoft.com/en-us/library/windows/apps/dn726767.aspx
it is said 'Universal Windows Platform (UWP) app is a Windows experience'.What is actually Windows experience means?
Well, basically what it means is; That by creating a UWP you are creating an app that will run across the Windows Platforms, thus giving the full Windows experience. Having an app that gives a familiar "experience" across all the devices that support Windows UWP (Xbox One, PC, Tablet, Phone, IoT, HoloLens) that is the goal.
Microsoft’s language around Windows has changed in the last year. Where Windows was originally a brand indicating an interconnected system of software, it is now used philosophically to represent the mission statement to let people do more.
The idea is, because of the Windows experience, developers can create software that operates in a new paradigm. More specifically, users can experience software in a way that centers around them as a user and not the device they are using.
This new workflow approach downplays the built-in interoperability of Microsoft products, and highlights the opportunity to create software that can do far more to change the way users and companies leverage and experience software.
At its heart, the Windows experience, is the experience that defines a better way to use software. This is a subjective thing depending on the type of user or industry – but it is also a far more broad-reaching definition that no longer simply implies: “build an app that can run on multiple devices”.
Good job teasing out this new language. Not everyone has noticed yet.
At the core of the Universal Windows Platform is the technology enabling code written for one Windows device to seamlessly transition to other devices and form factors. The Windows experience is the full panoply of Microsoft services, including those targeting iOS, Android, and traditionally competing products like Sales Force.
PS: the Windows Experience is not the performance measurement tool introduced in Vista to evaluate hardware for its readiness for an advanced graphics, etc.
The Windows experience, in the new mission-oriented form, is intended to promote a love for Windows - but thinking of Windows not as an Operating System, but, instead, as a family of reliable solutions. It's a nice change, and I (personally) am excited to see how it inspires developers.
I hope this helps.
I believe the intention is to encourage those creating software to not think about an isolated app that just runs on a single device (or class of devices) but to create an "experience" that can travel with the user across multiple devices.
For example, don't just think about creating a phone app or a desktop/tablet app. Instead think about how the user will experience interacting with your software (and presumably the same data) as they use different devices, in the Windows 10 family, at different times and in different ways.
Windows as an ecosystem has been moving closer and closer together in terms of developing for different devices for years. With Windows 10, you finally have a true universal platform where you can develop for phones, tablets, desktops, HoloLens, Xbox, etc with one code base. Sure, there are specific API tweaks, but those devices run the same core allowing you the developer to create experiences across multiple different devices!

Are there any tools for websites or app security scanning on Mac?

I want to do some security test for iOS app. There are some HTML5 pages in the app, so I want to do some security test such as network request, or others. I know there are many tools on Windows, but are there some tools on Mac? I also want to know the tools about scanning the app directly, are there?
Metasploit is a very good tools for mac to do penetration testing.
This is the most advanced and popular Framework that can be used to for pen-testing. It is based on the concept of ‘exploit’ which is a code that can surpass the security measures and enter a certain system. If entered, it runs a ‘payload’, a code that performs operations on a target machine, thus creating the perfect framework for penetration testing.

What does Firefox Marketplace offer to developers that Appstore or Google Playstore don't? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 9 years ago.
Improve this question
In other words, why should developers build HTML5 applications instead of iOS or Android apps and deploy to Firefox Marketplace? What are the incentives that Firefox Marketplace offers to attract developers from other application platforms?
It's an interesting question, and i am going to paste you some text that i find out related to the topic. It explains better the idea than probably I could do.
Open Web Apps are essentially no different than standard websites or Web pages. They are built using standard open Web technologies — HTML, CSS, JavaScript, etc. — and can be accessed using a Web browser. The main differences lie in their ability to be installed on a device and work offline, and access to advanced APIs that allow interaction with device features such as the camera, address book, and other such things. In addition, they are built on open technologies as much as is possible. Where differences lie in technology implementation between platforms, efforts should be made to ensure that both are supported, through a combination of feature detection and appropriate code for different platforms, and graceful degradation.
From the ground up Mozilla has been building an apps system that lets users buy an app once and run it on all of their HTML5 devices. When you purchase an app through the Firefox Marketplace, the system installs a receipt on your device. The receipt is a JSON Web Token with metadata that links to the Marketplace’s public key and its verification service URL. When an app starts up it can verify the receipt but the receipt on the device is not tied to the Firefox Marketplace. The receipt is just a cryptographically verifiable proof of purchase. Anyone can sell open Web apps if they follow the receipt specs. When you buy an app, it is intended to be portable across any device that supports the Open Web Apps system.
In the future the Open Web Apps system will support syncing your installed apps across devices. Since receipts are portable you could just sync them yourself if you wanted to. In case it’s not obvious, you can always run a free open Web app in any browser because it is no different than a website. It might, however, use new mobile specific web APIs which are not implemented on all platforms.
To me the main thing is not start thinking on create Firefox OS apps, create web apps that is better to you and the web, and Mozilla is making a good job making it real.
Those links are interesting to read and to see what will come to the web in the future:
https://developer.mozilla.org/en-US/Apps/Quickstart/Build/Intro_to_open_web_apps
https://marketplace.firefox.com/developers/

Considerations for EMET features when making programs

I'm currently in a project for a small C++ windows game application and its library.
Recently I found that Enhanced Mitigation Experience Toolkit (EMET) could be used on the client's PC to improve security.
I have toyed with EMET and even an application from Microsoft (e.g. sidebar.exe) hasn't been compatible with it, so it must require several special cares for programs to be compatible with EMET features such as ASLR or EAF.
What should I take into account to make my programs compatible with EMET features?
Is there any options for compilers or restrictions of workflow?
Thanks.
EMET is for legacy software which you cannot get their code utilize unavailable-unless-rebuilded security features.
If you can rebuild your software, refer to this page to enable them.

Windows Phone 7 Security Issues

I was looking into OWASP Top 10 Mobile Risks for security issues to be kept in mind while developing mobile applications. They have given very good information pertaining to Android and iOS platforms. Some notable ones include Client Side Injections, iOS Abusing URL Schemes, Android-Abusing Intents, Keystroke logging, Screenshots/iOS Backgrounding, Logs etc.
These were very useful and now I want to know if there are any new vulnerabilities that exist in Windows Phone 7 , which were not present in Apple iOS and Google Android.
My requirement is, I need to build somewhat like a Damn Vulnerable WP7 App to educate the WP7 developers in my project to build secure applications for our clients.
OWASP has already built iGoat (iOS application) and DroidGoat (Android application) for the sake of iOS and Android developers. I dont see any such application for Windows Phone 7.
Currently WP7 appears to be a very secure OS. Whilst I am sure it has vulnerabilities, these have not been exploited yet. Interestingly AVG released an anti-virus / malware app for WP7. This was pulled from the marketplace because it didn't actually do anything since there are no viruses for the phone yet!
http://www.winrumors.com/microsoft-pulls-avg-antivirus-windows-phone-app-from-the-marketplace/
There has been a recent SMS flaw discovered:
http://nakedsecurity.sophos.com/2011/12/14/windows-phone-7-5-susceptible-to-sms-hack/
Having said that, there is still a need to educate developers about security. You can of course build an application which has its own security vulnerabilities by failing to protect the users data for example.
if there are any new vulnerabilities that exist in Windows Phone 7
Actually, I dare say there ain't any old ones either. Most of the security issues on Android is caused by the ability to change the system 110%. Windows Phone don't have intents, don't allow process inspection, or access to the raw file-system.
As Colin said, the security issues there can occur is related to data handling. For instance, the isolated storage can be inspected by jailbreaking the device, and as such you can read out unencrypted passwords (or other personal data) from the isolated storage.
However, to jailbreak a device, you need physical access to it. And you can't remote install a application for inspecting the isolated storage, even if the device was jailbreak'd. It can only be done by USB.

Resources