Dueling Banjos: Inter-app Communication

transcript

Dueling Banjos(Inter-App Communication)

Michael DorinDan Ratcliff

1Wednesday, March 20, 13

Agenda• Introduction

• That was my Intent!

o Android Inter-App Communication

o Bound and Determined

• UR’all that… and more!

o iOS Inter-App Communication

• Android Security

• IoS Security

Introduction

• Inter-application communication promotes development of feature rich applications

• Developers leverage existing services to create rich, ‘seamless’ applications

Introduction

• Android and iOS provide messaging systems for communications within and between applications

• These message systems also facilitate attacks

• Applications are...Built upon components

• Components

o Activity

o Service

o Broadcast Receiver

o Content Provider

• Inter-app communications

Android Vocabulary

• Application startup

• Android creates a 'Linux' process with a single thread of execution

• You can (and probably will) create more than a single thread of execution

• By default, all components of the same application run in the same process

Processes and Threads

Component Data Paths

System

Service

ActivityActivity

Service

That was my intent

• Intents launch activities and services

• Intents can hold data

“Intents are system messages, running around the inside of the device, notifying applications of various events, from hardware state changes (e.g.,an SD card was inserted), to incoming data (e.g., an SMS message arrived),to application events (e.g., your activity was launched from the device’s main menu).”http://android.programmerguru.com/android-intent-example/

Thats ‘intents’

• You may transmit Data in Intents

• You may return Data in Intents

• Implicit intents can launch a variety of activities or services

• Explicit intents explicitly launch one particular activity or service

Intent()Create an empty intent.

Intent(String action)Create an intent with a given action.

Intent(String action, Uri uri)Create an intent with a given action and for a given data url.

Intent(Context packageContext, Class<?> cls)Create an intent for a specific component.

Creates an ‘implicit’ intent

Creates an ‘explicit’ intent

Intent Constructors

Implicit Intent

The primary pieces of information in an intent are:

• action -- The general action to be performed, such as ACTION_VIEW, ACTION_EDIT, ACTION_MAIN, etc.

• data -- The data to operate on, such as a person record in the contacts database, expressed as a Uri.

Intent(String action, Uri uri)

• ACTION_VIEW content://contacts/people/1 -- Display information about the person whose identifier is "1".• ACTION_DIAL content://contacts/people/1 -- Display the phone dialer with the person filled in.• ACTION_VIEW tel:123 -- Display the phone dialer with the given number filled in. Note how the VIEW action does what

what is considered the most reasonable thing for a particular URI.• ACTION_DIAL tel:123 -- Display the phone dialer with the given number filled in.• ACTION_EDIT content://contacts/people/1 -- Edit information about the person whose identifier is "1".• ACTION_VIEW content://contacts/people/ -- Display a list of people, which the user can browse through. This example is

a typical top-level entry into the Contacts application, showing you the list of people. Selecting a particular person to view would result in a new intent {ACTION_VIEW content://contacts/N } being used to start an activity to display that person.

Examples:

http://developer.android.com/reference/android/content/Intent.html

Explicit IntentIntent(Context packageContext, Class<?> cls)

The primary pieces of information in an intent are:

Context -- package context where the class you wish to invoke resides

Class -- name of the class

• category -- Gives additional information about the action to execute. • type -- Specifies an explicit type (a MIME type) of the intent data. • component -- Specifies an explicit name of a component class to use for the intent. • extras -- This is a Bundle of any additional information

Additional attributes

intent = new Intent(this, com.chaski.mobilemarchexample.EasyActivity.class);

startActivity(intent);

Example:Explicit Intent

Activity LaunchedIntra-App

Context

Class Implementing Activity

EasyActivity.java

Example:Explicit IntentService LaunchedIntra-App

@Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.easy_layout); Intent intent = new Intent(this, com.chaski.mobilemarchexample.EasyService.class); intent.putExtra("messenger", messenger); startService(intent);} messenger

Activity launched, now launch a service!

See EasyActivity.java

@Override public int onStartCommand(Intent intent, int flags, int startId) { Messenger messenger = intent.getParcelableExtra("messenger"); MyRunnable mr = new MyRunnable(messenger); Thread t = new Thread(mr); t.start(); return Service.START_STICKY; }

Inside the Service(EasyService.java)

....Message message = Message.obtain(null, 1, 0, 0);try { Bundle data = new Bundle(); data.putString("mystring", "myvalue:"+i); message.setData(data); messenger.send(message); } catch (RemoteException e) { }...

within myRunnable

grab messenger

packagpublic class EasyActivity extends Activity { MyHandler handler = new MyHandler(); Messenger messenger = new Messenger(handler);

.......

class MyHandler extends Handler { @Override public void handleMessage(Message msg) { switch (msg.what) { case 1: String mydata = msg.getData().getString("mystring"); Toast.makeText(getApplicationContext(), "Got Message:"+mydata, Toast.LENGTH_SHORT).show(); break; case 2: Toast.makeText(getApplicationContext(), "EasyService has ended", Toast.LENGTH_SHORT).show(); default: super.handleMessage(msg); } } }}

Activity Handler

See EasyActivity.java

So far

• 2 Examples

• Launch activity with explicit intent and no expectation of returned data

• Launch service with explicit intent with expectation of data passed via messenger/handler

Next example

• startActivityForResult - Expect a result from the calling activity

• new activity registers for broadcast receiver

• new activity starts a service

• service finishes, sends message via broadcast

• Activity finishes and returns result

Example 3:Explicit Intent

Activity LaunchedIntra-App

intent = new Intent(this, com.chaski.mobilemarchexample.TrivialActivity.class); startActivityForResult(intent,72);

@Override protected void onActivityResult(int requestCode, int resultCode, Intent data) { String retData = data.getStringExtra("result"); String giantToastString = "onActivityResult-requestCode:"+requestCode+ " "

+"onActivityResult-resultCode:"+resultCode+" "+"returnedData:"+retData; Toast.makeText(this, giantToastString,Toast.LENGTH_SHORT).show(); ... }

requestCode

MainActivity.java

*You can do the same thing with a service*It takes a couple Extra Steps though*See simpleActivity.java/simpleService.java

@Overridepublic void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.trivial_layout); receiver = new ResponseReceiver(); registerReceiver(receiver, new

IntentFilter("com.chaski.mobilemarchexample.TrivialActivity.broadcast.update")); Intent intent = new Intent(this,com.chaski.mobilemarchexample.TrivialService.class); this.startService(intent);}

TrivialActivity.java

class ResponseReceiver extends BroadcastReceiver { @Override public void onReceive(Context context, Intent intent) { Toast.makeText(getApplicationContext(), "TrivialService has ended",

Toast.LENGTH_SHORT).show(); } }

TrivialService will communication through a BroadcastReceiver

Or use a BroadcastReceiver

@Override public int onStartCommand(Intent intent, int flags, int startId) { MyRunnable mr = new MyRunnable(); Thread t = new Thread(mr); t.start(); return Service.START_STICKY; }

public void SendBroadcast(Boolean result, String Msg) { Intent i = new Intent(); i.setAction("com.chaski.mobilemarchexample.TrivialActivity.broadcast.update"); i.putExtra("result", result); i.putExtra("message", Msg); this.sendBroadcast(i); }

TrivialService.java

Response via Broadcast

Bound and Determined

• The server in a client-server interface.

• Allows components to send requests and receive responses

• Typically does not run in the background indefinitely

Bound Service

Bound Services

• A bound service allows other applications to bind to..to interact with it.

• You must implement the onBind()callback

• This method returns an IBinder object that defines the programming interface that clients can use to interact with the service.

Bound Services

• We can use messages as before

• We can invoke functions directly

Step 1- Make Servicefinal Messenger myMessenger = new Messenger(new MessageHandler());@Overridepublic IBinder onBind(Intent intent) { return myMessenger.getBinder();}

public class LocalBoundServiceBinder extends Binder { LocalBoundService getService() { return LocalBoundService.this; } }

@Override public IBinder onBind(Intent intent) { return binder; }

You need a binder!

Communicating via a messenger

Communicating via local methods

See BoundMessageService.java

See LocalBoundService.java

class BoundMessageServiceConnection implements ServiceConnection { public void onServiceDisconnected(ComponentName name) { Log.i(TAG, "Service Disconnected"); }

public void onServiceConnected(ComponentName name, IBinder service) { messageBinder = (IBinder) service; myMessenger = new Messenger(service); } };

BoundActivity.java

localBoundServiceConnection = new LocalBoundServiceConnection();intent = new Intent(this, com.chaski.mobilemarchexample.LocalBoundService.class);boundServiceBound = bindService(intent, localBoundServiceConnection, Context.BIND_AUTO_CREATE);

Make a connection, Start the service!

Use the service

localBoundService.getRandomNumber();BoundActivity.java

/** method for clients */ public int getRandomNumber() { return mGenerator.nextInt(100); }

BoundService.java

AIDL• Previous examples work well for services

local to application.

• If you want to expose a service for other applications, you need an AIDL file.

package com.chaski.mobilemarchexample;

interface AIDLServiceaidl { int add(in int value1, in int value2, out int[] value3);}

AIDLServiceaidl.aidl

Looks just like an interface file!

class AidlServiceConnection implements ServiceConnection {

public void onServiceConnected(ComponentName name, IBinder boundService) { service = AIDLServiceaidl.Stub.asInterface((IBinder) boundService); Log.i(TAG, "onServiceConnected() connected"); }

public void onServiceDisconnected(ComponentName name) { service = null; Log.i(TAG, "onServiceDisconnected() disconnected"); } }

Connection looks nearly the same

int res = 0; int[] value3 = new int[3]; try { res = service.add(1, 2, value3); } catch (RemoteException e) { // TODO Auto-generated catch block e.printStackTrace(); }

AIDL Use is almost the same

Note: parameters can be used to pass data back

See AidlActivity.java

What about implicit intents, leveraging other

peoples applications and reducing developer

burden?

intent = new Intent(MediaStore.ACTION_IMAGE_CAPTURE);startActivityForResult(intent, 987654321);

protected void onActivityResult(int requestCode, int resultCode, Intent intent) { if (requestCode == 987654321) { Bundle extras = intent.getExtras(); Bitmap bitmap = (Bitmap) extras.get("data"); } }

Lights Camera Action!

Request Code

Action

intent = new Intent();intent.setAction(Intent.ACTION_MAIN);intent.addCategory(Intent.CATEGORY_APP_EMAIL);

* In this example, we want an application that can handle email. We don’t care which one.

Implicit via category

Implicit Intents

• Work from intent filters

• You can define your own

intent = new Intent();intent.setAction(Intent.ACTION_MAIN);intent.addCategory("jeb");

* category is custom, named jeb! * Application that handles “jeb” needs this intent-filter in the manifest

<intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.DEFAULT"/> <category android:name="jeb"/></intent-filter>

You always need a default

ExampleImplicit via custom category

Uri uri = Uri.parse("imdb:///find?q=godfather");intent = new Intent(android.content.Intent.ACTION_VIEW, uri);startActivity(intent);

ExampleImplicit Intent via URI

Action

<intent-filter> <action android:name="android.intent.action.VIEW" /> <category android:name="android.intent.category.DEFAULT" /> <data android:scheme="ted"/>

</intent-filter>

Intent sender code: Uri uri = Uri.parse("ted:");intent = new Intent(android.content.Intent.ACTION_VIEW, uri);startActivity(intent);

Our Custom URI

ExampleImplicit Intent via Custom URI

<intent-filter> <action android:name="com.chaski.ButtonCatcher.catch" /> <category android:name="android.intent.category.DEFAULT" /> </intent-filter> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.DEFAULT"/> <category android:name="android.intent.category.APP_EMAIL"/> </intent-filter> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.DEFAULT"/> <category android:name="jeb"/> </intent-filter> <intent-filter> <action android:name="android.intent.action.VIEW" /> <category android:name="android.intent.category.DEFAULT" /> <data android:scheme="ted"/> </intent-filter> </activity>

Intent filters are loaded into Manifest

Custom Intents

UR’all that… and more!iOS Inter-App Communication

• Launching apps automatically via URLs

• Providing services from your app

• Sending values and returning results

• Standardizing interfaces with x-callback-url

“Launching” AppsManually

• “Launching” from user context

• App startup after install, power-up, kill, jettison, crash

• Returning from background

• Spring board (a.k.a Home Screen)

• Tap app icon

• Dock, Folders & Multitasking Bar

• “Search iPhone”

• Siri

• Hold Home button and say app name

Launching AppsAutomatically

• URL schemes

• E.g., http://www.w3schools.com/ fb://friends

• Document/file type support

• Local notifications

• Push notifications

Data Sharingvia Network

• Cloud service

• E.g., Facebook, DropBox, proprietary

• Allows non-iOS device and browser access

• iCloud

• Game Center

• Push notifications

Data Sharingon Device

• URL parameters

• E.g., http://maps.apple.com/?daddr=San+Francisco,+CA&saddr=cupertino

• Keychain Services

• Document/file type support

• Pasteboards

• Core Audio

• Core MIDI

AppleURL Schemes

Safari http://www.yahoo.com https://www.wellsfargo.com

Mail mailto:frank@wwdcdemo.example.com

Phone tel:1-408-555-5555

Text sms:1-408-555-1212

Maps http://maps.apple.com/?daddr=San+Francisco,+CA&saddr=cupertino

YouTube http://www.youtube.com/watch?v=2DSrJXQV9Og

iTunes http://phobos.apple.com/WebObjects/MZStore.woa/wa/viewAlbum?i=156093464&id=156093462&s=143441

In-App ServicesNative API

Safari UIWebView

Mail MFMailComposeViewController

Text MFMessageComposeViewController

Map MKMapView

YouTube UIWebView

iTunes

Launching App viaHTML Link

• HTML links<a href="tel:1-408-555-5555">Call your representative</a>

• Safari and Email apps

• UIWebView

LinkAuto-Detection

• Auto-detection of link-like text within HTML

• Telephone numbers

• URLs

• Parse-able strings containing “://”

• Missing “http://” prefix

Launching app viaNative API

• Objective-C APIUIApplication -canOpenURL:

UIApplication -openURL:

• ExampleNSURL *url = [NSURL URLWithString:@"tel:1-408-555-5555"];

if([[UIApplication sharedApplication] canOpenURL:url]) {

[[UIApplication sharedApplication] openURL:url];

Custom URL Schemes• Not cutting edge, but not always well-executed

• Many apps provide a “noun” to launch them yelp4://

flixter://

angrybirds-free://

angrybirds-hd-free://

• Fewer apps provide “verbs” to control themyelp:///search?terms=bars&location=sf

Custom URL SchemeExample

googlechrome: Launches Chrome app

googlechrome://www.yahoo.com Opens new tab and navigates to http://www.yahoo.com

googlechromes://www.wellsfargo.com Similar to https:

googlechrome-x-callback://x-callback-url/open?

x-success=myscheme%3A%2F%2F&

x-source=MyApp&

url=http%3A%2F%2Fwww.yahoo.com

Specifies display name and scheme of app for return

Discovering Schemes• iHasApp open source framework

• Correlates Schemes and app IDs

• schemeApps.json{ ...

"googlechrome": [535886823],

"googlechromes": [535886823],

"googledrive": [507874739],

"googlegmail": [422689480],

"yelp4.2": [284910350],

"yelp4.4": [284910350],

App IDs• iTunes Preview

https://itunes.apple.com/us/app/chrome/id535886823?mt=8

• Look up

http://itunes.apple.com/lookup?id=535886823

Returns JSON

"trackId":535886823,

"trackName":"Chrome"

"artworkUrl60":"http://a1619.phobos.apple.com/us/r1000/064/Purple2/v4/96/8d/ce/968dcef9-32d8-bf0b-2e86-a1c0e75c61af/Icon.png",

Scheme “Actions”

• handleOpenURL website

• Search scheme index

skype:thurston.howell.iii?call

skype://lovey?chat

Schemes to the Extreme• akosma software web page

• URL encoding tips

CFURLCreateStringByAddingPercentEscapes()

preferred over

NSString -stringByAddingPercentEscapesUsingEncoding:

• Undocumented(?) Apple URL schemes

• Google Maps, Music, Videos, App Store, iBooks, iBooks Store, Podcasts

• Safer: comgooglemaps://

• Objective-C code examples

“App Launcher” Apps• Launch Center Pro

• Launch+

• Quickpick

• Launcher

• Speed U

• App Gate

• Simple Launcher

• Simple Phone Launcher

• Swipemint

• Pre-canned schemes & actions

• Detection of installed apps

• Links to App Store

• Custom URLs

• Clipboard or user prompt

• In app for iOS features

• Access to non-scheme iOS features

• Scheduled notifications

• Organize favorites

• Icon management

• Download new URLs

• Uni-directional; no return

"App Launcher"Typical Features

Your very ownURL scheme

• Choosing a “unique” scheme name

• No official master list beyond IANA

• Priority among conflicts undefined

• Cannot override Apple schemes

• “googlechrome:” instead of “chrome:”

• Search unofficial sources and “advertise” your own scheme!

Registering Schemewith iOS

• E.g., myApp-Info.plist

<key>CFBundleURLTypes</key>

<array>

! <dict>

! ! <key>CFBundleURLName</key>

! ! <string>com.mydomain.myapp</string>

! ! <key>CFBundleURLSchemes</key>

! ! <array>

! ! ! <string>myscheme</string>

! ! </array>

! </dict>

</array>

Handling Received URL

• Delegate callback APIUIApplicationDelegate -application:openURL:sourceApplication:annotation:

• Example- (BOOL)application:(UIApplication *)application openURL:(NSURL *)url sourceApplication:(NSString *)sourceApplication annotation:(id)annotation {

NSLog(@"%@", [url absoluteString]);

return YES;

“Parsing” the URL

• Call component methods on(NSURL *)url

[url scheme] NSString *theScheme = [url scheme]

[url user] "

[url password] "

[url host]

[url port] NSNumber *thePort = [url port]

[url path]

[url parameterString]

[url query]

[url fragment]

App Startup• A.k.a. “launching” vs. returning from background

• Delegate callback APIUIApplicationDelegate -application:didFinishLaunchingWithOptions:

• Example- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {

NSURL *url = [launchOptions valueForKey:UIApplicationLaunchOptionsURLKey];

NSLog(@"%@", [url absoluteString]);

return YES; // Allow openURL to run

Smart App Banners• Displays promotional banner on web page

Offers to take user to App or App Store as appropriate

• E.g., “LinkedIn Connections” email on iPhone

• Tapping button opens Safari “Sign in” page

• If LinkedIn app is installed, banner appears offering to “OPEN” it

• Tapping OPEN opens app

Return to Sender

• Facebook scheme format:

fb<ID>: E.g. , fb165260790249214:

• Google Chrome (as seen earlier)googlechrome-x-callback://x-callback-url/

• Terminology thesaurus lookup & selectionterminology://x-callback-url/

x-callback-url

• Encourages services that perform and return

• Standardizes service API structure

• Format and URL encoding

• Inter-App Communication (IAC)

• Taps & Swipes open source framework

How it Works

Client Server

theserverscheme:...?aclientscheme:...aclienttarget...

aclientscheme:.../aclienttarget?theserverparameters

NeedIt

DoingIt

• App “launch” via URL scheme used for both directions

• Server defines well-known scheme and service

• Client specifies return scheme & delegates

Service API Structure[scheme]://[host]/[action]?[x-callback parameters]&[action parameters]

• host x-callback-url

• x-callback query parameters

• App display name x-source

• Success delegate x-success

• Error delegate x-error

• Cancel delegate x-cancel

Terminology App

• Legacy lookupterminology://heavy

• Modern, but no return requestedterminology://x-callback-url/lookup?text=heavy

TerminologyReturn Result

• Request return (unencoded)terminology://x-callback-url/replace?

x-success=myscheme://x-callback-url/myReturnAction& x-source=MyAppName&

text=heavy

• Return Resultmyscheme://x-callback-url/myReturnAction?

text=heavy&

replaceWith=dense&

URL Encoding• Basic URL encoding

terminology://x-callback-url/lookup?text=heavy%20metal

• URL query parameters specify URLsterminology://x-callback-url/replace?

x-success=myscheme://x-callback-url/myReturnAction& x-source=MyAppName&

text=heavy

• Must encode these nested URLsterminology://x-callback-url/replace?

x-success=myscheme%3A%2F%2Fx-callback-url%2FmyReturnAction&

x-source=MyAppName&

text=heavy

• XCallbackURL open source test app

Replace “Heavy”

Replace with “Dense”

Just when your ‘intent’ was to go back into the

water!

• Unauthorized Intent Receipt

• Broadcast Theft

• Activity Hijacking

• Service Hijacking

• Intent Spoofing

• Malicious Broadcast Injection

Intent-Based Attacks

Unauthorized Intent Reception

• Broadcast Theft

• Eavesdropper can silently read contents of a broadcast without interrupting broadcast

• Attacker could launch denial of service or data injection attack

• Ordered Broadcasts can be subject to

• Malicious Broadcast Injection

• Malicious Activity Launch

• Malicious Service Launch

Intent Spoofing

How hard is this?

• apktool

• https://code.google.com/p/android-apktool/

• dare

• http://siis.cse.psu.edu/dare/index.html

How hard?•Get apktool.jar

•https://code.google.com/p/android-apktool/

•Get your apk files

•java -r apktool.jardecode ..

Look at that!Our manifest, our resources.

Oh the humanity!

Security

• Don’t mess with peoples data if you don’t have to.

• When sending private data, use explicit intents

• Internal Intents should always be explicit!

• Strong permissions be used. As strong as possible.

• Review signature permissions

iOS Scheme Security

• URLs inherently insecure

• No HTTPS equivalent

Hacking URL schemes

• iOS handling of duplicates

• Masquerading as client

• Masquerading as server

• Misrouting callbacks

• Discovering schemes

• Discovering apps

• Non-App Store hacking tools

What can be done?• Encrypt URL after scheme: (or schemes:// ?)

• Shared secret

• Public key cryptography

• Encrypted data must be “URL parseable” by iOS and URL encoded

• Send encrypted data out of band

• E.g., iOS Keychain Services

• Shared keychain

Keychain Services

• Create Entitlements.plist

• Add keychain-access-group

• ANSI C APICFDictionaryRef bridged from NSMutableDictionary

OSStatus SecItemAdd(CFDictionaryRef attributes, CFTypeRef *result)

OSStatus SecItemCopyMatching(CFDictionaryRef query, CFTypeRef *result)

I have just one question...

Thank you!

On the Android banjo and security mandolin:

On the iOS banjo and network protocol fiddle:

Michael Dorin dorinmike@gmail.com www.linkedin.com/in/michaeldorin

Dan Ratcliff dan_ratcliff@yahoo.com http://www.linkedin.com/in/danratcliff

Sources• Stackoverflow

• http://stackoverflow.com

• Android Developers Guide• http://developer.android.com/guide

• Intent and Intent Filters, by Sang Shin and Michèle Garoche • http://documents.cofares.net/miroires/AndroidPourValeurC/8-android_intent.pdf

• Systems and Internet Infrastructure Security, Dare• http://siis.cse.psu.edu/dare/installation.html

• Analyzing Inter-Application Communication in Android• http://www.cs.berkeley.edu/~afelt/intentsecurity-mobisys.pdf

Sources• Apple URL Scheme Reference

• http://developer.apple.com/library/ios/#featuredarticles/iPhoneURLScheme_Reference/Introduction/Introduction.html%23//apple_ref/doc/uid/TP40007891-SW1

• Communicating with Other Apps• http://developer.apple.com/library/ios/#documentation/iphone/conceptual/

iphoneosprogrammingguide/AdvancedAppTricks/AdvancedAppTricks.html

• iPhone Apps | Yelp for Developers• http://www.yelp.com/developers/documentation/iphone

• Opening Links in Chrome for iOS• https://developers.google.com/chrome/mobile/docs/ios-links

Sources• iHasApp - Installed App Detection

• http://www.ihasapp.com

• handleOpenURL: Shared App Communication on iOS• http://handleopenurl.com

• Skype URI Handler• http://dev.skype.com/desktop-api-reference#URI

• IPhone URL Schemes - akosma wiki• http://wiki.akosma.com/IPhone_URL_Schemes

• Google's New iOS Maps App and URL Scheme• http://www.pureoxygenmobile.com/googles-new-maps-ios-app-and-url-scheme/

Sources• Launch Center Pro

• https://itunes.apple.com/us/app/launch-center-pro/id532016360?mt=8

• Launch+• https://itunes.apple.com/us/app/launch+/id500606931?mt=8

• Quickpick• http://www.neoos.ch/https://itunes.apple.com/us/app/id483079724/quickpick

• Launcher• https://itunes.apple.com/us/app/launcher-quick-actions-shortcuts!/id511645204?

• Speed U• https://itunes.apple.com/us/app/speed-u/id510914771?mt=8

Sources• App Gate

• https://itunes.apple.com/us/app/app-gate./id566901497?mt=8

• Simple Launcher• https://itunes.apple.com/us/app/simple-launcher-for-ipad-launch/id467950393?

mt=8&ign-mpt=uo%3D2

• Simple Phone Launcher• https://itunes.apple.com/hk/app/simple-phone-launcher-launch/id430233514?mt=8

• Swipemint• https://itunes.apple.com/us/app/swipemint-fastest-simple-launcher/id540044893?

• URI Scheme• http://en.wikipedia.org/wiki/URI_scheme

Sources• Promoting Apps with Smart App Banners

• http://developer.apple.com/library/ios/#documentation/AppleApplications/Reference/SafariWebContent/PromotingAppswithAppBanners/PromotingAppswithAppBanners.html

• Share an App ID Across Apps - Facebook Developers• http://developers.facebook.com/docs/howtos/share-appid-across-multiple-apps-ios-

• Terminology Developers - Agile Tortoise• http://agiletortoise.com/terminology-developers/

• Opening Links in Chrome for iOS• https://developers.google.com/chrome/mobile/docs/ios-links

Sources• x-callback-url

• http://x-callback-url.com

• tapsandswipes/InterAppCommunication - GitHub• https://github.com/tapsandswipes/InterAppCommunication

• Taps and Swipes• http://tapsandswipes.com

• Terminology• https://itunes.apple.com/us/app/terminology/id380288546?mt=8

• agiletortoise/XCallbackURL - GitHub• https://github.com/agiletortoise/XCallbackURL

Sources• iOS Keychain: Sharing data between apps

• http://shaune.com.au/ios-keychain-sharing-data-between-apps/

• Keychain Services Programming Guide• https://developer.apple.com/library/ios/#documentation/security/conceptual/

keychainServConcepts/iPhoneTasks/iPhoneTasks.html%23//apple_ref/doc/uid/TP30000897-CH208-SW1

• Audiobus• http://audiob.us

• Dueling Banjos• http://www.youtube.com/watch?v=Vj9ghC2SgbY

Dueling Banjos: Inter-app Communication

Technology