Dec 9, 2022 2 min read

Issue #18

New “Android Talks” podcast website, security patches, app-signing key leaks, and KMM 📱

Hey! 🤙

Time for another issue of the newsletter. Today we’ll focus on two topics - Security and KMM.

🙏 A small request, before we start 🙏

Before we start, I'd like to ask you for a small favor. It's very important to me to constantly improve this newsletter, which is why I created a place where you can leave your feedback. It will be very useful to me and will be visible to people who are considering signing up.
If you are interested, click below and leave your review. Thanks! 😄

🔗 Click and leave your feedback

📣 Announcement 📣

I’d like to announce the launch of my new podcast website “Android Talks”. The podcast is made in Polish and covers many topics related to mobile app development, including architecture, security, testing, and latest tools like KMM, useful libraries, etc.

Be sure to check it out and subscribe on your favourite platform to never miss new episodes!

🎙 https://androidtalks.com/

Okay, back to business. 😎

If these links don't work in your email client, try reading this issue on my website.

1) Android December 2022 security updates fix 81 vulnerabilities

2) Samsung’s Android app-signing key has leaked, is being used to sign malware

3) Awesome KMM

4) Dependency Injection in Kotlin Multiplatform Mobile projects | KMM Beta

1) Google has released the December 2022 security update for Android, fixing four critical-severity vulnerabilities, including a remote code execution flaw exploitable via Bluetooth.

This month’s update addresses 45 vulnerabilities in core Android components with patch level 2022-12-01, and another 36 vulnerabilities impacting third-party components addressed in patch level 2022-12-05.

🔗 Android December 2022 security updates fix 81 vulnerabilities

2) Samsung, LG, Mediatek and others. Do you know these companies? Probably you do. Did you know that their platform certificate keys have been leaked and now other apps may be signed by them and use the same set of permissions without asking anyone? Welp, that’s exactly what happened. Find out more below 👇

🔗 Samsung’s Android app-signing key has leaked, is being used to sign malware

3) Like any other “Awesome X” list, this Awesome KMM repository holds a list that curates the best KMM libraries, tools and more. If you want to get into writing a Kotlin Multiplatform Mobile app than you should definitely check it out!

🔗 Awesome KMM

4) A great introduction into Dependency Injection tools for KMM projects 🎬

🔗 Dependency Injection in Kotlin Multiplatform Mobile projects | KMM Beta

That’s it for today. Thanks for being here and see you in the next one!

Cheers, Patryk

patrykkosieradzki.com | androiddevnews.com | androidtalks.com

P.S.
Would you like to ask me about something?
Just answer this email and I will be happy to get back to you!

If you’d like to read previous issues, please visit the archive on my website.